stackoom
  简体   繁体   中英

How to configure Read Only Datasource in Jboss teiid

 原文  2017-12-19 11:55:12       jboss/ teiid/ redhat-datavirt

Question

I have configured a Redshift Datasource in Jboss teiid. I want to know how to make my Datasource Read Only. I know how make Read Only resources on VDB level using Dataroles (Ref:- https://github.com/teiid/teiid-quickstarts/blob/master/vdb-dataroles/src/vdb/portfolio-vdb.xml ). But this would allow to create new VDBs which are not Read Only which is a vulnerability in my case. I want to do this in Datasource configuration level in domain.xml. Is there any guidance on how to do this.

I am not using teiid Designer and I configure Datasources editing the domain.xml file. I add the fallowing Datasource under the Datasources sub element in the domain.xml file 

            <datasource jndi-name="java:jboss/datasources/redshiftDS" pool-name="redshiftDS" enabled="true" use-java-context="true">
            <connection-url>jdbc:redshift://***********.com:5439/schema</connection-url>
            <driver>redshift</driver>
            <security>
                <user-name>${user_name}</user-name>
                <password>${pw}</password>
            </security>
            <pool>
                <!--min-pool-size>
                    10
                </min-pool-size-->
                <max-pool-size>
                    5
                </max-pool-size>
            </pool>
            </datasource>

Is there any way I can configure the Datasource to be read only here. For an example adding something like 

<access-permission>
   read-only
</access-permission>

2 answers

solution1
 0  2017-12-19 21:26:12

Mark all your tables as non updatable. If you are using designer there is property on table or columns or you can do same using DDL too.

solution2
 0 ACCPTED  2017-12-20 14:36:45

The simplest alternative from a Teiid perspective is to add a data role for any authenticated for all schemas that you don't users to have write access to: 

<data-role name="read-only" any-authenticated="true" allow-create-temporary-tables="true">
    <description>read only access</description>
    <permission>
        <resource-name>schema name</resource-name>
        <allow-read>true</allow-read>
        <allow-execute>true</allow-execute>
    </permission>
</data-role>

There was a flag on translators to set them as immutable - but support for that was removed.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to define an Oracle JBoss DataSource to be limited to read-only? How to configure JNDI datasource in Jboss using HikariCP? How to configure the jboss server to read a client certificate Install Teiid with jboss Integrated Authentication in Jboss Teiid JBoss AS7: How to read datasource pool statistics with JMX How to check datasource in JBoss? Can we configure datasource connect timeout in JBoss? Configure a MongoDB datasource for connection pooling in JBoss How do I configure a SQL Server datasource in JBoss to connect using a specific Active Directory user?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM