[MarkLogic Dev General] URI Privileges
Paul Preuveneers
paul.preuveneers at gmail.com
Mon Apr 23 03:37:10 PDT 2007
Hi,
I am trying to lock down a particular URI to a particular role/user and I
don't seem to be able to
get the URI Privileges functionality to work.
I have the following idiom for users and roles:
Role User
web-user my-web-user
content-manager my-content-manager
The web-user role does not have document update privileges, whereas the
content-manager role does.
I connect to ML using my-web-user and only use content-manager when loading
data or for cq.
I want to be able to let the web-user role only update a specific URI and
nowhere else, however even after creating
a URI privilege and assigning it to that role, I still cannot create
documents in that uri (or anywhere else!). The user
still seems to need document update privileges? But if I grant these I can
create docs in any URI.
I can also still create documents in the protected URI with the
content-manager user also, and I was hoping
this would not be allowed until I gave the privilege to this role also.
So far, I can't see the URI Privileges having any kind of effect at all...
What am I doing wrong?
Thanks
Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://xqzone.marklogic.com/pipermail/general/attachments/20070423/0772d2f3/attachment.html
More information about the General
mailing list