I'd like to use the MongoClient.Connect(Url) option for connecting from Node and in fact it does work for authenticated connections to the admin database. However, if I try to specify a different database I get an "auth Fails" with code 18.
I think this means that the credentials are only setup on the admin database and, unfortunately, I can't change this arrangement (for now, anyway).
It seems this Url syntax is the direction the driver is heading, so I'd like to use it if possible. Is there a way to use this syntax, authenticate and connect to the admin database, and then get a connection to one of the other databases on the server?
I just found out how to do this: You use the instance you get ("admin") to open another database you have access to:
db2 = db.db("name of other name");
See it hidden inside the documentation
Related
When I'm connecting to database in node, I have to add db name, username, password etc. If I'm right every user can access js file, when he knows address. So... how it works? Is it safe?
Node.js server side source files should never be accessible to end-users.
In frameworks like Express the convention is that requests for static assets are handled by the static middleware which serves files only from a specific folder in your solution. Explicit requests for other source files that exists in your code base are thus ignored (404 is passed down the pipeline).
Consult
https://expressjs.com/en/starter/static-files.html
for more details.
Although there are other possible options to further limit the visibility of sensitive data, note that anyone on admin rights who gets the access to your server, would of course be able to retrieve the data (and this is perfectly acceptable).
I am assuming from the question that the DB and Node are on the same server. I am also assuming you have created either a JSON or env file or a function which picks up your DB parameters.
The one server = everything (code+DB) is not the best setup in the world. However, if you are limited to it, then it depends on the DB you are using. Mongo Community Edition will allow you to set up limited security protocols, such as creating users within the DB itself. This contains a {username password rights} combination which grants scaled rights based upon the type of user you set up. This is not foolproof but it is something of protection even if someone gets a hold of your DB parameters. If you are using a more extended version of MongoDB then this question would be superfluous. As to other DB's you need to consult the documentation.
However, all that being said, you should really have a DB set up behind a public server and only allow SSH into it, with an open port to receive information from your program. As the one server = everthing format is not safe in the end run, though it is fine for development.
If you are using MongoDB, you may want to take a look at Mongoose coupled with Mongoose Encryption. I personally do not use them but it may solve your problem in the short run.
If your DB is MySQL etc. then I suggest you look at the documentation.
I am using Sails and Postgres and I want to save some credentials in the session at the start-up of server.
Kindly help me. How can I do this, and is there any possibilities that it may give some error just because of database connectivity with the application. I am using connect-redis"~1.4.5".
You do have the option of utilising the bootstrap.js file. Essentially this runs code you define during the lifting process of sails. For instance you could use this to pre-populate a test database or in your case to authenticate a "test" user and store the person within a session.
http://sailsjs.org/documentation/anatomy/my-app/config/bootstrap-js
Documentation is linked above.
We have recently created a new database instance for an upgraded application. When we try to connect to the DB using ODBC from Excel it returns a "ORA-01017: invalid username/password; logon denied" error.
I am able to successfully logon to the database with SQL+ from the command line using the same username and password.
If I switch back to the previous database I can connect successfully using Excel.
Does anyone know what if anything needs setup on the new DB to allow it to accept the ODBC connection.
Something springs to mind years back when we first set this up about either username/passwords being converted to uppercase when trying to connect so both the USERNAME and PASSWORD are set to uppercase. I'm not sure whether anything else is needed server side or not.
Any help would be greatly appreciated.
ORA-01017: invalid username/password is always because of wrong username password combination.
Quite likely that the password is not in the right case in your Excel.
For the case sensitivity, check the SEC_CASE_SENSITIVE_LOGON parameter in the DB.
If parameter is set to true, passwords are case sensitive.
The issue isn't to do anything with the database, it is the connection string I'm using to connect to the database. It's using the old instance instead of the new one!!! I need to look at why that is using the old one when tnsnames is setup to point to the new one.
To connect to MongoDB, you need to use http://mongodb.github.io/node-mongodb-native/2.0/api/MongoClient.html#.connect.
My question is about specifying the database in the connection string. It says:
Optional. The name of the database to authenticate if the connection string includes authentication credentials in the form of username:password#. If /database is not specified and the connection string includes credentials, the driver will authenticate to the admin database.
It seems to me that it's only useful to have the database if you also have the username:password#. But I've seen examples where the database is specified without the username:password#. The Node Driver example itself uses the string mongodb://localhost:27017/myproject.
Why would you ever want to have the database without the username:password#?
All the operation you will do will be done in the database you are choosing.
If you avoid the /database component you need to force it in the code (try to avoid hard coded elements) or you will work in the default database (not a great idea)
I am attemtpting to use SessionAsSigner.getDatabase in SSJS to access a db on a different server. But it always returns null. For example I use:
var db = sessionAsSigner.getDatabase("canonical name of server","log.nsf", false);
There is probably error in server security setting. You can read this page: http://www-01.ibm.com/support/docview.wss?uid=swg21086111
When you use sessionAsSigner the server you are connecting to is able to authenticate who you are when you log in.
When you are running code on the server (A) and you need to talk to another server (B), then the first server has authenticate with A credentials. It cannot authenticate as you.
To allow it to run correctly you need to set up server A as a trusted server on server B.
You can set trusted servers in your server document.
You can programatically check if this is set using the NotesSession.isTrustedSession() method.
The problem is that you code is signed with different signers.
Try to resign the database with your or the servers id.
That will probably fix your problem.
The Server you are using needs to have access and a connection document to the server you want to access. So The first thing to do is: check If your server is listed in the "Who can Access this Server" Field in the Server document. Then check the Trusted Servers Section. Then check the ACL of your log (your executing server and the XPage signer need to have access to log.nsf)