Differences

This shows you the differences between two versions of the page.

--- documentation:software:webapi:basic_security [2018/03/19 17:37]
frank_defalco
+++ documentation:software:webapi:basic_security [2019/04/19 16:22] (current)
anthonysena
@@ Line 1: / Line 1: @@
-====== Basic Security Configuration ======
+===== IMPORTANT NOTE =====
+All WebAPI documentation has moved to [[https://github.com/OHDSI/WebAPI/wiki|GitHub]]. Please disregard the content below as it is legacy and kept for posterity.
+====== Basic Security Configuration (LEGACY)======
 This tutorial will demonstrate how to configure the OHDSI WebAPI and ATLAS using the OHDSI WebAPI's built in SHIRO security configuration.  This configuration is intended for use in demonstration environments and is explicitly NOT for use in production.
@@ Line 11: / Line 15: @@
 <code>
-<security.enabled>true</security.enabled>
+<security.provider>AtlasRegularSecurity</security.provider>
 <security.origin>*</security.origin>
 <security.db.datasource.url>jdbc:postgresql://localhost:5432/ohdsi</security.db.datasource.url>
@@ Line 43: / Line 47: @@
 </code>
-Next you will need to insert a sample record that will contain our demonstration username and password.  The password is encrypted using BCrypt.  You can create your own username and password or use the sample insert statement provided below where we have already encrypted the password 'ohdsi' for the user named 'ohdsi'.
+Next you will need to insert a sample record that will contain our demonstration username and password.  The password is encrypted using BCrypt.  You can create your own username and password or use the sample insert statement provided below where we have already encrypted the password 'ohdsi' for the user named 'ohdsi'.  To create a different password hash using BCrypt you can use the following web site:
+https://www.dailycred.com/article/bcrypt-calculator
+And then put that password hash into the statement below.
 <code>
@@ Line 79: / Line 87: @@
 </code>
-===== Conclusion =====
+===== Becoming an Admin =====
-You should now be able to load ATLAS and find that you can login to the environment using the newly created user and password information.
+You should now be able to load ATLAS and find that you can login to the environment using the newly created user and password information.  However, you will have limited permissions.  The following query will list the current permissions that your login has in the database:
+<code>
+select sec_user.id as user_id, login, sec_role.id as role_id, sec_role.name as role_name
+from sec_user
+join sec_user_role on sec_user.id = sec_user_role.user_id
+join sec_role on sec_user_role.role_id = sec_role.id
+</code>
+To grant yourself administrator privileges you can run the following query:
+<code>
+insert into sec_user_role (user_id, role_id) values (1000,2)
+</code>
+Now by logging out and logging back in to ATLAS you should be granted administrative rights across the system.  You will then be able to manage other permissions from the 'Manage permissions' section found in the configuration tab.

Observational Health Data Sciences and Informatics

User Tools

Site Tools

Differences

Page Tools