grtjn
commented
4 years ago provide libs that are disclosed in multiple ways: rest extension, data services, and custom rest endpoints.
Open grtjn opened 4 years ago
grtjn
commented
4 years ago provide libs that are disclosed in multiple ways: rest extension, data services, and custom rest endpoints.
grtjn
commented
4 years ago app-level auth requires special care with deployment. This may need to be added to build.gradle:
task setAppLevelAuth(type: com.marklogic.gradle.task.ServerEvalTask) {
doFirst {
println "Setting app-level auth in " + mlGroveAppName
}
client = mlAppConfig.newAppServicesDatabaseClient()
xquery = "xdmp:invoke('/admin/set-server-auth.xqy', map:new((map:entry('server', '" + mlGroveAppName + "'), map:entry('authentication', 'application-level'))), map:entry('modules', xdmp:database('" + mlAppConfig.modulesDatabaseName + "')))"
}
task undoAppLevelAuth(type: com.marklogic.gradle.task.ServerEvalTask) {
doFirst {
println "Restoring digest auth in " + mlGroveAppName
}
client = mlAppConfig.newAppServicesDatabaseClient()
xquery = "try { xdmp:invoke('/admin/set-server-auth.xqy', map:new((map:entry('server', '" + mlGroveAppName + "'), map:entry('authentication', 'digest'))), map:entry('modules', xdmp:database('" + mlAppConfig.modulesDatabaseName + "'))) } catch (\$ignore) {}"
}
mlLoadModules.dependsOn undoAppLevelAuth
mlLoadModules.finalizedBy setAppLevelAuth
mlLoadData.dependsOn undoAppLevelAuth
mlLoadData.finalizedBy setAppLevelAuth
mlDeployApp.dependsOn undoAppLevelAuth
mlDeployApp.finalizedBy setAppLevelAuthand:
xquery version "1.0-ml";
import module namespace c = "http://marklogic.com/roxy/application-config" at "/config/config.xqy";
import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy" ;
declare default function namespace "http://www.w3.org/2005/xpath-functions"; (::)
declare option xdmp:mapping "false";
declare variable $server external;
declare variable $authentication external;
let $config := admin:get-configuration()
let $config := admin:appserver-set-authentication($config, xdmp:server($server), $authentication)
return
admin:save-configuration-without-restart($config)(might be fun to leverage manage rest api for this, but not sure how easy that would be..)
For supporting app-level auth with custom login code