Reputation: 91
JanusGraph Server XML Configuration
Anyone knows how to configure the username and password for janusgraph server. So any http/socket send to this janusgraph server require authentication.
Thank You
Upvotes: 2
Views: 533
Answers (1)
Reputation: 46216
JanusGraph packages TinkerPop's Gremlin Server, so to configure authentication you can simply follow the Gremlin Server's instructions for doing so. The basic steps would be to modify the server yaml file to include the following:
authentication: {
authenticator: org.apache.tinkerpop.gremlin.server.auth.SimpleAuthenticator,
config: {
credentialsDb: conf/credentials.properties}}
which sets up a "simple" authentication system that uses a local Graph instance configured by conf/credentials.properties to house username/passwords. Obviously, you could write a more advanced Authenticator if you'd like and use that instead - the SimpleAuthenticator is really just a reference implementation to get people started. Here's an example that uses TinkerGraph as the target database for the credentials:
gremlin.graph=org.apache.tinkerpop.gremlin.tinkergraph.structure.TinkerGraph
gremlin.tinkergraph.vertexIdManager=LONG
gremlin.tinkergraph.graphLocation=data/credentials.kryo
gremlin.tinkergraph.graphFormat=gryo
but it could obviously be any Graph you wanted to use.
To setup the usernames and passwords in that graph you would need to use the Credentials DSL typically executed as an administration task through the Gremlin Console. You would do something like:
gremlin> :plugin use tinkerpop.credentials
==>tinkerpop.credentials activated
gremlin> graph = ... // create your graph instance for usernames/passwords
...
gremlin> credentials = credentials(graph)
==>CredentialGraph{graph=tinkergraph[vertices:0 edges:0]}
gremlin> credentials.createUser("stephen","password")
==>v[0]
gremlin> credentials.createUser("daniel","better-password")
==>v[3]
gremlin> credentials.createUser("marko","rainbow-dash")
==>v[6]
gremlin> credentials.findUser("marko").properties()
==>vp[password->$2a$04$lBXMnKWtLB...]
==>vp[username->marko]
gremlin> credentials.countUsers()
==>3
gremlin> credentials.removeUser("daniel")
==>1
gremlin> credentials.countUsers()
==>2
Start Gremlin Server with that configuration and authentication should be enabled.
These steps are described in more detail in the TinkerPop reference documentation. I'd suggest that you download Gremlin Server on its own and examine the preconfigured "secure" configuration with an already built "credentials graph" that users TinkerGraph. You can run that example with:
$ bin/gremlin-server.sh conf/gremlin-server-secure.yaml
Take a good look at what's in conf/gremlin-server-secure.yaml and how it ties to the conf/tinkergraph-credentials.properties then make similar changes in your JanusGraph Server configuration. That should get you started.
Upvotes: 2
Related Questions
- connect JanusGraph management API to remote JanusGraph Server
- Layout of Janusgraph backend tables
- Configuring JanusGraph to use ElasticSearch and Cassandra via Java
- Where JanusGraph configuration is written?
- Janusgraph how to deal with the global_offline misconfiguration
- Janusgraph/titan reconnaissance
- Cannot Start JanusGraph as per documentation
- How to traverse graph created using ConfiguredPlanFactory in JanusGraph?
- Adding data to JanusGraph database
- Setup and configuration of JanusGraph for a Spark cluster and Cassandra