BaseX:Public REST API 无身份验证

BaseX: Public REST API without authentication

是否可以在 BaseX 中创建 public REST API,以便客户端根本不需要身份验证?

此 public API 应该是只读的。我已经做的是创建一个名为 HTTPGuest 的用户,该用户具有对某些数据库的读取权限。

那我试过了basexhttp -UHTTPGuest。但是 API 仍然希望通过基本身份验证获得凭据。

您可以通过修改通常位于 ~/BaseXWeb/WEB-INF/web.xmlweb.xml 文件来提供默认凭据。此文件包含以下块>

  <!-- REST Service (can be deactivated by removing this entry) -->
  <servlet>
    <servlet-name>REST</servlet-name>
    <servlet-class>org.basex.http.rest.RESTServlet</servlet-class>
    <!-- service-specific credentials
    <init-param>
      <param-name>org.basex.user</param-name>
      <param-value/>
    </init-param>
    <init-param>
      <param-name>org.basex.password</param-name>
      <param-value/>
    </init-param>
    -->
  </servlet>
  <servlet-mapping>
    <servlet-name>REST</servlet-name>
    <url-pattern>/rest/*</url-pattern>
  </servlet-mapping>

在这里,取消注释<init-param/>子树并将user/passphrase组合添加到<param-value/>元素,例如

  <!-- REST Service (can be deactivated by removing this entry) -->
  <servlet>
    <servlet-name>REST</servlet-name>
    <servlet-class>org.basex.http.rest.RESTServlet</servlet-class>
    <init-param>
      <param-name>org.basex.user</param-name>
      <param-value>HTTPGuest</param-value>
    </init-param>
    <init-param>
      <param-name>org.basex.password</param-name>
      <param-value>super-secret-passphrase</param-value>
    </init-param>
  </servlet>
  <servlet-mapping>
    <servlet-name>REST</servlet-name>
    <url-pattern>/rest/*</url-pattern>
  </servlet-mapping>