wiki:DatabaseAuthentication

Database Authentication

Database Authentication allows an experimenter to limit the names with which subjects are allowed to connect to the multistage server, by checking the names against entries in a database, as specified by the experimenter.

Enabling Database Authentication

To enable Database Authentication, the experimenter must modify (or add) a line to the mult-server.properties file in the conf subdirectory of the multistage installation. The verifier parameter must be set to the value DatabaseId?:

verifier=DatabaseId

Configuring Database Authentication

The parameters for configuring Database Authentication are to be specified in the auth-db.properties file in the conf subdirectory of the multistage installation.

FieldValue TypeRequiredDefault ValuePurposeExample
dbDriverStringYesNoneThe java classpath of the database driver which will be used to talk to the database specifieddbDriver=org.gjt.mm.mysql.Driver
dbServerStringYesNoneThe address of the server where the database is locateddbServer=jdbc:mysql://servername.serverdomain.com:3306/name
dbNameStringYesNoneThe name of the database where the names will be storeddbName=name_database
dbLoginColumnStringYesNoneThe name of the column in the database that the acceptable login names will be storeddbLoginColumn=login
dbLoginStringYesNoneThe username needed to log into the databasedbLogin=username
dbPasswordStringYesNoneThe password needed to log into the databasedbPassword=qwerty

For the examples above, the Database Authentication service would try to use a mysql driver called org.gjt.mm.mysql.Driver (which would need to be located in one of the .jar files in the 'lib' subdirectory of the multistage installation) to connect to a database at jdbc:mysql://servername.serverdomain.com:3306/name which is called name_database and whose entries have a column called login which contains the login names the experimenter wants subjects to be able to log in with. The software would try to log into the database using the user name "username" and the password "qwerty".

If any of these parameters are incorrect in the configuration files, and the software has trouble connecting or finding names in the database, Database Authentication will be abandoned and subjects will be able to log in with any name they choose.

Last modified 4 years ago Last modified on Oct 18, 2013 4:14:47 PM