Ok. So, you don’t need an http server. You can run the BaseX server and use the native protocol. I have not done that.
The documentation about AUTHMETHOD says it concerns using HTTP.
Have you looked at the example in this:
http://docs.basex.org/wiki/Server_Protocol
In the example on the URL above, I think the third Client line is sending the hash and nonce.
Kendall
From: basex-talk-bounces@mailman.uni-konstanz.de on behalf of Dave Day David.Day@duke-software.com Date: Tuesday, October 17, 2017 at 3:06 PM To: "basex-talk@mailman.uni-konstanz.de" basex-talk@mailman.uni-konstanz.de Subject: Re: [basex-talk] AUTHMETHOD = Custom
Kendall,
I don't really understand enough about non-mainframe programming to really know for sure, but I don't think I want to get into writing code that has to construct HTTP dialog to communicate.
What I am wanting to do is to connect to the Basex server, give it the command(s) necessary to create a database, and then push xml across the connection.
From the Server Protocol
1. Client connects to server socket 2. Server sends a realm and nonce, separated by a colon: {realm:nonce} 3. Client sends the user name and a hash value. The hash is composed of the md5 hash of * the md5 hash of the user name, realm, and password (all separated by a colon), and * the nonce: {username} {md5(md5(username:realm:password) + nonce)} 4. Server replies with \00 (success) or \01 (error)
A big part of my problem is that I am an assembler language programmer that does not understand how to interpret a lot of the doc that I read. Bear with me if you will.
I've found a routine on my platform that I can call that will create an MD5 hash value. Lets say I wanted to use the default logon id of 'admin'. I am interpreting the doc that I have to make two calls to my routine.
The 1st call would create a hash using admin:realm value:admin. That is number 1. under the item 3.
But, what is it telling me with number 2. ??
I'm used to filling out a parm list with the correct values, then pointing R1 to the parmlist in storage, and calling a routine. Then check the return code that comes back from the call that is usually in R15....that kind of stuff.
And then I've got the difference in code pages to take into consideration, I believe. The data I get from the server is ascii.
-- Dave
On 10/17/2017 4:39 PM, Kendall Shaw wrote: Hi,
If you are using the http server because you plan to use basex over HTTP and you don’t want to require any authentication, then what I suggested should work.
For example, your program would use the HTTP protocol to interact with BaseX over REST:
http://docs.basex.org/wiki/RESThttps://urldefense.proofpoint.com/v2/url?u=http-3A__docs.basex.org_wiki_REST&d=DwMDaQ&c=DS6PUFBBr_KiLo7Sjt3ljp5jaW5k2i9ijVXllEdOozc&r=JgwnBEpN1c-DDmq-Up2QMq9rrGyfWK0KtSpT7dxRglA&m=ShUCNFqxyM51vqFlfV_61r6DOxWyhxLI_39_3HzvU1w&s=BKq2g4_XQG-thvH8sFeosCSy5443quD_ZDjHrZcip8k&e=
You could also write your basex side applications using RESTXQ and define your own protocol over HTTP for your z/OS program to use.
If you don’t want to use HTTP then you don’t need the HTTP server and can communicate with BaseX using its native protocol (I have not tried that):
http://docs.basex.org/wiki/Server_Protocolhttps://urldefense.proofpoint.com/v2/url?u=http-3A__docs.basex.org_wiki_Server-5FProtocol&d=DwMDaQ&c=DS6PUFBBr_KiLo7Sjt3ljp5jaW5k2i9ijVXllEdOozc&r=JgwnBEpN1c-DDmq-Up2QMq9rrGyfWK0KtSpT7dxRglA&m=ShUCNFqxyM51vqFlfV_61r6DOxWyhxLI_39_3HzvU1w&s=VFUOQjesvCO0qGrZN69dTWVe2-uyxeTCmwuBHBxCrCA&e=
If you can run Java on z/OS and you can use the basex java libraries, you could use one of the wrappers over the server protocol (that’s what I use in one case). Or you could embed basex within your java application.
Kendall
From: basex-talk-bounces@mailman.uni-konstanz.demailto:basex-talk-bounces@mailman.uni-konstanz.de on behalf of Dave Day David.Day@duke-software.commailto:David.Day@duke-software.com Date: Tuesday, October 17, 2017 at 2:26 PM To: "basex-talk@mailman.uni-konstanz.de"mailto:basex-talk@mailman.uni-konstanz.de basex-talk@mailman.uni-konstanz.demailto:basex-talk@mailman.uni-konstanz.de Subject: Re: [basex-talk] AUTHMETHOD = Custom
Kendall,
I did not make myself clear(again). Please forgive.
I've got my own application executing on an IBM z/OS platform that I want to have connect to the Basex server. This is not a browser that is trying to connect.
In the .bin file are scripts to start a server, and also what looks like an http server.
The doc specifically mentions HTTP server, so maybe this doesn't apply to the non-HTTP server.
I'm trying to figure out how to construct the response for the realm:nonce that the server sent, but not having a whole lot of luck so far.
Regards,
-- Dave
On 10/17/2017 4:05 PM, Kendall Shaw wrote: From: basex-talk-bounces@mailman.uni-konstanz.demailto:basex-talk-bounces@mailman.uni-konstanz.de on behalf of Dave Day David.Day@duke-software.commailto:David.Day@duke-software.com Date: Tuesday, October 17, 2017 at 9:53 AM To: "basex-talk@mailman.uni-konstanz.de"mailto:basex-talk@mailman.uni-konstanz.de basex-talk@mailman.uni-konstanz.demailto:basex-talk@mailman.uni-konstanz.de Subject: [basex-talk] AUTHMETHOD = Custom
Greetings list,
In the Basex configuration file, I added
AUTHMETHOD = Custom
After starting the server, the 1st response I get from the server when I connect to it is the realm:nonce values.
In the Basex manual, it states for AUTHMETHOD
Specifies the default authentication method, which will be used by the HTTP server for negotiating credentials. Allowed values are Basic, Digest, and Custom:
With custom authentication, the server will not do any authentication.
Is it possible to connect to Basex server without going thru any authentication?
Someone probably has a better answer than this. Web applications that you write using RESTXQ don’t have to require authentication. So, if RESTXQ fits with what you want to do, that would be one way to not require authentication for your applications. You could also create a user with a throw away password like “password”, grant the user admin permissions and then you can use that user to use BaseX REST functions or command from the basex server (not http).
For example, if you create user test with password test and granted the user admin, then:
http://test:test@localhost:8984/basex/rest?command=listhttps://urldefense.proofpoint.com/v2/url?u=http-3A__test-3Atest-40localhost-3A8984_basex_rest-3Fcommand-3Dlist&d=DwMDaQ&c=DS6PUFBBr_KiLo7Sjt3ljp5jaW5k2i9ijVXllEdOozc&r=JgwnBEpN1c-DDmq-Up2QMq9rrGyfWK0KtSpT7dxRglA&m=Ze_U47kGtTu-2O8cxVr7alsbVXakXZ_8jTguLi_wX6I&s=VrkNYPC-2STvUlL_88t0d6bsOfFoxVcCy2uZ7HJ4dtM&e=
Also, by default admin user’s password is admin.
Or you could embed basex within a java application.
Kendall