Read only Access User for Webdav | MarkLogic Support

Knowledgebase

108Administration 8App Services 42Errors 144MarkLogic Server 52Performance Tuning

Knowledgebase:

Read only Access User for Webdav 31 March 2015 02:04 PM
Introduction This article presents the steps to create a Read only Access User and a full access user to a Webdav Server. Details For read-only WebDAV access you can connect to WebDAV using the credentials of a user who does not have the rights to insert/update documents. This can be accomplished by creating a user and assigning roles to them through steps given below. 1. If one does not already exist, create a WebDAV server (Instructions available in the MarkLogic Server Administrators Guide) leave default user to "nobody", and leave required privilege empty 2. Create a role - for the purpose of these instructions, call the new role "Read_only_Access" After you have entered a name for the new role (Read-Only-Access), refresh the page and scroll to the "Default Permissions" section near the end of the page. The default permissions section will allow you to assign a capability to a particular role. In this case, we would select the "Read-Only-Access" role from the role drop down as well as the "read" capability. 3. Create a user and grant that user the "Read_only_Access" role. 4. Create another role - for the purpose of these instructions, call the new role "Write_only_Access" After you have entered a name for the new role (Write_only_Access), you can refresh the page and scroll to the "Default Permissions" section near the end of the page. The default permissions section will allow you to assign a capability to a particular role. In this case, we would select the "Write_only_Access" role from the role drop down as well as the "read", "insert","execute" and "update"capabilities. 5. Create another user and grant that user the "Write_only_Access" role. 6. Set permission on the "/" directory so the "Read_only_Access" / "Write_only_Access" role can view/make changes respectivley. This can also be accomplished by code as well. `xdmp:document-add-permissions("/",xdmp:permission("Read_only_Access","read"))` `xdmp:document-add-permissions("/",xdmp:permission("Write_only_Access",("read", "insert","execute","update"))` 7. When you connect to a WebDAV client, both user will be able to view the root "/" directory, but cannot create files or folders. For this you will need to create a URI privilege for the "/" URI and add the "Write_only_Access" role. Now the "Read_only" user can read those documents, and the "Write_only" user can both read and update the documents. Existing Documents While the user just created will have expected access to all the new documents, for previously existing documents in the database you will need to add the read permission to the documents contained in your database. This can be accomplished with `xdmp:document-add-permission().` For example: `xdmp:document-add-permissions("/example.xml", xdmp:permission("Read_only_Access", "read"))` MarkLogic Documentation For more details on how to manage security. please refer to the Security Administration section of our Administrators Guide.
(1 vote(s)) Helpful Not helpful

Comments (0)