No, it has to be JWT. As I understand it, they are not compatible.
2017-09-18 10:09 GMT+02:00 Geert Josten <[email protected]>: > Could SAML authorization be of use to you? http://docs.marklogic.com > /guide/security/external-auth#id_81653 > > SAML support was added in MarkLogic 9. > > Cheers, > Geert > > From: <[email protected]> on behalf of Andreas > Hubmer <[email protected]> > Reply-To: MarkLogic Developer Discussion <[email protected]> > Date: Monday, September 18, 2017 at 9:07 AM > To: MarkLogic Developer Discussion <[email protected]> > Subject: Re: [MarkLogic Dev General] Create temporary user > > Justin, > > I'll answer for my colleague. > We'd like to use JSON Web Tokens (JWT) and extract the user roles from the > token. > The users are managed in an external system and similar to the LDAP > connection we want to avoid that every user has to be created/updated in > MarkLogic too. > > Amps do not give the same flexibility as a temporary user with an > arbitrary combination of roles. > > Thanks, > Andreas > > 2017-09-15 17:50 GMT+02:00 Justin Makeig <[email protected]>: > >> Andreas, >> Rather than describe your solution, can you explain the problem you’re >> trying to solve? Why do you think you need a temporary user? What >> permission/privilege challenge are you trying to address? >> >> You might also take a look at amps <https://docs.marklogic.com/gu >> ide/admin/security#id_81246>. An amp allows a security administrator to >> elevate the privileges of a specific function. This is beneficial in that >> the security is defined in configuration, not code. >> >> Justin >> >> >> -- >> Justin Makeig >> Senior Director, Product Management >> MarkLogic >> [email protected] >> >> >> >> > On Sep 15, 2017, at 4:29 AM, Andreas Holzgethan < >> [email protected]> wrote: >> > >> > Hi @all, >> > >> > I need the possibility to create temporary user for a transaction. >> > I just found in the documentation that such a functionality is used >> when for example LDAP is configured as an external security. >> > >> > Could you please explain me how this is done there? >> > >> > My thirst thought was to create a user with the function >> "sec:create-user-with-role". At the end of the transaction I would just >> call the function "sec:remove-user". >> > Could you please give me feedback about this implementation? >> > Is such a implementation a big influence on the performance? >> > >> > Thanks! >> > >> > Best regards >> > Andreas Holzgethan >> > >> > Andreas Holzgethan BSc. >> > >> > IT Consultant >> > > -- > Andreas Hubmer > Senior IT Consultant > > EBCONT enterprise technologies GmbH >
_______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
