X-Git-Url: http://jsfdemo.indexdata.com/?a=blobdiff_plain;f=doc%2Fpazpar2_protocol.xml;h=b9767872f0c50041136294a3823cd37c7a21a55a;hb=585b9e01d231b74d198e1e6de5521c4615e79d40;hp=404f6c3b14aa7404ce89c6158656c81dbea22131;hpb=8f48376798d4b43d962726ef68f547cbd471d670;p=pazpar2-moved-to-github.git

diff --git a/doc/pazpar2_protocol.xml b/doc/pazpar2_protocol.xml
index 404f6c3..b976787 100644
--- a/doc/pazpar2_protocol.xml
+++ b/doc/pazpar2_protocol.xml
@@ -8,7 +8,7 @@
      <!ENTITY % common SYSTEM "common/common.ent">
      %common;
 ]>
-<!-- $Id: pazpar2_protocol.xml,v 1.3 2007-01-19 18:28:08 quinn Exp $ -->
+<!-- $Id: pazpar2_protocol.xml,v 1.7 2007-04-11 04:51:23 quinn Exp $ -->
 <refentry id="pazpar2_protocol">
  <refentryinfo>
   <productname>Pazpar2</productname>
@@ -58,6 +58,11 @@
      <session>2044502273</session>
     </init>
 ]]></screen>
+   <para>
+     The init command may take a number of setting parameters, similar to
+     the 'settings' command described below. These settings are immediately
+     applied to the new session.
+   </para>
   </refsect2>
   
   <refsect2 id="command-ping"><title>ping</title>
@@ -82,6 +87,46 @@
 ]]></screen>
    </para>
   </refsect2>
+  <refsect2 id="command-settings">
+    <title>settings</title>
+    <para>
+      The settings command applies session-specific settings to one or more
+      databases. A typical function of this is to enable access to
+      restricted resources for registered users, or to set a user- or
+      library-specific username/password to use against a target. Each
+      setting parameter has the form name[target]=value, where name is the
+      name of the setting (e.g. pz:authentication), target is a target ID,
+      or possibly a wildcard, and value is the desired value for the
+      setting.
+    </para>
+
+    <para>
+      Because the settings command manipulates potentially sensitive
+      information, it is possible to configure pazpar2 to only allow access
+      to this command from a trusted site -- usually from server-side
+      scripting, which in turn is responsible for authenticating the user,
+      and possibly determining which resources he has access to, etc.
+    </para>
+
+    <para>
+      Note: As a shortcut, it is also possible to override settings directly in
+      the init command.
+    </para>
+
+    <para>
+      Example:
+      <screen><![CDATA[
+       search.pz?command=settings&session=2044502273&pz:allow[search.com:210/db1]=1
+      ]]></screen>
+    Response:
+   <screen><![CDATA[
+<settings>
+  <status>OK</status>
+</settings>
+]]></screen>
+    </para>
+
+  </refsect2>
   <refsect2 id="command-search"><title>search</title>
    <para>
     Launches a search, parameters:
@@ -181,7 +226,7 @@ search.pz2?session=2044502273&command=stat
       <term>start</term>
       <listitem>
        <para>First record to show - 0-indexed.</para>
-      </listitem
+      </listitem>
      </varlistentry>
      
      <varlistentry>
@@ -395,7 +440,6 @@ search.pz2?session=605047297&command=record&id=3
   </target>
   <!-- ... more target nodes below as necessary -->
 </bytarget>
-    <screen><![CDATA[
 ]]></screen>
 
    The following client states are defined: Client_Connecting,