Server Security

Individual OrientDB servers can manage multiple databases at a time and each database can have its own set of users. When using OrientDB through the HTTP protocol, the OrientDB server uses one realm per database.

Server security - 图1 While OrientDB can function as a regular Web Server, it is not recommended that you expose it directly to the internet or to public networks. Instead, always hide the OrientDB server within a private network.

Server users are stored in the config/orientdb-server-config.xml configuration file, in the <users> element.

  1. <users>
  2. <user name="root" password="{SHA-256}55F95B91628EF3E679628ACB23AE" resources="*" />
  3. <user name="guest" password="guest" resources="connect,server.listDatabases,server.dblist" />
  4. </users>

When the OrientDB server starts for the first time, it creates the user root automatically, by asking you to give the password in the terminal. In the event that you do not specify a password, OrientDB generates a random password. Beginning with version 2.2, OrientDB hashes the passwords using SHA-256 algorithm.

For more information on security in Orientdb, see:

Configuration

While the default users and passwords are fine while you are setting your system up, it would be inadvisable to leave them in production. To help restrict untrusted users from accessing the OrientDB server, add a new user and change the passwords in the config/orientdb-server-config.xml server configuration file.

To restrict unauthorized users from giving themselves privileges on the OrientDB server, disable write-access to the configuration file. To help prevent them from viewing passwords, disable read-access as well. Note that even if the passwords are hashed, there are many techniques available to crack the hash or otherwise guess the real password.

Server security - 图2 It is strongly recommended that you allow read/write access to the entire config directory only to the user that starts the OrientDB server.

Managing Users

Beginning with version 2.2, the OrientDB console provides a series of commands for managing users:

Server Resources

Each user can declare which resources have access. The wildcard * grants access to any resource. By default, the user root has all privileges, so it can access all the managed databases.

Resources Description
server.info Retrieves server information and statistics.
server.listDatabases Lists available databases on the server.
database.create Creates a new database in the server
database.drop Drops a database
database.passthrough Allows access to all managed databases.

For example,

  1. <user name="replicator" password="repl" resources="database.passthrough"/>

Securing Connections with SSL

Beginning with version 1.7, you can further improve security on your OrientDB server by securing connections with SSL. For more information on implementing this, see Using SSL.

Restoring the User admin

In the event that something happens and you drop the class OUser or the user admin, you can use the following procedure to restore the user to your database.

  1. Ensure that the database is in the OrientDB server database directory, $ORIENTDB_HOME/database/ folder.

  2. Launch the console or studio and log into the database with the user root.

    1. $ $ORIENTDB_HOME/bin/console.sh
    2.  
    3. OrientDB console v.X.X.X (build 0) www.orientdb.com
    4. Type 'HELP' to display all the commands supported.
    5. Installing extensions for GREMLIN language v.X.X.X
    6.  
    7. orientdb> CONNECT remote:localhost/my_database root rootpassword
  3. Check that the class OUser exists:

    1. orientdb> SELECT FROM OUser WHERE name = 'admin'
    • In the event that this command fails because the class OUser doesn’t exist, create it:

      1. orientdb> CREATE CLASS OUser EXTENDS OIdentity
    • In the event that this command fails because the class `OIdentity doesn’t exist, create it first:

      1. orinetdb> CREATE CLASS OIdentity

      Then repeat the above command, creating the class OUser

  4. Check that the class ORole exists.

    1. orientdb> SELECT FROM ORole WHERE name = 'admin'
    • In the event that the class ORole doesn’t exist, create it:

      1. orientdb> CREATE CLASS ORole EXTENDS OIdentity
  5. In the event that the user or role admin doesn’t exist, run the following commands:

    • In the event that the role admin doesn’t exist, create it:

      1. orientdb> INSERT INTO ORole SET name = 'admin', mode = 1,
      2. rules = { "database.bypassrestricted": 15 }
    • In the event that the user admin doesn’t exist, create it:

      1. orientdb> INSERT INTO OUser SET name = 'admin',
      2. password = 'my-admin_password', status = 'ACTIVE',
      3. rules = ( SELECT FROM ORole WHERE name = 'admin' )

The user admin is now active again on your database.