Re: [MarkLogic Dev General] Create temporary user

Thanks, this seems to be exactly what we were looking for. Much better than creating a temporary user. We'll use Amps to assign the xdmp:login privilege to the JWT checking code. The session is not needed, we'll check the JWT each time. Thanks, Andreas 2017-09-18 15:27 GMT+02:00 Jason Hunter :

Re: [MarkLogic Dev General] Create temporary user

Great, so make sure those role names map to those held in MarkLogic and then you can use xdmp:login. Notice how xdmp:login accepts a $role-names sequence of roles you want the user to have after logging in. It was added for just this use case. You just need a single weak user that everybody ca

Re: [MarkLogic Dev General] Create temporary user

It is possible to add authorization information (roles) to the JWT. Example: { "iss": "...", "sub": "...", "exp": ..., "iat": ..., "jti": "...", "ver": "0.1", "idp": "..", "name": "Doe", "firstName":"John", "email":"j...@doe.com", "roles": ["role1", "role2"] } 2017-09-18 14

Re: [MarkLogic Dev General] Create temporary user

I understand that JWT will provide for authentication. How do you intend to do authorization? Meaning, how do you intend to know what roles the username given in the JWT should have within MarkLogic? Or do all authenticated users get the same roles, or something? -jh- On Sep 18, 2017, at 15

Re: [MarkLogic Dev General] Create temporary user

on.* > > > > > > *From: * on behalf of Andreas > Hubmer > *Reply-To: *MarkLogic Developer Discussion com> > *Date: *Monday, 18 September 2017 at 6:53 pm > > *To: *MarkLogic Developer Discussion > *Subject: *Re: [MarkLogic Dev General] Create temporary user > >

Re: [MarkLogic Dev General] Create temporary user

r Discussion Subject: Re: [MarkLogic Dev General] Create temporary user No, it has to be JWT. As I understand it, they are not compatible. 2017-09-18 10:09 GMT+02:00 Geert Josten mailto:geert.jos...@marklogic.com>>: Could SAML authorization be of use to you? http://docs.marklogic.

Re: [MarkLogic Dev General] Create temporary user

, > Geert > > From: on behalf of Andreas > Hubmer > Reply-To: MarkLogic Developer Discussion > Date: Monday, September 18, 2017 at 9:07 AM > To: MarkLogic Developer Discussion > Subject: Re: [MarkLogic Dev General] Create temporary user > > Justin, > > I'll

Re: [MarkLogic Dev General] Create temporary user

gt; Reply-To: MarkLogic Developer Discussion mailto:general@developer.marklogic.com>> Date: Monday, September 18, 2017 at 9:07 AM To: MarkLogic Developer Discussion mailto:general@developer.marklogic.com>> Subject: Re: [MarkLogic Dev General] Create temporary user Justin, I'll answe

Re: [MarkLogic Dev General] Create temporary user

Justin, I'll answer for my colleague. We'd like to use JSON Web Tokens (JWT) and extract the user roles from the token. The users are managed in an external system and similar to the LDAP connection we want to avoid that every user has to be created/updated in MarkLogic too. Amps do not give the

Re: [MarkLogic Dev General] Create temporary user

Andreas, Rather than describe your solution, can you explain the problem you’re trying to solve? Why do you think you need a temporary user? What permission/privilege challenge are you trying to address? You might also take a look at amps

[MarkLogic Dev General] Create temporary user

Hi @all, I need the possibility to create temporary user for a transaction. I just found in the documentation that such a functionality is used when for example LDAP is configured as an external security. Could you please explain me how this is done there? My thirst thought was to create a user