Closed tstringer-fn closed 1 year ago
I think you can leave out the user/pass from the JDBC url, and instead store it in the username/password column in the source table. This will auto-encrypt when you start webapi.
When you change sources, you will need to refresh the server cache, so you can either restart WebAPI or access the url /WebAPI/source/refresh. Hitting that endpoint with browser will trigger the cache to reset.
Thank you for your response! So you're saying that I should be doing an INSERT
into webapi.source
with the username
and password
columns set in plaintext? While I understand that webapi will auto-encrypt this on startup, there is a non-zero amount of time that the password is stored in plaintext, which isn't ideal.
Is there no other way to get the credentials stored in the database that are encrypted from the start to eliminate this plaintext window?
Yes, as opposed to the infinite time that it would be unencrypted if placed into the URL :).
I believe if you use the Atlas UI to create the source, it may go into the table immedately encrypted.
Yes, totally agreed that it shouldn't be unencrypted at all in the URL or otherwise :)
Ah great I didn't know there was part of the UI to create the source! Do you have the URL of that?
The admin screen will only show you source management (create/update) if security is enabled. If you have it enabled, you can go to the 'Configuration' screen and you see something like this:
Click New Source to add a new source, and specify the different daimons:
Ah I don't see that New Source
button. Judging by your comment, it sounds like it's because security isn't enabled if I'm understanding correctly? How do I enable it so I can see that new source button? Thank you!
Security configuration is described here.
Getting security set up is a complicated task because you need to re-build your WebAPI with the AtlasSecurity enabled, and then configure the Atlas configuration to specify which security providers you want to allow. It's too much to describe in this post. if you are happy to use Atlas in 'anonymous' mode, then just do the updates to SOURCE table directly and restart webapi to have changes take effect.
Thanks for the help! I really appreciate it!
Good day! I have setup WebAPI and I'm wondering how to create a source in the database. I see the documentation but this still seems to not be working (verified an empty array when I go to
/WebAPI/source/sources
).In the documentation it says to INSERT a row into the
webapi.source
table with this connection string:jdbc:postgresql://server:5432/cdm?user={user}&password={password}
. I understand that "server" should be replaced, as well as "cdm" for the actual CDM database. But what aboutuser
andpassword
? Are those supposed to be literals, and you keep the strings "user" and "password" in that?Thank you!