Interface KVStoreAuthConfig

This configuration is required to authenticate against secure On-Premises Oracle NoSQL Database. It should be set as kvstore. To authenticate against secure kvstore the driver needs user name and password of existing store user that has required permissions to perform needed database operations (see Connecting an Application to On-Premise Oracle NoSQL Database on how to set up access to secure On-Premise Oracle NoSQL database). The are 3 ways in which these credentials may be specified. In order of increased security, they are:

  • You may set user name and password explicitly as user and password (see example). This is not very secure since password will be in memory in plain text. If password is specified as Buffer, it will be copied when NoSQLClient is created and erased when NoSQLClient is closed.
  • You may store user name and password in separate JSON file and set the path to this file as credentials property. This file should contain credentials in the form of KVStoreCredentials. It is more secure to store these credentials in a separate file instead of main config file as access to this file may be further restricted by appropriate permissions. In addition, the credentials will not be stored in memory but loaded from the file every time when login is required.
  • You may implement and use your own KVStoreCredentialsProvider to access credentials in secure way (e.g. by storing them in a keystore or in encrypted form). Set the provider instance as credentials property. The credentials should be returned in the form of KVStoreCredentials.

See Connecting an Application to On-Premise Oracle NoSQL Database tutorial on how to set up the driver to access secure on-premise NoSQL store via proxy. Note that secure on-premise NoSQL store uses the same endpoint for authentication and to perform database operations. This endpoint must be using https protocol. See endpoint.

If autoRenew property is set to true (which is the default), after initial login is done, the driver will renew authentication token each time it reaches half of its lifetime (half-point between acquisition and expiration). Renew request requires only existing token and does not require user credentials. If renew request fails, the token will eventually expire and the driver will perform another login (errors due to token expiration are automatically retried by the driver).

See

Hierarchy

  • KVStoreAuthConfig

Properties

autoRenew? credentials? password? timeout? user?

Properties

Optional autoRenew

autoRenew?: boolean

If set to true, the driver will attempt to renew the authentication token half way before its expiration time.

Optional credentials

credentials?: string | KVStoreCredentialsProvider | (() => Promise<KVStoreCredentials>)

A string representing file path to credentials file (absolute or relative to current directory) or an instance of user-defined credentials provider. May not be specified together with user or password properties.

Optional password

password?: string | Buffer

User's password. May only be specified if user property is also specified. If password is represented as Buffer, it must be UTF8-encoded.

Optional timeout

timeout?: number

Timeout used for login and renew-token requests, in milliseconds.

Default Value

30000 (30 seconds)

Optional user

user?: string

NoSQL database user name. May not be specified together with credentials property.

Settings

Member Visibility

Theme

Generated using TypeDoc