Custom database connection using miniOrange for authentication

What is authentication using Custom Database Connection?

MiniOrange provides the ability for database connection and use it as authentication user store to enable Single Sign-on (SSO), Multi-factor authentication, etc. for your external applications. Here, miniOrange makes custom database work as user store for authentication. Users will login using their custom database credentials only once and have a seamless SSO login into the other applications. We develop connection between miniorange and your database as user store.

What is a custom database and why use miniOrange for authentication?

  • A custom database can be any DB which you can use for saving user data and other user information for your custom application for authentication or login or any other purposes. miniOrange provides connection support for all the popular custom database, such as MongoDB, MySQL, MS-SQL, Oracle, PostgreSQL, SQL Server, etc.
  • The highlighting feature for using custom database connection for authentication and login is that you do not have to move your identites to any other place. So all user data is secure in your DB itself.
  • Enable Single Sign-on, MFA for authentication on your Custom applications or CRM/HRM/CMS/LMS where users are stored in DB and do not support any Single Sign-On protocol inherently like Wordpress, Moodle, Drupal or rather any custom application which is storing the users.
  • miniOrange provides provisioning for on-the-fly user creation at the time of SSO login and you can import users using JSON / CSV file.
  • Configure multiple user store for login to your applications with multiple authentication protocol support such as SAML, OAauth, etc. for different user groups based on roles and responsibilities.

Step 1: Setup custom Database connection as user store

  • Login into your miniOrange Admin console and navigate to User Stores->Add User Store, and select the Database Tab.

    Database connection as user store
  • Enter the custom Database user store Identifier it can be any name relevant to the User store.
  • Select the DB type, we currently support:-
    • MySQL
    • Postgres-SQL
    • MS-SQL
  • Database Type Connection URL Port Number Default Hashing Default
    My-SQL
    jdbc:mysql://hostname:port/database-name
    3306 SHA-256
    MS-SQL
    jdbc:sqlserver://hostname:port/database-name
    1433 SHA-512
    Postgres sql
    jdbc:postgresql://hostname:port/database-name
    5432 MD5
  • Database HostName (You can check with your administrator for this) and port number (refer to defaults above)
  • The custom Database name (database-name) to establish connection with, which stores the users.
  • Enter the Username and Password of the user which has permissions to access the DB mentioned above.
  • Enter the Table name, where users are stored for authentication.
  • Enter the column name for Usernames (which can be Email-address, Unique IDs) and Password columns respectively.
  • Add attributes allows us to send attributes from DB to any configured application. You can write a query to fetch the attributes which should be of below format:
    For example, We want to fetch FirstName from table users with a where clause and username, the '?' will be replaced by the actual username fetched from the Username column mentioned above.SELECT 'FirstName' as VALUE, FirstName FROM `users` WHERE username = ?;
  • Select the Hashing type used for hashing the password. We support the below Hashing types:
    1. SHA512
    2. SHA1
    3. MD5
    4. PHPPASS
    5. BCRYPT
  • Default Settings for Wordpress as User store:

  • You can access wp-config.php in the root Wordpress folder to get the DB hostname, port number, DB name using the below keys.

    Database Type MySQL
    Database Host DB_HOST
    Admin username and Password DB_USER and DB_PASSWORD
    UserTable wp_users
    Username Column user_login
    Password Column user_pass
  • Attribute Query example for First Name:  SELECT 'first_name' as VALUE, first_name FROM `wp_usermeta` WHERE userid= (select ID from wp_users where user_login=?);

Step 2: Testing database connection:

  • After clicking on save, click on Select-> Test Connection. Enter the login credentials of the user stored in the DB (user store) for testing if the database connection is correctly set up.

    Custom Database Authentication View Configured IDPs
  • Step 3: Configure Your application in miniOrange

    • Login to miniOrange Admin Console.
    • Go to Apps >> Manage Apps. Click on Configure Apps button.
    • azure ad saml Apps
    • Then click on Create App under SAML.
    • azure ad saml Apps
    • Search for you Application. In case you do not find your app, search for Custom SAML App.
    • azure ad saml Apps azure ad saml Apps
    • Get the ACS URL and SP Entity ID from your application.
    • Enter the following values OR click on Import SP Metadata:
    • Service Provider Name Choose appropriate name according to your choice
      SP Entity ID or Issuer Your Application Entity ID
      ACS URL X.509 Certificate (optional) Your Application Assertion Consumer Service URL
      NameID Format  Select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
      Response Signed Unchecked
      Assertion Signed Checked
      Encrypted Assertion Unchecked
      Group policy Default
      Login Method
    • Click on Save to configure Your applcation.
    • Now to get the IDP metadata of the app configured, Go to apps >> your_app >> select >> metadata tab.
    • azure ad saml Apps
    • Click on the Show Metadata details in the Information required to Authenticate via External IDPs section. Download the metadata XML file by clicking on Download Metadata button or copy the Metadata URL link.
    • azure ad saml Apps
    • You need to Upload this metadata in your application.

    Step 4: User Provisioning with database

    • Navigate to Users-> User Provisioning settings.
    • Custom Database Authentication user provisioning settings
    • Select the custom Databasefrom the drop down menu.
    • Check the provisioning features.
    • Database connection user provisioning save configuration
    • To import the users from connected Database, go to the User Provisioning, Click on the Import Users button.
    • Select the Database from the drop down menu and save the configuration.
    • Database connection user provisioning database configuration
    • Now go to the Users >> User List and you will find the all the users imported from Database.
    • Database connection user provisioning user list
    Hello there!

    Need Help? We are right here!

    support
    Contact miniOrange Support
    success

    Thanks for your inquiry.

    If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com