+ <refsect2 id="command-settings">
+ <title>settings</title>
+ <para>
+ The settings command applies session-specific settings to one or more
+ databases. A typical function of this is to enable access to
+ restricted resources for registered users, or to set a user- or
+ library-specific username/password to use against a target. Each
+ setting parameter has the form name[target]=value, where name is the
+ name of the setting (e.g. pz:authentication), target is a target ID,
+ or possibly a wildcard, and value is the desired value for the
+ setting.
+ </para>
+
+ <para>
+ Because the settings command manipulates potentially sensitive
+ information, it is possible to configure Pazpar2 to only allow access
+ to this command from a trusted site -- usually from server-side
+ scripting, which in turn is responsible for authenticating the user,
+ and possibly determining which resources he has access to, etc.
+ </para>
+
+ <note>
+ <para>
+ As a shortcut, it is also possible to override settings directly in
+ the init command.
+ </para>
+ </note>
+
+ <para>
+ Example:
+ <screen><![CDATA[
+ search.pz?command=settings&session=2044502273&pz:allow[search.com:210/db1]=1
+ ]]></screen>
+ Response:
+ <screen><![CDATA[
+<settings>
+ <status>OK</status>
+</settings>
+]]></screen>
+ </para>
+
+ </refsect2>