Stefan, Thanks for response. I want to restrict default REST access but want to allow access through OrientDB server side functions, so blocking port will even block access to functions defined in OrientDB.
Example: I want to block calls like http://<host>:<port>/document/<db>/5:3 http://<host>:<port>/cluster/<db>/demoClass Want to still have REST access to functions defined in OrientDB; call like: http://<host>:<port>/function/<db>/myFunction/arg1/arg2 Regards, Gaurav On Tuesday, March 18, 2014 11:17:02 PM UTC+5:30, [email protected] wrote: > > Hi, > > You can block the port that OrientDB runs on. > You can either do this locally on the machine or limit access to the > machine if it's running on a sub-net. > > Regards, > -Stefán > > > > On Tuesday, 18 March 2014 12:52:51 UTC, Gaurav Dhiman wrote: >> >> Thanks Dexter for info. >> >> Building our REST layer is always an option but that does not block the >> direct DB access. If a user directly connects to DB on bare HTTP/REST, he >> will be able to access thins on it in his/her browser, I want to block that >> and only allow access through functions defined at OrientDB end. >> >> Thanks again for sharing your idea. >> >> Regards, >> Gaurav >> >> >> >> On Sunday, March 16, 2014 12:19:33 AM UTC+5:30, Dexter Pratt wrote: >>> >>> In our case, we built our own REST server application to implement our >>> API - which is responsible for authentication, authorization, and limits on >>> queries - and it accesses OrientDB. >>> >>> It would be cool to do the whole thing in Orient, but our cases >>> are sufficiently complex that I think we need the separate REST server >>> layer. >>> >>> I'll be interested to see how far you can push this. >>> >>> - Dexter >>> >>> Dexter Pratt >>> Director, NDEx project >>> Ideker Lab UCSD / Cytoscape Consortium >>> [email protected] - [email protected] >>> www.ndexbio.org >>> >>> On Saturday, March 15, 2014 at 11:39 AM, Gaurav Dhiman wrote: >>> >>> Any suggestions on this? >>> How to block default HTTP/REST access to DB and only allow access on >>> HTTP/REST through server side functions ? >>> >>> Any suggestions will help a lot. >>> >>> Regards, >>> Gaurav >>> >>> >>> >>> On Thursday, March 13, 2014 8:55:14 PM UTC+5:30, Gaurav Dhiman wrote: >>> >>> Hi, >>> >>> I do not want the default HTTP/REST access open for anyone to look into >>> DB (even logged-in user). >>> I want to give access on HTTP/REST through server defined functions >>> only, all other REST access should not be allowed. >>> >>> How to achieve it ? >>> >>> Regards, >>> Gaurav >>> >>> -- >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "OrientDB" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >>> >>> -- --- You received this message because you are subscribed to the Google Groups "OrientDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
