Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
2.1.5
-
None
-
None
-
Operating System: other
Platform: Other
-
30928
-
Patch available
Description
It should be possible to have the following in the sitemap:
<map:generate
src="xmldb:db://{session-attr:user}:{session-attr:pass}@host:port/db/etc.xml" />
so each user can have their own authentication to the XMLDB as necessary. This
corresponds to the missing "application managed security" paradigm; currently
XMLDBSource only implements "container managed security".
The attached patch accomplishes this goal. UserInfo in the URI overrides
"container managed" credential information if it exists. This seems consistent
with J2EE.
<map:generate
src="xmldb:db://{session-attr:user}:{session-attr:pass}@host:port/db/etc.xml" />
so each user can have their own authentication to the XMLDB as necessary. This
corresponds to the missing "application managed security" paradigm; currently
XMLDBSource only implements "container managed security".
The attached patch accomplishes this goal. UserInfo in the URI overrides
"container managed" credential information if it exists. This seems consistent
with J2EE.