Hi and thanks for the quick response!
Ok. Now I see how that works.
As I see it there is no way of doing this selectively. Like having the / page not having authentication and /dba do authentication using some other method. Or if I have some service where I need to decide at runtime in XQuery code that I now would like to require the client to do digest authentication. Digest authentication cannot be hooked to the %perm annotation I think.
Is that correct or am I missing something?
Best regards
Omar
Am 14.02.2019 um 18:39 schrieb Christian Grün:
Hi Omar,
Digest authentication with RESTXQ should work out of the box. The following changes in the configuration may be required:
• You’ll need to enable digest authentication in the web.xml configuration file [1] • By default, the admin user is enabled for RESTXQ requests. You’ll need to remove the corresponding entry [2]
Best Christian
[1] https://github.com/BaseXdb/basex/blob/9a089491894a01f9d8edb5d30e695f18b13bc9... [2] https://github.com/BaseXdb/basex/blob/9a089491894a01f9d8edb5d30e695f18b13bc9...
On Thu, Feb 14, 2019 at 6:35 PM Omar Siam Omar.Siam@oeaw.ac.at wrote:
Hi list!
I just experimented a bit to see if there is an obvious way to use HTTP digest authentication for some RESTXQ service I plan to write. I would prefer not to reimplement the HTTP digest logic in XQuery. I thought maybe there is a way to use the built in digest logic like for the REST endpoint. I don't seem to get that to work. Any suggestions?
Best regards
Omar Siam