If your MWKS application runs at a well-known, permanent address --
<http://yourname.com/app.html>, say -- you can set the User Access
record so that this originating URL is recognised by setting it into
-the "Referring URL" field.
+the "Referring URL" field. Then the application will always use that
+library that this User Access record is associated with (unless it
+sends a username/password pair to override this default).
Or if your application's users are coming from a well-known range of
IP-address space, you can enter the range in the "IP Ranges"
password credentials. This is a useful approach in several situations,
including when you need to specify the use of a different library from
usual one. To arrange for this, set the username and password as a
-single string separated by a slash -- e.g. "mike/swordfish" -- into
+single string separated by a slash -- e.g. `mike/swordfish` -- into
the User Access record's Authentication field.
You can set multiple fields into a single User Access record; or
create multiple User Access records. For example, a single User Access
-record can specify both a Referring URL a username/password pair that
-can be used when running an application from a different URL. But if
-multiple Referring URLs are needed, then each must be specified in its
-own User Access record.
-
-### Tell the application to use the library
-
-In the HTML of the application, tell MKWS to authenticate on to the
-Service Proxy. When referer-based or IP-based authentication is used,
-this is very simple:
-
- <script type="text/javascript">
- var mkws_config = { service_proxy_auth:
- "//sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig" };
- </script>
-
-> TODO This should be the default setting: see **MKWS-251**.
-
-And ensure that access to the MWKS application is from the correct
-Referrer URL or IP-range.
+record can specify both a Referring URL and a username/password pair
+that can be used when running an application from a different URL. But
+if multiple Referring URLs are needed, then each must be specified in
+its own User Access record.
### (Optional): embed credentials for access to the library
When credential-based authentication is in use (username and
password), it's necessary to pass these credentials into the Service
-Proxy when establishing the session. This can most simply be done just
-by setting the `service_proxy_auth` configuration item to a URL such as
-`//sp-mkws.indexdata.com/service-proxy/?command=auth&action=perconfig&username=mike&password=swordfish`
+Proxy when establishing the session. This is done
+by setting the `sp_auth_credentials` configuration item to a string
+containing the username, a slash, and the password:
-> TODO It should be possible to add the username and password to the
-> configuration without needing to repeat the rest of the URL: see
-> **MKWS-254**.
+ mkws_config = { sp_auth_credentials: "mike/swordfish" };
### (Optional): conceal credentials from HTML source