Tamino Security

I am having trouble setting up access control in Tamino XML Database.

Let me explain:

My configuration: Tamino XML Database (from XML starter kit) running on Windows 2000.

I have created users, groups and acls in collection ino:security so as to restrict access to a particular node in my database to only a group of users.

The restriction works, i.e. if I do not authenticate, I cannot have access to data in that node.

The problem I have now is how do I authenticate? I have tried the _CONNECT command with a valid userID, followed by an _XQL command with the given sessionid and sessionkey but I still cannot have access to the data.

I cant’ see where Tamino authenticates the user. I have created a user in collection ino:security, but I can only set the user id and the user description. Where do I set the password? Should I create the user and/or group in the Windows system also?

I would appreciate any help or advice.



Currently Tamino does not support authentication, just authorisation which is done via the user, groups and acl/aces. So currently the authentication has to be done by the web server. Have a look to the topic ‘Tamino Security’ in the ‘Security’ discussion forum there is dicussed how to setup your webserver if you would like to use the Tamino security.