[Question] MongoDB Connection String and TLS/SSL Configuration

eclipse-basyx / basyx-java-server-sdk

MIT License

55 stars 45 forks source link

[Question] MongoDB Connection String and TLS/SSL Configuration #395

Open Kuchsn opened 3 weeks ago

Kuchsn commented 3 weeks ago

Is your feature request related to a problem? Please describe.

Is there a way to use just a connection string for the MongoDB?
Is there a way to add additional connection parameters to get a TLS/SSL secured Mongo connection?

Describe the solution you'd like A single parameter for a connection string or an additional parameter for additional connection parameters.

Describe alternatives you've considered A long term solution has to support a scalable extern MongoDB implementation. A Docker contain is justifiable for development.

merlinseela commented 3 weeks ago

To question 1: I am not entirly sure what exactly you are trying to accomplish but...

You can change the settings using properties files for the individual containers by setting the following parameters and then mounting the custom properties as a volume.

e.g. for AAS Environment

Properties:

basyx.backend = MongoDB
spring.data.mongodb.host=mongo
spring.data.mongodb.port=27017
spring.data.mongodb.database=aasenvironments
spring.data.mongodb.authentication-database=admin
spring.data.mongodb.username=mongoAdmin
spring.data.mongodb.password=mongoPassword

Docker mount:

    volumes:
      # Mount application.properties file
      - ./properties/aas_env_application.properties:/application/application.properties

As for question 2: No idea. I am just developing with BaSyx but not doing any Development of BaSyx itself.

Kuchsn commented 3 weeks ago

I am not entirly sure what exactly you are trying to accomplish...

I want to add additional Parameter for Security like "tls":

additional_params=?authSource=admin&tls=true

You can change the settings using properties files...

Yes, that's what i assumend. But there are 89 properties files in the Repo, 11 in the aasenv folder and because authSource is already in the authentication-database parameter, it doesn't seem to be the right one to append tls=true.

I would like to do 2/(3) things:

Use Mongo with TLS
Make it possible to connect to an other extern database
(Make it possible to configure the server using a connection string)

mhrimaz commented 3 weeks ago

@Kuchsn You can use spring.data.mongodb.uri https://docs.spring.io/spring-boot/reference/data/nosql.html#data.nosql.mongodb.connecting

Kuchsn commented 3 weeks ago

I will try to test this asap. Thx for the info!

max-schlenz commented 2 weeks ago

we've tried the suggestions, unfortunately we haven't been successful.

After enabling TLS on the side of MongoDB, and verifying that i can only connect to it with TLS enabled, BaSyX still is unable to connect and shows "SSL Handshake Failed". I'm using the same connection string as in MongoDB Compass, where i can connect successfully.

I've tried:

 spring.data.mongodb.host=
 spring.data.mongodb.port=
 spring.data.mongodb.database=
 spring.data.mongodb.authentication-database=
 spring.data.mongodb.username=
 spring.data.mongodb.password=
 spring.data.mongodb.ssl.enabled=
 spring.data.mongodb.uri=

in aas-discovery.properties and aas-env.properties, which are properly mounted in the containers.