Accessible and manageable by roles that have the “Manage Authentication Services” permission such as “Project Owner”.
1) Identity Authentication Connection with Database
An image containing connection settings for identity authentication with database is shown below:
| Field | Description |
|---|---|
| Name | Name information of the created Database Identity Provider. |
| Description | A description can be written to facilitate management related to the created Identity Provider. |
| Encryption Type (Encryption Type) | If password information is stored encrypted in the table to be used in the database connection, the encryption type of the password stored in the table must be selected. Options: NONE, MD2, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, Blowfish, RC2, RC4, AES CBC NoPadding, AES CBC PKCS5Padding, AES ECB NoPadding, AES ECB PKCS5Padding, AES GCM NoPadding, AES CFB NoPadding, AES CFB PKCS5Padding, AES OFB NoPadding, AES OFB PKCS5Padding, AES CTR NoPadding, AES CTR PKCS5Padding, DES CBC NoPadding, DES CBC PKCS5Padding, DES ECB NoPadding, DES ECB PKCS5Padding, DESede CBC NoPadding, DESede CBC PKCS5Padding, DESede ECB NoPadding, DESede ECB PKCS5Padding |
| Encoding Type (Encoding Type) | Encoding to be used for passwords can be determined. |
| Salt Pre (Salt Pre) | A character sequence to be added before the password before password encryption can be defined. |
| Salt Post (Salt Post) | A character sequence to be added after the password before password encryption can be defined. |
| Database Connection Pool Definition (Database Connection Pool Definition) | The pool from which the database connection will be obtained is selected or created. |
| Query (Query) | A query is used to get username/password pairs or role list from the database. In the query, the username parameter should be defined as “:username” and if there is a password parameter, it should be defined as “:password”. Apinizer works with these special parameter names. Example query: select role_name from t_user_role where email=:username and pwd=:password |
| Test Username (Test Username) | The value to be written in place of the username parameter when the query is executed for testing is entered. This parameter can also be selected from environment variables. |
| Test Password (Test Password) | The value to be written in place of the password parameter when the query is executed for testing is entered. This parameter can also be selected from environment variables. |
2) Identity Authorization Connection with Database
When performing identity authorization, the role field of the relevant user is obtained in the database query. This role field is later matched with the ROLES/GROUPS field in Authorization in the proxy policy. An image containing connection settings for identity authorization with database is shown below: