Database Reference
In-Depth Information
Security Basics
The basic authentication model in eXist follows the Unix model of having users and
groups of users. eXist does not support groups of groups. Each resource and collec‐
tion in the database is assigned an owner user, group, and mode. The mode describes
the access permissions that the owner, user group, and other users have to that
resource or collection.
User and group names in eXist are case-sensitive, so, for example,
the username James is not the same as james .
Out of the box, eXist's internal authentication realm provides you with some default
users and groups to get you started.
Users
Table 8-1 outlines the default users provided with eXist out of the box.
Table 8-1. Default users
Username
Description
The guest user represents unauthenticated users. Until a user authenticates with eXist, she is a guest. It is
possible to allow users access to some resources as guest without authentication; this is particularly useful for
serving content to web users without them having to log in to your website. The guest user has a default auto-
set password of guest , although you should never need it.
guest
The admin user is the default dba (database administrator) user for eXist, and will be the first user that you log
in as after installing eXist. By default, the admin user's password is empty.
admin
SYSTEM
The SYSTEM account is used internally by eXist processes to modify resources in the database and manage the
database. Even eXist has to authenticate itself! You cannot authenticate as the SYSTEM user, and eXist cannot
function without that account.
You really should consider setting a strong password for the admin
user to secure the system, either during or immediately after instal‐
ling eXist. What constitutes a strong password? Well, that's hard to
explain simply, and advice tends to change over time, but this web‐
site can help you generate strong passwords: http://strongpassword
generator.com . If you're more security conscious, check out https://
www.grc.com/passwords.htm .
Each user in eXist must belong to at least one group, and may belong to many
groups. If a user is a member of many groups, then the default group for ownership
 
Previous Page
Next Page
eXist: A NoSQL Database and Application Development Platform
Search WWH ::




Custom Search
Home