projects / pazpar2-moved-to-github.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added Debian packages: pazpar2-apache2 and pazpar2-test1. The former
[pazpar2-moved-to-github.git] / doc / pazpar2_protocol.xml
diff --git a/doc/pazpar2_protocol.xml b/doc/pazpar2_protocol.xml
index 155722a..db67d94 100644 (file)
--- a/doc/pazpar2_protocol.xml
+++ b/doc/pazpar2_protocol.xml
@@ -5,10 +5,10 @@
      %local;
      <!ENTITY % entities SYSTEM "entities.ent">
      %entities;
-     <!ENTITY % common SYSTEM "common/common.ent">
-     %common;
+     <!ENTITY % idcommon SYSTEM "common/common.ent">
+     %idcommon;
 ]>
-<!-- $Id: pazpar2_protocol.xml,v 1.5 2007-04-10 08:53:48 adam Exp $ -->
+<!-- $Id: pazpar2_protocol.xml,v 1.8 2007-06-04 10:34:06 adam Exp $ -->
 <refentry id="pazpar2_protocol">
  <refentryinfo>
   <productname>Pazpar2</productname>
@@ -58,6 +58,11 @@
      <session>2044502273</session>
     </init>
 ]]></screen>
+   <para>
+     The init command may take a number of setting parameters, similar to
+     the 'settings' command described below. These settings are immediately
+     applied to the new session.
+   </para>
   </refsect2>
   
   <refsect2 id="command-ping"><title>ping</title>
@@ -82,6 +87,46 @@
 ]]></screen>
    </para>
   </refsect2>
+  <refsect2 id="command-settings">
+    <title>settings</title>
+    <para>
+      The settings command applies session-specific settings to one or more
+      databases. A typical function of this is to enable access to
+      restricted resources for registered users, or to set a user- or
+      library-specific username/password to use against a target. Each
+      setting parameter has the form name[target]=value, where name is the
+      name of the setting (e.g. pz:authentication), target is a target ID,
+      or possibly a wildcard, and value is the desired value for the
+      setting.
+    </para>
+
+    <para>
+      Because the settings command manipulates potentially sensitive
+      information, it is possible to configure pazpar2 to only allow access
+      to this command from a trusted site -- usually from server-side
+      scripting, which in turn is responsible for authenticating the user,
+      and possibly determining which resources he has access to, etc.
+    </para>
+
+    <para>
+      Note: As a shortcut, it is also possible to override settings directly in
+      the init command.
+    </para>
+
+    <para>
+      Example:
+      <screen><![CDATA[
+       search.pz?command=settings&session=2044502273&pz:allow[search.com:210/db1]=1
+      ]]></screen>
+    Response:
+   <screen><![CDATA[
+<settings>
+  <status>OK</status>
+</settings>
+]]></screen>
+    </para>
+
+  </refsect2>
   <refsect2 id="command-search"><title>search</title>
    <para>
     Launches a search, parameters:
Metasearcher