Developers should consider using privileges to provide access instead of MarkLogic’s out of the box roles, which may unwittingly expose restricted content to end-users. Samplestack encountered this scenario and illustrates the design pattern to use the rest-reader privilege instead of the rest-reader role for its application-specific security model.
In designing Samplestack, a sample MarkLogic application that provides search and updates across Question & Answer content, our team wanted to demonstrate how the database’s built-in capabilities enhance the application developer’s experience. One of the differentiating features of MarkLogic’s enterprise NoSQL database is having ACID transactions, and more specifically its support for multi-document, multi-statement transactions.
Stay on top of everything Marklogic.
Be the first to know! News, product information, and events delivered straight to your inbox.