如何在RESTXQ中对exist-db用户进行身份验证 [英] How to authenticate exist-db users in RESTXQ
问题描述
(完整的表述-由于没有答案): 我正在使用用户身份验证和RESTXQ开发一个exist-db应用程序.我的用户通过登录模块中的login:set-user函数登录.这是控制器的摘录:
(complete rephrase - since no answer): I am developing an exist-db application with user authentication and RESTXQ. My users log in via the login:set-user function from the login module. Here a snippet from the controller:
import module namespace login="http://exist-db.org/xquery/login" at "resource:org/exist/xquery/modules/persistentlogin/login.xql";
declare variable $local:login_domain := "org.exist-db.superApp";
declare variable $local:user := $local:login_domain || '.user';
let $logout := request:get-parameter("logout", ())
let $set-user := login:set-user($local:login_domain, (), false())
这很好用.如果我打电话给xmldb:get-current-user()在app:function()内的任何位置,我都会获得当前登录的用户名.
this works perfectly fine. If I call e.g. xmldb:get-current-user() anywhere within an app:function() I get the currently logged in username.
我还拥有一个RESTXQ模块,该模块具有几个功能,这些功能可以通过AJAX请求通过URL动态调用.其中一些操作(删除数据中的xml元素,添加新的集合...)非常关键.我不希望访客(或权限错误的用户)能够仅调用这些RESTXQ URL来操纵数据-因此RESTXQ必须受到保护,并且应仔细检查:是否允许当前登录的用户修改特定资源/收藏吗?
I also have a RESTXQ module with a couple of functions to be dynamically called via URL by AJAX requests. Some of these actions (deleting xml-elements in the data, adding new collections...) are rather critical. I don't want guests (or users with the wrong rights) to be able to just call these RESTXQ URLs to manipulate the data - so RESTXQ must be secured and it should doublecheck: is the currently logged in user allowed to modify specific resources/collections?
如果我打电话给xmldb:get-current-user()在任何RESTXQ函数中,我总是会得到访客",所有安全管理器(sm)函数也表明RESTXQ中不了解当前用户的登录信息.仅当我在每个RESTXQ函数中执行xmldb:login("/db",用户名",密码")之类的命令时,RESTXQ才知道有人登录,但用户名和密码不应始终通过来回传递. URL-尚未传递此数据,RESTXQ函数似乎对此一无所知(对吗?).
If I call e.g. xmldb:get-current-user() in any RESTXQ function, I always get "guest", all the security manager (sm) functions also indicate that within RESTXQ there is no knowledge about the current user login. Only if I do something like xmldb:login("/db","username","password") in each RESTXQ function, RESTXQ seems to know someone is logged in, but usernames and passwords should not constantly be passed back and forth via URL - yet without passing this data in, RESTXQ functions don't seem to know about it (right?).
那么我如何确定RESTXQ只允许经过身份验证的用户更改数据(无需用户多次进行身份验证,而不必在每次请求时都将身份验证数据传递给RESTXQ).
So how do I make sure, RESTXQ lets only authenticated users change data (without users having to authenticate multiple times and without having to pass the authentication data to RESTXQ on each request)?.
示例用例: 我想要一个RESTXQ函数,该函数获取搜索字符串($ text)和集合路径($ path)作为输入,现在它检查$ path中的所有xml文件:如果当前登录的用户(必须经过验证!)具有对该文件的写入权限,删除所有包含$ text的节点,并向用户返回一些JSON响应...
example use-case: I want a RESTXQ function that gets a search-string ($text) and a collection-path ($path) as input, now it checks for all xml files in $path: If the currently logged-in-user (must be authenticated!) has writing-access to the file, delete all nodes that contain $text and return some JSON response to the user...
我有多个此类功能,(移动,删除和添加数据,添加新集合...),除了粗体部分外,它们都很好用:我没有得到这个 If .想法?
I have multiple such functions, (move, delete and add data, add new collections... ), they work nicely except for the bold part: I do not get this If in. Any ideas?
PS:eXist邮件列表上的这个主题提出了相同的要求问题.在这里,@ adamretter表示要限制RESTXQ模块文件本身,因此,在调用函数时,即使已使用持久登录,也会提示用户(重新)进行身份验证.这就是我不喜欢的东西:
PS: this topic on the eXist mailing list asks the same question. Here @adamretter sugests to restrict the RESTXQ module file itself, so users get prompted to (re-)authenticate when a function is called - even if they already used the persistent log-in. This is what I don't like:
- 我不希望我的用户必须多次登录(这是使事情尽可能动态化的想法-例如,使用RESTXQ)
- 通过登录模块提示的登录名(用于执行RESTXQ)和先前的登录名(永久)现在可以有所不同!
- 即使用户在应用程序中注销,RESTXQ仍被授予访问权限,因为提示的身份验证对注销一无所知.如果新用户登录(不在提示符下,而是通过登录模块)登录,那么她仍然可以访问RESTXQ,因为不会再次提示(并且我不知道如何注销"此提示,看似并发)登录).
- 我可以这样限制整个RESTXQ模块,但我仍然不知道如何在RESTXQ函数中询问:"当前用户对资源A,B,C拥有什么访问权限...
- I don't want my users to have to log in multiple times (that's the idea of getting things as dynamic as possible - e.g. by using RESTXQ)
- the prompted login (for executing RESTXQ) and the previous login (persitent) via the login-module can differ now!
- even if the user logs out within the the application, RESTXQ is still granted access because that prompted authentication knows nothing about the logout. If a new user logs (not in the prompt, but via the login-module) she still has access to RESTXQ, because this is not re-prompted (and I don't know how to "logout" this prompted, seemingly parallel second login).
- I can restrict the whole RESTXQ module this way, but I still don't know how to ask within a RESTXQ function: "what access rights does current user have on resource A, B, C...
推荐答案
RESTXQ API是无状态的.因此,您需要在每个请求上进行身份验证.这种情况是有意的,并且是有意设计的,因此每个RESTXQ调用都可以有效地独立运行.
The RESTXQ API is stateless. So you need to authenticate on each request. This intentionally the case and is done by design so that each RESTXQ call can work in isolation efficiently.
这很正常,因为其他API(例如Amazon S3)也要求在每次请求时都提供这种身份验证.
This isn't unusual as other APIs such as Amazon's S3 also require such authentication to be provided on each request.
您的用户如何向RESTXQ进行身份验证以及如何提示他们输入请求凭据(并可能重用这些凭据)不在RESTXQ API的范围之内,而是被认为是您需要自己解决的客户端问题应用程序.
How your users authenticate to RESTXQ and how you prompt them for the request credentials (and possibly reuse those) is outside the scope of the RESTXQ API, and instead is considered to be a client issue that you need to solve in your own application.
这篇关于如何在RESTXQ中对exist-db用户进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
