How to configure Read Only Datasource in Jboss teiid - jboss

I have configured a Redshift Datasource in Jboss teiid. I want to know how to make my Datasource Read Only. I know how make Read Only resources on VDB level using Dataroles (Ref:- https://github.com/teiid/teiid-quickstarts/blob/master/vdb-dataroles/src/vdb/portfolio-vdb.xml). But this would allow to create new VDBs which are not Read Only which is a vulnerability in my case. I want to do this in Datasource configuration level in domain.xml. Is there any guidance on how to do this.
I am not using teiid Designer and I configure Datasources editing the domain.xml file. I add the fallowing Datasource under the Datasources sub element in the domain.xml file
<datasource jndi-name="java:jboss/datasources/redshiftDS" pool-name="redshiftDS" enabled="true" use-java-context="true">
<connection-url>jdbc:redshift://***********.com:5439/schema</connection-url>
<driver>redshift</driver>
<security>
<user-name>${user_name}</user-name>
<password>${pw}</password>
</security>
<pool>
<!--min-pool-size>
10
</min-pool-size-->
<max-pool-size>
5
</max-pool-size>
</pool>
</datasource>
Is there any way I can configure the Datasource to be read only here. For an example adding something like
<access-permission>
read-only
</access-permission>

The simplest alternative from a Teiid perspective is to add a data role for any authenticated for all schemas that you don't users to have write access to:
<data-role name="read-only" any-authenticated="true" allow-create-temporary-tables="true">
<description>read only access</description>
<permission>
<resource-name>schema name</resource-name>
<allow-read>true</allow-read>
<allow-execute>true</allow-execute>
</permission>
</data-role>
There was a flag on translators to set them as immutable - but support for that was removed.

Mark all your tables as non updatable. If you are using designer there is property on table or columns or you can do same using DDL too.

Related

How to enable failover for a postgresql jdbc data source

I have a data source defined in a Liberty application server for postgresql
<dataSource jdbcDriverRef="PostgreSQLDriver" ...>
<properties password="..." user="admin" serverName="server" portNumber="2020" databaseName="dbname" ssl="false"
</dataSource>
I see that I can enable failover on a jdbc connection by specifying a url like:
jdbc:postgresql://host1:port,host2:port,host3:port/dbname
Is there any way that this failover url can be provided to a application server datasource?
Yes, you can specify any key/value pair on the <properties> element and Liberty will supply it to the vendor data source class. In this case, the property would be URL="jdbc:postgresql://host1:port,host2:port,host3:port/dbname"
Also, note that in more recent versions of Liberty, there is a properties.postgresql which is specific to Postgres and better documents the available settings for it.
Here is an example,
<dataSource jdbcDriverRef="PostgreSQLDriver" ...>
<properties.postgresql password="..." user="admin" URL="jdbc:postgresql://host1:port,host2:port,host3:port/dbname" ssl="false"
</dataSource>

Database configuration with WildFly

I intend to configure postgresql in my app, but I don't want to manage access to my db through WildFly. Is it possible to avoid this approach and to chose another way but with jndi?
If you want to connect a postgresql database without abstraction layer such as wildFly, you can use simply jdbc (https://jdbc.postgresql.org/about/about.html) :
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to
connect to a PostgreSQL database using standard, database independent
Java code. Is an open source JDBC driver written in Pure Java (Type
4), and communicates in the PostgreSQL native network protocol.
If you prefer a lightweight ORM (Object Relational Mapping), I would advise activejdbc (http://javalite.io/activejdbc).
Here you can find the configuration of Wildfly Wildfly datasource configuration . The datasource can be access with jndi. You have to replace the example-jdbc-driver with postgres driver.
Bellow is my example of configuration of datasource for IBM-informix
<datasource jndi-name="java:jboss/datasources/mvpdb" pool-name="mvpdbpool">
<connection-url>jdbc:informix-sqli://mars.bza-intern.de:30020/demomvp:informixserver=tcpmars;DB_LOCALE=de_DE.8859-1;IFX_LOCK_MODE_WAIT=10;</connection-url>
<driver>informix</driver>
<transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation>
<pool>
<min-pool-size>1</min-pool-size>
<max-pool-size>3</max-pool-size>
<prefill>true</prefill>
</pool>
<security>
<user-name>abcd</user-name>
<password>efgh</password>
</security>
<statement>
<prepared-statement-cache-size>32</prepared-statement-cache-size>
<share-prepared-statements>true</share-prepared-statements>
</statement>
</datasource>
The datasource can be access ( Spring context ):
with Java Configuration
#Bean(name = "mvpds", autowire = Autowire.BY_NAME)
public DataSource Mvpds() {
logger.info("Mvpds-bean");
final JndiDataSourceLookup dsLookup = new JndiDataSourceLookup();
dsLookup.setResourceRef(true);
DataSource ds = dsLookup.getDataSource("java:jboss/datasources/mvpdb");
return ds;
}
or XML definition
<bean id="mvpds" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName"><value>java:jboss/datasources/mvpdb</value></property>
</bean>
The question was not correct because of lack of knowledge. The promblem is that no way to configure db without WildFly but with jndi. Jndi is an instrument WildFly uses to find a datasourse:)

How to integrate the WSO2 Data Services 3.0 with Oracle 10g

We use Windows Server 8 with Oracle 10g (R 10.2.0.2).
We believe that the Oracle JDBC Jar is correct, we tested some possibilities.
The problem now when we tested the connection is: "provided data source type not supported".
Anybody have any suggestion?
Thanks so much!
I believe there must be an issue with your datasource configuration defined in master-datasources.xml or any other *-datasources.xml you are using in your environment. Please double check whether the following line is defined properly in your datasource configuration. All the RDBMS databases should be configured having the definition type as "RDBMS".
<definition type="RDBMS">
A complete sample datasource configuration for your requirement is depicted below.
<datasource>
<name>testds</name>
<description>The datasource used for registry and user manager</description>
<jndiConfig>
<name>jdbc/testds</name>
</jndiConfig>
<definition type="RDBMS">
<configuration>
<url>jdbc:oracle:thin:#localhost:1521:XE</url>
<username>test</username>
<password>test</password>
<driverClassName>oracle.jdbc.OracleDriver</driverClassName>
<maxActive>50</maxActive>
<maxWait>60000</maxWait>
<testOnBorrow>true</testOnBorrow>
<validationQuery>SELECT 1 FROM DUAL</validationQuery>
<validationInterval>30000</validationInterval>
</configuration>
</definition>
</datasource>
Hope this helps.
Regards,
Prabath

Loading properties from a file in a JBoss 6 Web Application

Can I dump a properties file somewhere in one of the JBoss 6 directories, and pick it up from the classpath?
Or even better, does anybody know the mechanism behind a configuration file like $JBOSS_HOME/server/default/deploy/jboss-logging.xml? Changes to this file seem to trigger an event, so that a running instance can process the modifications (without having to bounce the AS).
A possibility is to configure SystemPropertiesService in ./conf/jboss-service.xml.
This allows you to configure system properties in-place, or load them from a properties file:
<server>
<mbean code="org.jboss.varia.property.SystemPropertiesService"
name="jboss.util:type=Service,name=SystemProperties">
<!-- Load properties from each of the given comma seperated URLs -->
<attribute name="URLList">
http://somehost/some-location.properties,
./conf/somelocal.properties
</attribute>
<!-- Set propertuies using the properties file style. -->
<attribute name="Properties">
property1=This is the value of my property
property2=This is the value of my other property
</attribute>
</mbean>
</server>
For more details, refer to: http://docs.jboss.org/jbossas/admindevel326/html/ch10.html
They have made this even easier in JBoss EAP 6 (AS 7).
Pass Property File as Startup Parameter
This can be added within the main start up script or passed as parameter
./standalone.sh --properties=/Users/john.galt/dev/config/ds/jboss.properties
If these properties are read, they will be rendered in the server log as the first statement.
3:58:41,633 DEBUG [org.jboss.as.config] (MSC service thread 1-6) Configured system properties:
DSsettings.password = password
DSsettings.user-name = admin
DSsettings.connection-url = jdbc:oracle:fat:#activedb:1521:DEV
[Standalone] =
awt.nativeDoubleBuffering = true
NOTE: As these settings are logged in server log, ensure no clear text passwords are in the property files in production
Use passed in system properties
You could use these system properties with following syntax.
Example Usage in a data source file
<xa-datasource jndi-name="java:jboss/ds" pool-name="cPool" jta="true" enabled="true" use-ccm="true">
<xa-datasource-property name="URL">
${DSsettings.connection_url}
</xa-datasource-property>
<driver>oracle</driver>
...
<security>
<user-name>${DSsettings.user-name}</user-name>
<password>${DSsettings.password}</password>
</security>
...
</xa-datasource>
In JBoss 6 use: ./deploy/properties-service.xml
On JBoss AS7 properties-service.xml no longer exist, the below is the solution:
http://www.mastertheboss.com/jboss-server/jboss-configuration/how-to-inject-system-properties-into-jboss

How to make use of variables in Wildfly configuration file?

I am setting up a common standalone-full.xml file for all server environments, and therefore need to have variables for database URL's (and such), instead of hard coding them.
One such section in the configuration file might look like this:
<datasource jta="true" jndi-name="java:/somename" pool-name="somename" enabled="true" use-ccm="false">
<connection-url>jdbc:mysql://${SOMENAME_DB_URL}</connection-url>
<driver-class>com.mysql.jdbc.Driver</driver-class>
<driver>mysql</driver>
<pool>
<min-pool-size>5</min-pool-size>
<max-pool-size>15</max-pool-size>
</pool>
<security>
<user-name>${DB_USERNAME}</user-name>
<password>${DB_PASSWORD}</password>
</security>
<validation>
<validate-on-match>false</validate-on-match>
<background-validation>false</background-validation>
</validation>
<statement>
<share-prepared-statements>false</share-prepared-statements>
</statement>
</datasource>
However, upon starting the server with this config file it simply throws an "Unable to resolve expression" error for all such sections.
I've tried putting the variables in /etc/environment, as well as in the .jbossclirc file in /bin using set DB_USERNAME=mydbusername, but to no avail.
As you can see I'm fumbling a bit in the dark here since I haven't been able to find any proper documentation on how to do this. I'm not even sure if it's actually possible. Any help is greatly appreciated.
You should use Java system properties instead of environment variables.
You can also pass these properties as -D arguments to standalone.sh, e.g.
bin/standalone.sh -DDB_USERNAME=me -DDB_PASSWORD=secret
Alternatively, you can define your properties in a properties file and pass that to the startup script with a -P option:
bin/standalone.sh -P database.properties
Does overriding standard properties from Wildfly work that way?
For example jboss.http.port from standalone.xml
<socket-binding name="http" port="${jboss.http.port:8080}"/>
One possibilty is to call standalone.sh -Djboss.http.port=8081. Then, Wildfly http port should be on 8081.
It should also work for your own variables.