Skip to main content
Version: 2.6 (latest)

Configure basic authentication

Configure Basic authentication to enable password-based authentication for the Data Migrator and Hivemigrator API.

You'll need to configure the same user password combination for Data Migrator and Hivemigrator in each component's properties file, and update your UI with the new credentials.

info

Enable Basic authentication (Data Migrator)

Use the following steps to enable basic authentication on the Data Migrator API:

  1. Open /etc/wandisco/livedata-migrator/application.properties in a text editor.

  2. Comment out security.type=off.

    #security.type=off

  3. Uncomment the following security parameters to make them apply.

    security.type=basic
    security.basic.user=admin
    security.basic.password={bcrypt}$2a$10$kXzfqwiiCY/ZW9e9BboNmuIbe5xe2kNjdk1YNUxmsCaQ7PlBLCe4W

    The default username is admin. If you provide your own username, it must not include empty spaces.

    note

    To allow the UI to connect successfully, use the same username and password combination for Data Migrator and Hivemigrator.

  4. Replace the example security.basic.password with your own bcrypt-encrypted password. Paste your encrypted password hash after the prefix {bcrypt}.

  5. Save and close the file.

  6. Restart the Data Migrator service. See System service commands.

tip

When basic authentication is enabled, enter the username and password when prompted to connect to Data Migrator with the CLI.

Enable Basic authentication (Hivemigrator)

Use the following steps to enable basic authentication on the Hivemigrator API:

note

The hivemigrator.password uses the bcrypt encryption format but the hivemigrator.integration.liveDataMigrator.password requires the same password encrypted with the livedata-ui encryptor tool.

  1. Open /etc/wandisco/hivemigrator/application.properties.

  2. Under the security section, ensure micronaut.security.enabled is "true".

    micronaut.security.enabled=true

  3. Under Credentials used for REST authentication, uncomment and complete the hivemigrator.username and hivemigrator.password properties.

    The hivemigrator.password string must be encrypted using a bcrypt generator that provides a "2a" prefix at the beginning of the encrypted password. Use the same password hash as Data Migrator but the "{bcrypt}" prefix is not required.

    Example
    hivemigrator.username=admin
    hivemigrator.password=$2aBCRYPTPASSWORDSTRING.eMyOt67yEM6TVkz1qeIxDMfaCnI8SjFaRUy
    info

    To allow the UI to connect successfully, use the same username and password combination for Data Migrator and Hivemigrator.

  4. Under Integration with LDM, uncomment and complete the hivemigrator.integration.liveDataMigrator.username and hivemigrator.integration.liveDataMigrator.password properties.

    'Integration with LDM' credentials are used by Hivemigrator to communicate with Data Migrator, so they must match the credentials used for Data Migrator. Use the same password encrypted with the encryptor tool for the value of hivemigrator.integration.liveDataMigrator.password using the format: ENC(<encrypted_string>).

    Example: hivemigrator.integration.liveDataMigrator properties 
    hivemigrator.integration.liveDataMigrator.username=admin
    hivemigrator.integration.liveDataMigrator.password=ENC(7cKiGfBrllGfdBvSSL6LwObc6IzHms44)

  5. Restart the Hivemigrator service. See System service commands.

tip

When basic authentication is enabled, enter the username and password when prompted to connect to Hivemigrator with the CLI.

Update UI with basic auth credentials

After you've enabled Basic authentication on the Data Migrator and Hivemigrator API's, the UI will report both as unhealthy and disconnected until you provide the UI with the credentials.

Use the following steps to set UI basic auth credentials through the UI:

  1. Sign in to the UI and select the Dashboard on the menu.
  2. Select your existing instance from the Instances panel.
  3. Select the Data Migrator option from the Configuration Menu.
  4. Select Remove. When asked to confirm the removal, select Remove. The Data Migrator instance has now been removed.
    note

    Data Migrator comes preconfigured with an instance running on localhost. To remove the preconfigured instance see the Remove Data Migrators steps.

  5. Select View all from the Instances panel.
  6. Select + to add a new instance.
  7. Enter your Data Migrator details, including new basic auth credentials.
  8. Select Connect.
info

Repeatedly selecting the Remove button may cause the operation or the UI to hang.

In some cases, the Data Migrator configuration option for removing a Data Migrator instance may take much longer than expected. Repeatedly selecting the Remove button may cause the operation or the UI to hang. See the following knowledge base article - known issue.

Encrypt a string using the livedata-ui encryptor tool

Data Migrator provides a encryptor tool which includes the option to encrypt strings which can be used for property values.
Encrypt a password string using the livedata-ui encryptor tool with the following steps.

  1. On your Data Migrator host, run the livedata-ui encryptor command on your terminal to open the tool menu.
  2. Enter 1 to choose the Encrypt a string option.
  3. Enter the string you want to encrypt.
  4. Copy the encrypted string provided.