| OHDSI Home | Forums | Wiki | Github |
Hello,
As Atlas at my end is all up and running, and I checked the security configuration document too at http://www.ohdsi.org/web/wiki/doku.php?id=documentation:software:webapi:basic_security which says do not use this in production environment.
can someone please help me understand and let me know on how can we add security for Atlas once it will be deployed into production.
@Ajit_Londhe @Chris_Knoll
No response received so tagging you guys 
Thank You
Sorry @ambuj, I don’t know much about security in Atlas. Along with Chris, tagging @anthonysena, @pavgra
Same here, someone with direct experience with setting it up should be able to help you.
Which security provider are you going to use? (e.g. Active Directory, LDAP, custom DB)
@pavgra
Hello Pavel,
Is there any update on security part? or such things is yet to be developed?
Thanks
Both AD and LDAP are supported by Atlas. Example of configuring AD is below (passed as mvn parameters; could be set as environment vars):
-Dsecurity.ad.url=ldap://odysseusdomain.com:389
-Dsecurity.ad.searchBase=cn=Users,dc=odysseusinc,dc=domain
-Dsecurity.ad.principalSuffix=@odysseusinc.domain
-Dsecurity.ad.system.username=Administrator
-Dsecurity.ad.system.password=verySECRET
Hi @ambuj - we’ve done some work to update the WebAPI documentation and we’ve moved it to GitHub. The security guide is now found here:
In your original post, you noted: the basic security setup guide says do not use this in production environment. The reason for that is: the basic security setup guide walks through setting up a dedicated database for storing user identifiers and encrypted passwords for use with ATLAS. Storing both the user identifiers and passwords (even encrypted) together is a bad security practice. The updated security guide referenced above provides guidance for setting up both WebAPI and ATLAS to use enterprise grade authentication mechanisms such as Active Directory.
This did not work for me. The username and password are actual AD admin username and passowrd.
If yes, Is it secure if its in clear text?
Do we have to add any settings in Atlas config-local.js or it will automatically recognize it?
Can you provide sample setting.xml and config-local.js for the AD settings?
Thanks.
I created an openssl certificate to add SSL/TLS for Atlas over tomcat server and added the connector port details in tomcat’s server.xml using port 443.
When I try to open https://localhost/WebAPI/source/sources, I get error 401.
I have added details of my settings.xml, server.xml, screenshot for WebAPI and Atlas in following post.
I haven’t received any response there , so posting it here.
Please help.
TIA
@Chris_Knoll @pavgra
Hello Guys,
Basic security implementation works like a charm, now I am planning to integrate Active Directory with Atlas.
Please let me know if the steps I wrote down below are correct:
Is that all? Or something else I need to keep in mind while integrating AD with Atlas.
Thanks
-Ambuj
We are eager to implement this also.
Thanks!
@ambuj were you able to implement LDAP successfully? if Yes, can you provide more information on steps for implementation.
@Shweta
I have configured Atlas for AD integration,
Steps you can follow to configure it :
Hope it helps.
@ambuj
Can you share more details on step 1 and step 3? I tried steps 1 through 4, I am getting permission denied and following error:
Hi Ambuj,
I need your help to configure the AD for Atlas .
Could you please share the detailed steps ??
I am getting below issue while setting ldap/Ad
