Knowledgebase:
Handling XDMP-MODNOTFOUND and XDMP-NOPROGRAM errors
20 May 2021 04:21 PM

Problem:

The errors 'XDMP-MODNOTFOUND - Module not found' and 'XDMP-NOPROGRAM - Server unable to build program from request' may occur when the requested module does not exist or the user does not have the right permissions on the module.

Solution:

When either of these errors is encountered, the first step would be to check if the requested XQuery/JS module is actually present in the modules database. Make sure the the document uri matches the 'root' of the relevant app-server.

'Modules' field of the app-server configuration specifies the name of the database in which this app-server locates the application code (if it is not set to 'File-system'). When it is set to a specific database, then only documents in that database whose URI begin with the specified root directory are executable. For example, if 'root'  of the database is set to "/codebase/xquery/", then only documents in the database which start with this uri "/codebase/xquery/" are executable.

If set to 'File-system' make sure the requested module exists in the location specified in the 'root' directory of the app-server. 

Defining a 'File-system' location is often used on single node DEV systems but not recommended on a clustered environment. To keep the deployment of code simple it is recommended to use a Modules database in clustered production system.

Once you made sure that the module does exist, the next step is to check if the user has the right permissions to execute the database. More often, it is likely that the error is caused because of a permissions issue.

(i) Check app-server privileges

The 'privilege' field in the app-server configuration, when set, specified the execute privilege required to access the server. Only users who are assigned this privilege can access the server and the application code. Absence of this privilege may cause the XDMP-NOPROGRAM error.

Make sure the user accessing the app-server has the specified privileges. This can be checked by using sec:user-privileges() (Should be run against the Security database).

The documentation here - http://docs.marklogic.com/guide/admin/security#id_63953 contains more detailed information about privileges.

(ii) Check permission on the requested module

The user trying to access the application code/modules is required to have the 'execute' permission on the module. Make sure all the xquery documents have 'read' and 'execute' permissions for the user trying to access them. This can be verified by executing the following query against your 'modules' database:

                 xdmp:document-get-permissions("/your-module")

This returns a list of permission on the document - with the capability that each role has, in the below format:

              <sec:permission xmlns:sec="http://marklogic.com/xdmp/security">
              <sec:capability>execute</sec:capability>
              <sec:role-id>4680733917602888045</sec:role-id>
              </sec:permission>
              <sec:permission xmlns:sec="http://marklogic.com/xdmp/security">
              <sec:capability>read</sec:capability>
              <sec:role-id>4680733917602888045</sec:role-id>
              </sec:permission>

You can then map the role-ids to their role names as below: (this should be done against the Security database)

              import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy";
              sec:get-role-names((4680733917602888045))

If you see that the module does not have execute permission for the user, the required permissions can be added as below: (http://docs.marklogic.com/xdmp:document-add-permissions)

             xdmp:document-add-permissions("/document/uri.xqy",

              (xdmp:permission("role-name","read"),
             xdmp:permission("role-name", "execute")))

 

 

     

 

 

 

(7 vote(s))
Helpful
Not helpful

Comments (0)