Query Console is not designed for simultaneous logins from the same user account. You should provision different users for individuals that need access to Query Console. With individual accounts you'll also be able to audit and revoke/reset on a user-by-user basis, general good security hygiene.
The new Cross-Site Request Forgery <https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)> protections should give you a warning in the scenario you outline, but a page refresh should get a new token and restore your previous workspace. (If it doesn't, that's a bug. Please contact MarkLogic Support or me directly, off-list.) To logout in Chrome or Firefox you should quit your browser; it should prompt you to login again when you reopen. If you had multiple user accounts accessing the same shared state you may be encountering a last-write-wins issue, where someone else zeroed out your workspace. Regardless, the best Query Console and security practice is to provision individual users. See <https://docs.marklogic.com/guide/qconsole/admin> and <https://docs.marklogic.com/guide/security/authentication>. Justin -- Justin Makeig Director, Product Management MarkLogic [email protected] > On Apr 25, 2017, at 9:22 AM, Morrisey, Russell > <[email protected]> wrote: > > Hi all, > > We are evaluating MarkLogic and we are running into a recurring problem with > the Query Console tool. We are using the evaluation version, v8.0-6.4. > > When I visit the query console page, it automatically logs me in as the admin > user that we created during setup: > mymarklogicserver:8000 > I want to log in as a different user, but there seems to be no log out button > in the Query Console interface. > I have tried using Chrome Incognito mode, clearing my browser cache, and > switching to a different browser. I am stuck in a “logged in” state no matter > what I do. > > If more than one of us uses the Query Console tool at the same time, I see a > popup telling me there is a CSRF error every time the other person does > something (like execute a query). > This CSRF error pop-up can interrupt a query in mid-run. > When I refresh after the CSRF error, everything that I did in the current > workspace (new query windows, query edits, etc.) is gone. > > How can we fix this? > > Thanks, > > Russell Morrisey > Sr. Java Developer | Shared Services Team > [email protected] > cscglobal.com > > > > Ask us about our new brand reveal – coming this May. > > > > NOTICE: This e-mail and any attachments is intended only for use by the > addressee(s) named herein and may contain legally privileged, proprietary or > confidential information. If you are not the intended recipient of this > e-mail, you are hereby notified that any dissemination, distribution or > copying of this email, and any attachments thereto, is strictly prohibited. > If you receive this email in error please immediately notify me via reply > email or at (800) 927-9800 and permanently delete the original copy and any > copy of any e-mail, and any printout. > _______________________________________________ > General mailing list > [email protected] > Manage your subscription at: > http://developer.marklogic.com/mailman/listinfo/general
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
