Hi Jeroen, It mainly depends on where you need access to the permissions/privileges/users, and what artifacts are already in place. It is not uncommon to have user administration in an LDAP server. In that case you don't want to replicate all user info into MarkLogic database, as that would involve continuous synchronisation.
If you want to fully utilize the security layer of MarkLogic, then perform all authentication and authorisation against the MarkLogic database. Should be that very difficult, though there is no LDAP api for connecting to MarkLogic. (Perhaps a nice to have? ;) Kind regards, Geert > Drs. G.P.H. Josten Consultant http://www.daidalos.nl/ Daidalos BV Source of Innovation Hoekeindsehof 1-4 2665 JZ Bleiswijk Tel.: +31 (0) 10 850 1200 Fax: +31 (0) 10 850 1199 http://www.daidalos.nl/ KvK 27164984 De informatie - verzonden in of met dit emailbericht - is afkomstig van Daidalos BV en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onbedoeld hebt ontvangen, verzoeken wij u het te verwijderen. Aan dit bericht kunnen geen rechten worden ontleend. > From: [email protected] > [mailto:[email protected]] On Behalf Of > Jeroen Pulles > Sent: maandag 5 oktober 2009 15:30 > To: General Mark Logic Developer Discussion > Subject: [MarkLogic Dev General] Integration with single sign > on and directory services? > > Hi, > > What are the possibilities for Mark Logic Server to integrate > with a single sign on (SSO) system for user authentication > and directory services for mapping group membership to Mark > Logic roles? I am specifically interested in integration with > a SAML 2.0 environment. > > My application has a Java layer in place in front of Mark > Logic. All access to Mark Logic Server is done over the XCC > connector. I /could/ do all privilege and permission control > in the Java layer. That seem to be a waste to me as ML > newbie, however, since the permissions/privilege > functionality is just what I want for my document management. > And I don't want to end up duplicating existing document > permissions/privilege functionality. > > Any advice? > > regards, > Jeroen > > -- > Jeroen Pulles > Xopus B.V., The Netherlands > > Xopus: The web based WYSIWYG XML Editor > _______________________________________________ > General mailing list > [email protected] > http://xqzone.com/mailman/listinfo/general > _______________________________________________ General mailing list [email protected] http://xqzone.com/mailman/listinfo/general
