<div dir="ltr"><div dir="ltr">Hi Tim,</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Jun 3, 2019 at 10:22 AM Tim Sutton <<a href="mailto:tim@kartoza.com">tim@kartoza.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="overflow-wrap: break-word;">Hi All<div><br></div><div>As explained by the subject line, I would like to reply a QGIS 3.x server based site where the project uses the QGIS authentication framework to store user names and password for the database connection in an encrypted manner.</div></div></blockquote><div><br></div><div>See these env vars for setting up access to an authentication database from within Server:<br><a href="https://github.com/qgis/QGIS/blob/master/src/server/qgsserver.cpp#L234-L238">https://github.com/qgis/QGIS/blob/master/src/server/qgsserver.cpp#L234-L238</a><br></div><div><br></div><div>I have not tested this with recent QGIS versions, but maybe someone who has worked with Server and the auth system may have (Alessandro?).</div><div><br></div><div>Most non-interactive auth method plugins should work, e.g. Basic, PKI, etc. The OAuth2 auth plugin will not work if using a grant flow that requires interaction; instead, use Resource Owner (the plugin doesn't support Client Credentials grant flow).</div><div><br></div><div>Of course, this means the qgis-auth.db will need pre-populated using QGIS Desktop prior to use by Server. You will probably want to create a new profile, so that no other credentials are stored in the SQLite qgis-auth.db file, or restart QGIS specifically to work on a specific qgis-auth.db file (using option --authdbdirectory <dir>).</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="overflow-wrap: break-word;"><div>I have used the authentication manager before on my desktop, but what do I need to do to set things up in a server environment?</div><div><br></div><div>Also the list of supported services in ’Settings->Authentication->Installed Plugins’ does not currently include Oracle. Did anyone use  the authentication manager against an Oracle database before?</div></div></blockquote><div><br></div><div>I have investigated adding auth support to Oracle in the past, but did have the chance to implement it. Generally, since it uses a QgsDataSourceURI object for configurations, at least the Basic auth method plugin's update function should be easy to adapt:<br><a href="https://github.com/qgis/QGIS/blame/master/src/auth/basic/qgsauthbasicmethod.cpp#L87">https://github.com/qgis/QGIS/blame/master/src/auth/basic/qgsauthbasicmethod.cpp#L87</a><br></div><div><br></div><div>This means probably adding a conditional branch based upon oracle provider, similar to what was done for ogr/gdal:<br><a href="https://github.com/qgis/QGIS/blame/master/src/auth/basic/qgsauthbasicmethod.cpp#L201-L202">https://github.com/qgis/QGIS/blame/master/src/auth/basic/qgsauthbasicmethod.cpp#L201-L202</a><br></div><div><br></div><div>Then, it is a matter of just integrating the auth updating during Oracle connections (and its pool), and adding the auth widget into the Oracle connection GUI. This would be similar to how Postgres provider was updated to support the auth system.</div><div><br></div><div>Regards,</div><div><br></div>Larry Shaffer<br>Dakota Cartography<br>Black Hills, South Dakota<br><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style="overflow-wrap: break-word;"><div></div><div>Thanks!</div><div><br></div><div>Regards</div><div><br></div><div>Tim</div><div><br></div><div><br></div><div><br><div>
<div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;line-height:normal;text-align:center"><span>—</span></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;letter-spacing:normal;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;line-height:normal;text-align:center"><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br></div><br class="gmail-m_4950243732041214166Apple-interchange-newline" style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><span style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none"><span><span><span><span><span><span><span><span><span><span><span><img id="gmail-m_4950243732041214166882A2310-CB8D-4847-B330-552D9CCEEBCC" src="cid:16b28760a512451cdf21"></span><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br class="gmail-m_4950243732041214166Apple-interchange-newline"><br class="gmail-m_4950243732041214166Apple-interchange-newline"><br class="gmail-m_4950243732041214166Apple-interchange-newline"><br class="gmail-m_4950243732041214166Apple-interchange-newline"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><b>Tim Sutton</b></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><b>Co-founder:</b><span class="gmail-m_4950243732041214166Apple-converted-space"> </span>Kartoza</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><b>Ex Project chair:</b><span style="font-weight:normal"><span class="gmail-m_4950243732041214166Apple-converted-space"> </span><a href="http://QGIS.org" target="_blank">QGIS.org</a></span></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal">Visit <a href="http://kartoza.com/" target="_blank"><span>http://kartoza.com</span></a> to find out about open source:</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal">Desktop GIS programming services</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal">Geospatial web development</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal">GIS Training</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal">Consulting Services</div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal;min-height:14px"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><b>Skype</b>: timlinux </div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><b>IRC:</b><span class="gmail-m_4950243732041214166Apple-converted-space"> </span>timlinux on #qgis at <a href="http://freenode.net" target="_blank">freenode.net</a></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><br></div><div style="color:rgb(0,0,0);font-family:Helvetica;font-size:12px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;text-align:center;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;text-decoration:none;margin:0px;line-height:normal"><span style="color:rgb(102,106,115);font-family:"Proxima Nova",sans-serif;font-size:14px;text-align:left;background-color:rgb(255,255,255)">I'd love to connect. </span><a class="gmail-m_4950243732041214166t-quick-start-share-link" href="https://calendly.com/timlinux" style="color:rgb(0,162,255);text-decoration:none;font-family:"Proxima Nova",sans-serif;font-size:14px;text-align:left" target="_blank">Here's my calendar link</a><span style="color:rgb(102,106,115);font-family:"Proxima Nova",sans-serif;font-size:14px;text-align:left;background-color:rgb(255,255,255)"> to make finding time easy.</span></div>
</span></span></span></span></span></span></span></span></span></span></span></div>
</div>
<br></div></div>_______________________________________________<br>
QGIS-Developer mailing list<br>
<a href="mailto:QGIS-Developer@lists.osgeo.org" target="_blank">QGIS-Developer@lists.osgeo.org</a><br>
List info: <a href="https://lists.osgeo.org/mailman/listinfo/qgis-developer" rel="noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/qgis-developer</a><br>
Unsubscribe: <a href="https://lists.osgeo.org/mailman/listinfo/qgis-developer" rel="noreferrer" target="_blank">https://lists.osgeo.org/mailman/listinfo/qgis-developer</a></blockquote></div></div>