Reputation: 3865
Secure RavenDb Management Studio on Server
I have created a website in IIS for RavenDb on my server. I currently can access Raven Studio on 127.0.0.10 but I would also like to make the server accessible on the public IP. Is there any way of securing the Management Studio so it asks for a username/password before I can access it?
I have set Raven/AnonymousAccess to none but I can't seem to figure out how to set a username/password combination to log in.
Update
Ok I've worked it out. It's not actually a RavenDb setting it's configured in IIS (Thanks Fitzchack). After creating the RavenDb IIS website I took the following steps:
- Create a windows user (RavenDbAdmin)
- Disable Anonymous authentication for the website
- Enable Windows authentication for the website
When now accessing the site on the public server IP it will ask for a password first.
Upvotes: 2
Views: 1136
Answers (1)
Reputation: 9163
RavenDB uses windows accounts by default (OAuth is supported too), so you would need to create a windows account and use its credentials in order to log into RavenDB.
Just for another layer of security, you can also restrict IIS website itself, which will force you to login twice in the studio. This is not required, but this is a nice option to always have.
Upvotes: 3
Related Questions
- RavenDB embedded with Raven Management Studio?
- RavenDb server security
- RavenDB Authentication and Authorization
- Is there anything similar to SQL Server Authentication in RavenDb
- Ravendb studio authentication
- Securing the Raven Database
- RavenDB connections over HTTPS
- RavenDB Network Access
- RavenDB IIS authentication/authorization
- Access RavenDb server outside