Hi,
we are developing an application based on BaseX with RESTXQ.
The application uses the BaseX RESTXQ URL mechanism to decouple extensions from product code.
application.xqm: (this is shipped product code)
declare %restxq:path(„dispatch/do/{$key}")
function app:defaultReq($key) {
(: default code :)
The custom code simply has a more specific RESTXQ path specified, so it is used instead of the shipped code.
custom.xqm: (this is the customers extension)
declare %restxq:path(„dispatch/do/something_special")
function custom:customReq() {
(: some custom code :)
};
So just by dropping a file like „custom.xqm" in the restxq path, we can customize the system.
Without having to use a config file or changing our shipped application code. Removing the file from the path removes the custom functions. And: we can mix in updating functions without having to know about this in advance.
The drawback is that we can only use this for HTTPS requests from the client, but not from the server, because we use HTTPS. So we cannot use RESTXQ requests server side with http:send-request. (Or do we?)
I tried to workaround by setting up jetty to allow not secured HTTP connections from 127.0.0.1 by setting up a second connector. That works (it’s possible to use the site locally with HTTP), but I could not get around our form-based authentication with
http:send-request. As far as I can see, only BASIC authentication is possible (not an option for us).
Is there another way?
A java extension perhaps?
Sebastian