Difference between revisions of "Web Application"

From BaseX Documentation
Jump to navigation Jump to search
(44 intermediate revisions by the same user not shown)
Line 1: Line 1:
BaseX can be used as [[Web Application]]. The following three HTTP services are available:
+
This page is part of the [[Getting Started]] Section. It describes how BaseX can be used to both provide simple APIs and build complex web applications.
  
* [[RESTXQ]] allows you to write web applications with XQuery,
+
=Startup=
* [[REST]]  offers a RESTful API for accessing database resources via URLs, and
 
* [[WebDAV]] provides access to databases via the file system.
 
  
This article describes different ways of deploying and configuring these services. The services can be deployed as follows:
+
* Run one of the {{Code|basexhttp}} or {{Code|basexhttp.bat}} scripts. Call the script with the {{Code|stop}} keyword to gracefully shut down the server.
 +
* If you have installed BaseX on ''Windows'', click on the '''BaseX HTTP Server (Start)''' icon.
  
* as standalone application by running the [[Startup#HTTP Server|BaseX HTTP Server]],
+
Various [[Command-Line_Options#HTTP Server|command-line options]] are available to simplify batch processing. The [[Start_Scripts|start script]] can be adjusted for individual purposes (e.g. if the default memory limit is too restrictive).
* as web servlet in a [[#Servlet Container|Servlet Container]], and
 
* as web servlet, using [[#Maven|Maven]].<br/><br/>
 
  
=Servlet Container=
+
An instance of the [https://www.eclipse.org/jetty/ Jetty Web Server] will be started, which by default listens to the port {{Code|8984}}. Additionally, the BaseX [[Database Server]] will be started, accessible on port {{Code|1984}}. The command-line output will look something like that (the JSP warning message [https://stackoverflow.com/questions/3521654/missing-jsp-support-in-jetty-or-confusing-log-message can be ignored]):
  
In order to deploy BaseX HTTP Services in a servlet container, you may download the WAR distribution of BaseX from the [http://basex.org/download download site] or compile it via <code>mvn compile war:war</code> in the <code>basex-api</code> package. The WAR file can then be deployed following the instructions of the corresponding servlet container ([http://www.eclipse.org/jetty/documentation/current/quickstart-deploying-webapps.html jetty], [http://tomcat.apache.org/tomcat-7.0-doc/deployer-howto.html tomcat]).
+
<syntaxhighlight lang="xml">
 +
BaseX [HTTP Server]
 +
[main] INFO org.eclipse.jetty.util.log - Logging initialized @375ms to org.eclipse.jetty.util.log.Slf4jLog
 +
[main] INFO org.eclipse.jetty.server.Server - jetty-9.4.21.v20190926; built: 2019-09-26T16:41:09.154Z; git: 72970db61a2904371e1218a95a3bef5d79788c33; jvm 13+33
 +
[main] INFO org.eclipse.jetty.webapp.StandardDescriptorProcessor - NO JSP Support for /, did not find org.eclipse.jetty.jsp.JettyJspServlet
 +
...
 +
Server was started (port: 1984).
 +
HTTP Server was started (port: 8984).
 +
HTTP STOP Server was started (port: 8985).
 +
</syntaxhighlight>
  
Configuring port, context path, etc. can be done by following the corresponding instructions of the used servlet container. This is needed if you want to replace the default URL path (e.g. http://localhost:8080/rest) with a custom one (e.g. http://localhost:8080/BaseX711/rest).
+
After startup, you can access an HTML welcome page via http://localhost:8984.
  
If run on a Jetty server you may use a {{Code|jetty.xml}} file for detailed server configuration. You can e.g. enable SSL connections or Jetty logging. Place the {{Code|jetty.xml}} right next to the {{Code|web.xml}}. For detailed configuration refer to the [http://wiki.eclipse.org/Jetty/Reference/jetty.xml Jetty Documentation]. A sample [https://github.com/BaseXdb/basex/blob/master/basex-api/src/main/webapp/WEB-INF/jetty.xml jetty.xml] is placed in the basex-api package.
+
The Jetty logging level can be adjusted by adding the following properties to the start script:
  
To run on [http://tomcat.apache.org/ Apache Tomcat], start the tomcat server and add any <code>*.war</code> distribution to deploy using the Tomcat web interface. By default, the interface is accessible via http://localhost:8080/manager/html/.
+
<syntaxhighlight lang="xml">
 +
-Dorg.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog -D{classref}.LEVEL=DEBUG
 +
</syntaxhighlight>
  
==Configuration==
+
BaseX can also be deployed as web servlet in a servlet container or with Maven:
  
All database options can be specified in the {{Code|web.xml}} file.
+
==Servlet Container==
They need to be represented as context parameters and prefixed with {{Code|org.basex.}}.
+
 
The most important options for the web application context are as follows:
+
In order to deploy BaseX HTTP Services in a servlet container, you can download the WAR distribution of BaseX from the [https://basex.org/download download site], or compile it by calling <code>mvn compile war:war</code> in the <code>basex-api</code> directory. The WAR file can then be deployed following the instructions of the corresponding servlet container ([https://www.eclipse.org/jetty/documentation/current/quickstart-deploying-webapps.html Jetty], [https://tomcat.apache.org/tomcat-9.0-doc/deployer-howto.html Tomcat], etc.).
 +
 
 +
You can configure the port, context path, etc. by following the instructions of the corresponding servlet container. This is needed if you want to replace the default URL path (e.g. http://localhost:8080/rest) with a custom one (e.g. http://localhost:8984/basex/rest).
 +
 
 +
If you use Jetty (which is the default HTTP server of BaseX), the server configuration is available via the {{Code|jetty.xml}} file, which is stored in the {{Code|WEB-INF}} directory next to the {{Code|web.xml}}. For detailed configuration, refer to the [https://www.eclipse.org/jetty/documentation/current/jetty-xml-config.html Jetty Documentation].
 +
 
 +
To run on [https://tomcat.apache.org/ Apache Tomcat], start the Tomcat server and add any <code>*.war</code> distribution to deploy via the Tomcat web interface. By default, the interface is accessible via http://localhost:8080/manager/html/.
 +
 
 +
==Maven==
 +
 
 +
Check out the BaseX sources via [[Developing with Eclipse|Eclipse]] or [[Git]]. Execute <code>mvn install</code> in the main project directory and then <code>mvn install jetty:run</code> in the <code>basex-api</code> sub-directory. This will start a Jetty instance in which the servlets will be deployed.
 +
 
 +
The same options as in the case of deployment apply in a servlet container. In this case, however, there is no WAR archive. Instead, Jetty looks up all files in the directory <code>[https://github.com/BaseXdb/basex/tree/master/basex-api/src/main/webapp basex-api/src/main/webapp]</code>. Jetty and servlet options can be configured in the {{Code|jetty.xml}} and {{Code|web.xml}} files as described above in the [[#Configuration|Servlet Container Configuration]]. The Jetty stop port can be changed in the [https://www.eclipse.org/jetty/documentation/current/jetty-maven-plugin.html Maven Jetty Plugin] sesion in the {{Code|pom.xml}} file.
 +
 
 +
=Services=
 +
 
 +
The following services are available and enabled by default:
 +
 
 +
{| class="wikitable"
 +
|- valign="top"
 +
! Name
 +
! Standard Path
 +
! Description
 +
|- valign="top"
 +
| [[RESTXQ]]
 +
| <code>/</code>
 +
| Write enriched APIs and full web applications with XQuery.
 +
|- valign="top"
 +
| [[WebSockets]]
 +
| <code>ws/</code>
 +
| Bidirectional client/server communication.
 +
|- valign="top"
 +
| [[REST]]
 +
| <code>rest/</code>
 +
| Straightforward access to XML databases and its resources.
 +
|- valign="top"
 +
| [[WebDAV]]
 +
| <code>webdav/</code>
 +
| Database access via the file system.
 +
|- valign="top"
 +
| Default
 +
| <code>static/</code>
 +
| Access to static server resources (HTML, JavaScript, CSS, images, …).
 +
|}
 +
 
 +
The [[DBA]] is a web-based database administration interface written in RESTXQ. It allows you to create and administrate databases, evaluate queries in realtime, view log files, manage users, etc. It is embedded in the full distributions of BaseX, and it can be accessed after startup via http://localhost:8984/dba/.
 +
 
 +
=Configuration=
 +
 
 +
Unless BaseX is deployed as servlet, the location of the web application directory can be adjusted via the {{Option|WEBPATH}} option, and compression of HTTP responses can be enabled via the {{Option|GZIP}} option.
 +
 
 +
Further database options can be defined as context parameters in the {{Code|web.xml}} file. The most important options for the web application context are:
  
 
{| class="wikitable"  
 
{| class="wikitable"  
Line 33: Line 92:
 
! Description
 
! Description
 
|-
 
|-
|<code>[[Options#USER|USER]]</code>
+
|{{Option|USER}}
|{{Code|admin}}
 
| Applies to REST and WebDAV service: If no user is specified, the credentials must be passed on by the client. Please check by yourself if it is safe to store your credentials in plain text.
 
|-
 
|<code>[[Options#USER|PASSWORD]]</code>
 
 
|{{Code|admin}}
 
|{{Code|admin}}
| Applies to REST and WebDAV service: If no password is specified, it must be passed on by the client. Please check by yourself if it is safe to store your credentials in plain text.
+
| If a user is specified, no credentials must be passed on by the client.
 
|-
 
|-
|<code>[[Options#HTTPLOCAL|HTTPLOCAL]]</code>
+
|{{Option|HTTPLOCAL}}
 
|{{Code|false}}
 
|{{Code|false}}
 
|Operation mode. By default, a database server instance will be started, as soon as the first HTTP service is called. The database server can be disabled by setting this flag to {{Code|true}}.
 
|Operation mode. By default, a database server instance will be started, as soon as the first HTTP service is called. The database server can be disabled by setting this flag to {{Code|true}}.
 
|-
 
|-
|<code>[[Options#RESTXQPATH|RESTXQPATH]]</code>
+
|{{Option|RESTXQPATH}}
 
|{{Code|.}}
 
|{{Code|.}}
 
|Relative or absolute directory referencing the [[RESTXQ]] modules. By default, the option points to the standard web application directory.
 
|Relative or absolute directory referencing the [[RESTXQ]] modules. By default, the option points to the standard web application directory.
 
|-
 
|-
|<code>[[Options#RESTPATH|RESTPATH]]</code>
+
|{{Option|RESTPATH}}
 
|{{Code|.}}
 
|{{Code|.}}
 
|Relative or absolute directory referencing queries and command-scripts that can be invoked via the [[REST#GET_Requests|run operation]] of REST. By default, the option points to the standard web application directory.
 
|Relative or absolute directory referencing queries and command-scripts that can be invoked via the [[REST#GET_Requests|run operation]] of REST. By default, the option points to the standard web application directory.
 
|-
 
|-
|<code>[[Options#AUTHMETHOD|AUTHMETHOD]]</code>
+
|{{Option|AUTHMETHOD}}
 
|{{Code|Basic}}
 
|{{Code|Basic}}
 
|The default authentication method proposed by the server. The available methods are {{Code|Basic}} and {{Code|Digest}}.
 
|The default authentication method proposed by the server. The available methods are {{Code|Basic}} and {{Code|Digest}}.
 
|}
 
|}
  
Path options may contain an absolute or relative path. If a relative path is specified, its root will be the servlet ({{Code|webapp}}) path:
+
All options are prefixed with {{Code|org.basex.}}. Local file paths in options may be absolute or relative. If a relative path is specified, its root will be the servlet’s ({{Code|webapp}}) path:
  
<pre class="brush:xml">  
+
<syntaxhighlight lang="xml">
  <context-param>
+
<context-param>
    <param-name>org.basex.dbpath</param-name>
+
  <param-name>org.basex.dbpath</param-name>
    <!-- will be rewritten to ..../webapp/WEB-INF/data -->
+
  <!-- will be rewritten to ..../webapp/WEB-INF/data -->
    <param-value>WEB-INF/data</param-value>
+
  <param-value>WEB-INF/data</param-value>
  </context-param>
+
</context-param>
  <context-param>
+
<context-param>
    <param-name>org.basex.repopath</param-name>
+
  <param-name>org.basex.repopath</param-name>
    <!-- will be kept as is -->
+
  <!-- will be kept as is -->
    <param-value>f:/basex/repository</param-value>
+
  <param-value>f:/basex/repository</param-value>
  </context-param>
+
</context-param>
</pre>  
+
</syntaxhighlight>  
  
 
Context parameters can be requested from XQuery via [[Process_Module#proc:property-names|proc:property-names]] and [[Process_Module#proc:property|proc:property]]. How to set these options is specific to the servlet container. For example, in Jetty it can be done by [http://www.eclipse.org/jetty/documentation/current/override-web-xml.html overriding the web.xml] file. Another option is to directly edit the {{Code|WEB-INF/web.xml}} file in the WAR archive (WAR files are simple ZIP files). Refer to the sample [https://github.com/BaseXdb/basex/blob/master/basex-api/src/main/webapp/WEB-INF/web.xml web.xml] of the basex-api package.
 
Context parameters can be requested from XQuery via [[Process_Module#proc:property-names|proc:property-names]] and [[Process_Module#proc:property|proc:property]]. How to set these options is specific to the servlet container. For example, in Jetty it can be done by [http://www.eclipse.org/jetty/documentation/current/override-web-xml.html overriding the web.xml] file. Another option is to directly edit the {{Code|WEB-INF/web.xml}} file in the WAR archive (WAR files are simple ZIP files). Refer to the sample [https://github.com/BaseXdb/basex/blob/master/basex-api/src/main/webapp/WEB-INF/web.xml web.xml] of the basex-api package.
  
Different credentials can be assigned to the REST and WebDAV service by specifying local init parameters. In the following example, specific credentials are set for the REST service:
+
To enable or disable a specific service, the corresponding servlet entry in the {{Code|web.xml}} file needs to be removed/commented.
  
<pre class="brush:xml">
+
==Authentication==
  <servlet>
 
    <servlet-name>REST</servlet-name>
 
    <servlet-class>org.basex.http.rest.RESTServlet</servlet-class>
 
    <init-param>
 
      <param-name>org.basex.user</param-name>
 
      <param-value>rest-user</param-value>
 
    </init-param>
 
    <init-param>
 
      <param-name>org.basex.password</param-name>
 
      <param-value>(:87!7X3$o3p</param-value>
 
    </init-param>
 
  </servlet>
 
</pre>
 
  
==Available Services==
+
Different credentials can be assigned to a service by specifying local init parameters. In the following example, an alternative user is specified for the REST service:
  
To enable or disable one of the provided services, the corresponding servlet entry in the {{Code|web.xml}} file needs to be removed/commented. The default URL paths are listed in the following table:
+
<syntaxhighlight lang="xml">
 +
<servlet>
 +
  <servlet-name>REST</servlet-name>
 +
  <servlet-class>org.basex.http.rest.RESTServlet</servlet-class>
 +
  <init-param>
 +
    <param-name>org.basex.user</param-name>
 +
    <param-value>rest-user</param-value>
 +
  </init-param>
 +
</servlet>
 +
</syntaxhighlight>
  
{| class="wikitable"
+
If the HTTP server is started with no pre-defined user, the credentials must be passed on by the client via [https://en.wikipedia.org/wiki/Basic_access_authentication Basic Authentication] or [https://en.wikipedia.org/wiki/Digest_authentication Digest Authentication] (depending on the server setting).
|- valign="top"
 
! Service
 
! URL
 
! Usage
 
|- valign="top"
 
| Default web server
 
| {{Code|http://[host]:[port]/[servlet_context_path]/static}}
 
| Access your standard web files (e.g. HTML, JavaScript or CSS).
 
|- valign="top"
 
| [[RESTXQ]]
 
| {{Code|http://[host]:[port]/[servlet_context_path]}}
 
| Create XQuery web services and applications.
 
|- valign="top"
 
| [[REST]]
 
| {{Code|http://[host]:[port]/[servlet_context_path]/rest}}
 
| Access XML database and its resources.
 
|- valign="top"
 
| [[WebDAV]]
 
| {{Code|http://[host]:[port]/[servlet_context_path]/webdav}} or<br/>{{Code|webdav://[host]:[port]/[servlet_context_path]/webdav}} (depending on client)
 
| Access databases via the filesystem.
 
|}
 
  
=Maven=
+
With cURL, internet browsers, and other tools, you can specify basic authentication credentials within the request string as plain text, using the format <code>USER:PASSWORD@URL</code>. An example:
  
Checkout the BaseX sources via [[Developing with Eclipse|Eclipse]] or [[Git]]. Execute <code>mvn install</code> in the <code>basex-core</code> project folder and then <code>mvn install jetty:run</code> in the <code>basex-api</code> project folder. This will start a Jetty instance in which the servlets will be deployed.
+
: <code>http://admin:admin@localhost:8984/</code>
 
 
==Configuration==
 
 
 
The same options as in the case of deployment in a servlet container apply. In this case, however, there is no WAR archive. Instead, Jetty looks up all files in the directory <code>[https://github.com/BaseXdb/basex/tree/master/basex-api/src/main/webapp basex-api/src/main/webapp]</code>. Jetty and servlet options can be configured in the {{Code|jetty.xml}} and {{Code|web.xml}} files as described above in the [[#Configuration|Servlet Container Configuration]]. The Jetty stop port can be changed in the [http://docs.codehaus.org/display/JETTY/Maven+Jetty+Plugin Maven Jetty Plugin] sesion in the {{Code|pom.xml}} file.
 
 
 
=User Management=
 
 
 
By default, the REST and WebDAV services require client-side authentication.
 
Default credentials can be stored server-side in the <code>web.xml</code> file or specified via
 
[[Command-Line Options#BaseX HTTP Server|command-line arguments]].
 
If the HTTP server is started with no pre-defined credentials, users and passwords can be sent via
 
[http://en.wikipedia.org/wiki/Basic_access_authentication HTTP Basic Authentication] or
 
[http://en.wikipedia.org/wiki/Digest_authentication Digest Authentication].
 
  
 
Users are specified in a {{Code|users.xml}} file, which is stored in the database directory (see [[User Management]] for more information).
 
Users are specified in a {{Code|users.xml}} file, which is stored in the database directory (see [[User Management]] for more information).
  
With cURL, and most browsers, you can specify the user name and password with each HTTP request within the request string as plain text, using the format <code>USER:PASSWORD@URL</code>. An example:
+
=Changelog=
  
: <code>http://admin:admin@localhost:8984/</code>
+
;Version 9.0
 +
* Updated: <code>jetty.xml</code> configuration file (required for Jetty 9).
  
=Changelog=
+
;Version 8.6
 +
* Updated: Authentication readded to RESTXQ.
 +
* Updated: No password must be specified in the <code>web.xml</code> file anymore.
 +
* Updated: Server-side user and authentication method is now enforced (cannot be overwritten by client).
  
 
;Version 8.0
 
;Version 8.0

Revision as of 12:47, 2 July 2020

This page is part of the Getting Started Section. It describes how BaseX can be used to both provide simple APIs and build complex web applications.

Startup

  • Run one of the basexhttp or basexhttp.bat scripts. Call the script with the stop keyword to gracefully shut down the server.
  • If you have installed BaseX on Windows, click on the BaseX HTTP Server (Start) icon.

Various command-line options are available to simplify batch processing. The start script can be adjusted for individual purposes (e.g. if the default memory limit is too restrictive).

An instance of the Jetty Web Server will be started, which by default listens to the port 8984. Additionally, the BaseX Database Server will be started, accessible on port 1984. The command-line output will look something like that (the JSP warning message can be ignored):

<syntaxhighlight lang="xml"> BaseX [HTTP Server] [main] INFO org.eclipse.jetty.util.log - Logging initialized @375ms to org.eclipse.jetty.util.log.Slf4jLog [main] INFO org.eclipse.jetty.server.Server - jetty-9.4.21.v20190926; built: 2019-09-26T16:41:09.154Z; git: 72970db61a2904371e1218a95a3bef5d79788c33; jvm 13+33 [main] INFO org.eclipse.jetty.webapp.StandardDescriptorProcessor - NO JSP Support for /, did not find org.eclipse.jetty.jsp.JettyJspServlet ... Server was started (port: 1984). HTTP Server was started (port: 8984). HTTP STOP Server was started (port: 8985). </syntaxhighlight>

After startup, you can access an HTML welcome page via http://localhost:8984.

The Jetty logging level can be adjusted by adding the following properties to the start script:

<syntaxhighlight lang="xml"> -Dorg.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StdErrLog -D{classref}.LEVEL=DEBUG </syntaxhighlight>

BaseX can also be deployed as web servlet in a servlet container or with Maven:

Servlet Container

In order to deploy BaseX HTTP Services in a servlet container, you can download the WAR distribution of BaseX from the download site, or compile it by calling mvn compile war:war in the basex-api directory. The WAR file can then be deployed following the instructions of the corresponding servlet container (Jetty, Tomcat, etc.).

You can configure the port, context path, etc. by following the instructions of the corresponding servlet container. This is needed if you want to replace the default URL path (e.g. http://localhost:8080/rest) with a custom one (e.g. http://localhost:8984/basex/rest).

If you use Jetty (which is the default HTTP server of BaseX), the server configuration is available via the jetty.xml file, which is stored in the WEB-INF directory next to the web.xml. For detailed configuration, refer to the Jetty Documentation.

To run on Apache Tomcat, start the Tomcat server and add any *.war distribution to deploy via the Tomcat web interface. By default, the interface is accessible via http://localhost:8080/manager/html/.

Maven

Check out the BaseX sources via Eclipse or Git. Execute mvn install in the main project directory and then mvn install jetty:run in the basex-api sub-directory. This will start a Jetty instance in which the servlets will be deployed.

The same options as in the case of deployment apply in a servlet container. In this case, however, there is no WAR archive. Instead, Jetty looks up all files in the directory basex-api/src/main/webapp. Jetty and servlet options can be configured in the jetty.xml and web.xml files as described above in the Servlet Container Configuration. The Jetty stop port can be changed in the Maven Jetty Plugin sesion in the pom.xml file.

Services

The following services are available and enabled by default:

Name Standard Path Description
RESTXQ / Write enriched APIs and full web applications with XQuery.
WebSockets ws/ Bidirectional client/server communication.
REST rest/ Straightforward access to XML databases and its resources.
WebDAV webdav/ Database access via the file system.
Default static/ Access to static server resources (HTML, JavaScript, CSS, images, …).

The DBA is a web-based database administration interface written in RESTXQ. It allows you to create and administrate databases, evaluate queries in realtime, view log files, manage users, etc. It is embedded in the full distributions of BaseX, and it can be accessed after startup via http://localhost:8984/dba/.

Configuration

Unless BaseX is deployed as servlet, the location of the web application directory can be adjusted via the WEBPATH option, and compression of HTTP responses can be enabled via the GZIP option.

Further database options can be defined as context parameters in the web.xml file. The most important options for the web application context are:

Option Default Description
USER admin If a user is specified, no credentials must be passed on by the client.
HTTPLOCAL false Operation mode. By default, a database server instance will be started, as soon as the first HTTP service is called. The database server can be disabled by setting this flag to true.
RESTXQPATH . Relative or absolute directory referencing the RESTXQ modules. By default, the option points to the standard web application directory.
RESTPATH . Relative or absolute directory referencing queries and command-scripts that can be invoked via the run operation of REST. By default, the option points to the standard web application directory.
AUTHMETHOD Basic The default authentication method proposed by the server. The available methods are Basic and Digest.

All options are prefixed with org.basex.. Local file paths in options may be absolute or relative. If a relative path is specified, its root will be the servlet’s (webapp) path:

<syntaxhighlight lang="xml"> <context-param>

 <param-name>org.basex.dbpath</param-name>
 <param-value>WEB-INF/data</param-value>

</context-param> <context-param>

 <param-name>org.basex.repopath</param-name>
 <param-value>f:/basex/repository</param-value>

</context-param> </syntaxhighlight>

Context parameters can be requested from XQuery via proc:property-names and proc:property. How to set these options is specific to the servlet container. For example, in Jetty it can be done by overriding the web.xml file. Another option is to directly edit the WEB-INF/web.xml file in the WAR archive (WAR files are simple ZIP files). Refer to the sample web.xml of the basex-api package.

To enable or disable a specific service, the corresponding servlet entry in the web.xml file needs to be removed/commented.

Authentication

Different credentials can be assigned to a service by specifying local init parameters. In the following example, an alternative user is specified for the REST service:

<syntaxhighlight lang="xml"> <servlet>

 <servlet-name>REST</servlet-name>
 <servlet-class>org.basex.http.rest.RESTServlet</servlet-class>
 <init-param>
   <param-name>org.basex.user</param-name>
   <param-value>rest-user</param-value>
 </init-param>

</servlet> </syntaxhighlight>

If the HTTP server is started with no pre-defined user, the credentials must be passed on by the client via Basic Authentication or Digest Authentication (depending on the server setting).

With cURL, internet browsers, and other tools, you can specify basic authentication credentials within the request string as plain text, using the format USER:PASSWORD@URL. An example:

http://admin:admin@localhost:8984/

Users are specified in a users.xml file, which is stored in the database directory (see User Management for more information).

Changelog

Version 9.0
  • Updated: jetty.xml configuration file (required for Jetty 9).
Version 8.6
  • Updated: Authentication readded to RESTXQ.
  • Updated: No password must be specified in the web.xml file anymore.
  • Updated: Server-side user and authentication method is now enforced (cannot be overwritten by client).
Version 8.0
  • Added: digest authentication
  • Updated: user management
  • Updated: default user/password disabled in web.xml
Version 7.7
  • Added: service-specific permissions
Version 7.5
  • Added: jetty.xml: configuration for Jetty Server
  • Updated: server replaced with httplocal mode
Version 7.3
  • Updated: client mode replaced with server mode
Version 7.2
  • Web Application concept revised