I need to store data for each user in ejabberd.How can I do this ? I mean I need to add one more field to user table and I should update this data whenever.
How can I do this ?
This is what I am doing.
During registration process in my Android Chat application, I post data like the desired userid (jabberid), password, email, display name, gender, mobile etc. to my PHP API. The PHP code validates if userid already exists and if it doesn't then it creates the user first in an external mysql database, storing all the fields received in post, and then creates the real user in ejabberd by executing the ejabberdctl register command. There will be some permission issues executing the command inside apace\PHP which I successfully resolved using this answer here. Now I can access the user data using my PHP API.
The idea is that I am not overloading the mnesia database with rarely accessed or modified data. IMHO, this helps if you don't want to switch ejabberd to odbc\mysql mode and lose potential benefits of mnesia or if you are planning to run mnesia in "RAM Only" mode. All this I am saying with limited knowledge of ejabberd, hence don't take my word as gospel.
Related
I am trying to setup ejabberd as IM solution for my project, which will be mobile app + backend. I am using SQL auth (and SQL store for all modules also), using MSSQL via ODBC. I have some questions I didnt find answered in docs.
Do I understand correctly, that ejabberd is multi-tenant (since it can support multiple domains). If so, how are users assigned to particular tenant (domain)? In users table in DB, there is only username (without domain part). Can I have two different users john#jabber.myproject.com and john#jabber.myotherproject.net ?
I want to create XMPP accounts on ejabberd automatically (user doesnt need to know anything about underlaying service) - do I need to register users via API, or can I insert rows directly into DB table users and ejabberd will be OK with it?
In users table in DB, there is only username (without domain part). Can I have two different users john#jabber.myproject.com and john#jabber.myotherproject.net ?
Create a new database for each vhost, and use the host_config option in ejabberd.yml to tell which database to use for each vhost:
https://docs.ejabberd.im/admin/configuration/#database-and-ldap-configuration
Or you can enable the new SQL schema, see https://blog.process-one.net/ejabberd-18-03/
do I need to register users via API, or can I insert rows directly into DB table users and ejabberd will be OK with it?
Both are acceptable. In the second case, there are chances that some task performed at account registration is missing in your server, but I don't remember any module that performs any task at account registration. So, it looks OK.
I'm planning a multi tenancy app with nodejs and sequelize(mysql dialect). I'm gonna have a single app and multiple databases for each client. I'd need to connect to a client database after authentication (with passport.js). So there is a classic master database with clients info and db user,host and pwd, and then after the successful login the app connects to the specific client db. How could i do something like this? I was thinking to use sessions...maybe a middleware that for each request fetch the session and then passes the data to sequelize config object? Could anyone share with me how he/she manage to do something similar? I'm stuck in a logical trap ! Thank you
You're very close.
When you look up the user in your master db, in order to validate the username/password, you will also look up the connection string to the user-specific database. Then youu can create a simple express middleware function to open up the specific connection at the beginning of each request.
You will need usernames and passwords for the databases. For best security, they should not be the same as the users' usernames and passwords: If somebody cracks your web app and user table, you don't want them to have all the passwords.
But, what you propose is not classic multitenancy. Multitenancy is creating a single database, in which the various tables have columns mentioning which user they are for. Then once passport tells you the user's id, you can put it into your queries (for example, SELECT .... WHERE user_id = <<value>> AND ....
Your proposal will work tolerably well for a few dozen users. But what happens if you get tens of thousands of users? That will be a lot of separate databases.
Suppose you're writing a simple database web application using Ruby and MySQL. Access to the database is controlled by Ruby code. The user name that the Ruby code uses to access the data is the only regular user on the database. Does it make sense for that user to be "root"? Or is there any extra security in creating a second user just for the application?
Simple, consider the root as the main user, who can do everything (by default).
If he wants to dump the whole database, he can, if he wants to create some data to create (for example) fake account to overpass your bank system, he can.
So if your code is not enough secure (and this is quite often usually), you have strong security issue.
Usually, "a basic" security (really basic), should looks like that :
create a simple user, give him (with GRANTS) the right to SELECT, INSERT, UPDATE and DELETE on a specific database.
create another user who can SELECT and lock tables and SHOW VIEWS to perform dump (database save).
On a more "complex" system, you should create many users, depending of what they should access, this is for simple reason : if somebody got a SQL injection access, if the user can only access to a single view (for example), and not the whole database, this is a security issue but not the baddest one...
Also view are often used for that...
And finally don't forget triggers if you want (for example a log table), to disable insert or update or delete on a table, for everybody (except somebody who can destroy trigger of course) :
Use a trigger to stop an insert or update
Besides editing or deleting all data in your database, the root user also have the FILE privilege which gives access to:
LOAD DATA INFILE which can be used to read any file on the server machine.
LOAD DATA LOCAL INFILE which can read files on the client machine (the web server machine).
SELECT ... INTO OUTFILE which can create files on the server machine.
This is why your application should have only the privileges it needs, and this is also the reason your MySQL server daemon should be run as a non-privileged user on the server machine.
See also General Security Issues in the manual.
If everybody/thing is root, you lose auditability, you lose the ability to restrict the app to stop attacks (i.e. your app doesn't need this segment of sensitive information, seal it away from its user). If somebody compromises the app, you can suspend the account etc.
I would not make a user "root".
I'd create a separate username and password just for that application and GRANT it only the permissions required to do its job.
I would create a new user, giving it only the permissions it needs (SELECT, UPDATE, INSERT and DELETE usually do the trick). Like that, you limit the ability for the code to be manipulated in an unintended way.
"root", or generally speaking, users with Super User privileges, can change passwords, delete accounts, and therefore prevent you from accessing your own database.
If you server hosts only one application, then you may not need to create several lesser privileged accounts. However, it is common practice to create at least one user for each application, so that if one application gets compromised, other applications (and underlying data) may not be.
how to connect database table with the local username id and password of the system?. When user logs into the machine. opens up the software, he gets only the assets alloted to him. asset information is contained in the database table..anyone has any idea on how to implement this.I'm using mySQLdb with pyqt4.(creating an asset manager, user gets only the assets alloted to him )
As has been stated in the comments, the tables should not be any different between users. Also, there is no way to get the users password without them entering it again. And once you do have them enter it, you would have to use some method to authenticate them, such as checking it against an LDAP server.
Otherwise, if you simply want to base the delivery of database information of the current logged user and assume that them being logged in is enough of an authentication, you could simple get the login name with os.getlogin()
Most likely what you would just be doing is selecting on your table, data that has that username as matching criteria of some column. You wouldn't be using any sort of database-level authentication to filter the data. The authentication comes from some other earlier layer.
In pseudo-code: select * from assets where user is <result of os.login()>
With regards to the reason you are getting downvotes... People would like to see more context about your problem to understand the solution you are after. What is the structure of your database tables? Are you associating asset records with users? Is there a specific need for security or simply automatically identifying a user that is running the software? People on SO that take a little more time to outline their problem, the context, and what they have tried, tend to get better responses and upvotes.
I just realized that there is no best way to hide MySQL string connection password in my executable file, especially in JAR file. Even encrypting it in EXE would only slow down the process (although I'm not sure how much time would it take to get an encrypted password from an EXE file).
So, from my understanding, I need something in the middle that would do the add, edit, delete etc to the database. Seems like a job for REST API or maybe SOAP services.
My question is, which one should I use? Or should I use something else? I was thinking Zend Framework to create those REST APIs. Then, I would use Qt to create a desktop application to call those APIs. But if I proceed with REST, my application would be a 3 tier application. Wouldn't it be better if I just create a web application? Maybe I should just stick to desktop application call those APIs since the application is already finished and I just need to change from connecting directly to MySQL to calling those APIs to perform tasks rather than changing the whole application to a web.
Any advice would be very helpful. Thanks in advance.
UPDATE:
I'm looking for a security that would protect my MySQL password connection.
Obfuscator would only obfuscate the code, it won't hide my string database information which In my opinion can be easily found using grep after decompiling the JAR using tools like JAD.
About my application:
Using a centralized MySQL database
Thousands of user
Contains sensitive information
My client uses Linux and Windows
My server uses Linux
All access are done in LAN, no outside connection (from Internet etc)
My current solutions (comments please):
Using REST APIs (safer since MySQL password is in the server)
Using Qt with encryption to the password
It depends on what kind of security are you looking for. Is this to protect the application from the user? To protect the user's data from other users? To protect multiple users' data from one another? To protect the user's data from an attacker?
In a lot of applications there's nothing wrong with storing the database login credentials in plain text. In other cases, you might try:
encrypting a user-chosen database password using a reasonably strong algorithm, e.g. Blowfish, using a hard-coded key;
having the user provide the password and "log in" to the program each time;
storing the database password in plain-text, but encrypt the data using a hard-coded key;
same as the above, but encrypt each user's data using their own provided password;
same as 2 but store each user's data in their own database with their login info as the database credentials;
storing the data on a secure remote database that users have to log into to access via a SOAP API;
using the native filesystem permissions to protect the configuration file holding the login credentials;
same as #1 but rolling your own really elaborate key-generation system: e.g. run the machine SID or a hardware id through MD5 using a randomly-generated salt, and then using the result to encrypt the login credentials.
Remember, there's no such thing as perfect security, so whatever you settle on doesn't need to be unbreakable. It just needs to be tough enough to break to make the hassle of circumventing the security mechanism exceed the value of the data. So, for example, if the data is a list of the top scores in Minesweeper, then ROT13 would probably be enough.
Edit:
I just want to add that, even if you can't get around having to hard-code an encryption key in your application, there are obfuscators for Java, .NET, and most other popular languages/frameworks. One of the key uses of these tools is to hide sensitive hard-coded strings like encryption keys.
Edit 2:
Given the additional details about the app in question, only 1, 6 and 8 would apply in this case. And a SOAP API is more appropriate for #6 as George rightly pointed out.
I also want to mention that there are Java resource obfuscators that encrypt string literals. This is just one example.
It pretty much depends in what environment your app runs
a) db and client local
b) db and client in a local network
c) db is in the internet
my two cents:
a) I would create a single db user and wouldn't use a password but restrict acces to localhost
b) direct connect to the database is fine but I would each user have to login with his own password and grant only the permissions he needs.
c) It's a bad idea to allow mysql connections to a public server. In this case webservices would be a good solution.
Anyway if your case is b or c I would stick with a login dialog for the user.
Maybe you should have a look at this http://www.greensql.net/ tool.
It is like a firewall but for mysql/postresql
So you can deny anything and only allow queries you want to.
If you are using Java for implementing your database desktop application, I would recommend to use Java DB as the database. There is a few ways of securing it, and there are alternatives to having a password in the connection string. I would recommend to read Java DB Security - Security Features in Java DB Release 10.4
It is easy to deploy your application with Java DB, since you can have much of it embedded in the same jar file. I have used it in a Point of Sale application implemented in Java.