Logo

Contents:

  • Introduction to EDG
  • Quick Start Guides
  • User Guide
  • Reference Guide
  • Installing Sample Data
  • Administrator Guide
    • Installation Checklist
    • EDG Installation
    • Upgrading from Previous Versions
    • The Setup File
    • Authentication Methods
      • Authentication Overview
      • Form Authentication
      • HTTP Basic Authentication
      • SAML Authentication
      • Authentication with OpenID Connect (OIDC)
      • Authentication with OAuth 2.0
      • EDG as an OAuth API client
      • Cookie Authentication (not secure)
        • Considerations
        • Configuring
        • User management
        • Authenticating API requests
      • Tomcat-based authentication methods
      • LDAP Authentication
      • The users.yaml file
    • Lockout Feature
    • Logging
    • TopBraid Data Platform
    • Auto Classifier Installation
    • TopBraid Explorer Setup
    • EDG Backup and Restore
    • Content Security Policy (CSP)
    • Cross-Origin Resource Sharing (CORS)
  • TopBraid EDG Studio
  • GraphQL
  • Scripting with JavaScript and ADS
  • SPARQL
  • Extension Development
  • EDG Integration Points
  • FAQs
  • TopQuadrant EDG Support

  • Index
TopBraid EDG
  • »
  • Administrator Guide »
  • Authentication Methods »
  • Cookie Authentication (not secure)

Cookie Authentication (not secure)

Warning

This authentication method provides no security and is intended for work on a personal computer with EDG Studio only. Do not use this on a server.

With this authentication method, a user can be freely picked from a dropdown of known user accounts.

Considerations

Cookie authentication is intended for local development and testing with EDG Studio. Do not use this on a server.

Configuring

To enable cookie authentication, add or uncomment in the setup file (edg-setup.properties):

endUserAuthMethod = cookie

This is also the default if the field is not present.

User management

There is a built-in user Administrator with full rights.

Additional user accounts can be created on the fly, by logging out the current user and selecting the new user option from the dropdown on the login form. These users will be created without any roles or permissions.

Optionally, additional user accounts can also be defined in the users.yaml file as described here: The users.yaml file. Passwords do not have to be specified and will be ignored. User roles defined in users.yaml will be respected.

Authenticating API requests

With this authentication method, API clients do not need to authenticate and can freely access all API endpoints. By default, requests are executed with the permissions of the built in Administrator user.

API clients can make requests for a different user account by sending a username cookie with the desired login name.

For example, to run a query against the SPARQL endpoint (assuming EDG running at http://localhost:8083/):

curl --cookie "username=MyUser" -d "query=SELECT (smf:currentUserName()) {}" http://localhost:8083/tbl/sparql
Previous Next

© Copyright TopQuadrant, Inc.

Built with Sphinx using a theme provided by Read the Docs.