Hi Larry, thanks for pointing these things out, however I am not sure how to continue.
My situation is as follows: I have some 100 users that connect to our central PostgreSQL DB. Most of them have a personal DB account granting them write access to certain tables. Keeping their password in a secure place is essential and I thus adviced them to not store it with QGIS nor to share projects that contain layers loaded with their personal account. The Authentication system seems to solve both problems.
However I have about 30 plugins for inhouse use that ease data access. Some of these plugins directly query the database for reporting. Furthermore I provide the plugin DataDrivenInputMask, that directly queries the DB, too. I use QtSql for that.
Security reasons in respect to PostgreSQL connections: Any Python plugin can currently access stored credentials either in QtSettings or in any loaded PostGIS layer, so accessing them through the authentication system is neither better nor worse from a user's perspective (IMHO) compared to the current (10+ years old) situation. Not providing access will increaese security, of course. So until the mentioned api is in place I would opt for only deprecating the direct access, maybe have the user allow access for the plugin (only once and store his answer in the auth-DB).
If direct access to PostgreSQL credentials cannot be granted it would be good if the future api could return a QtSqlDatabase object (which, of course, contains the credentials accessible through QtSqlDatabase.userName() and QtSqlDatabase.password() methods).
best regards Bernhard Am 12.01.2016 um 23:36 schrieb Larry Shaffer:
Hi Bernhard, Please note that the Python support for direct access to the credentials via the auth method config *may* be completely removed for security reasons. Ideally, the expansion of credentials within a given auth method config would only be done within the core application and connection methods (HTTP, etc.) would be offered through a Python API. In this way an authcfg token can be passed in and the connection established without access to credentials. However, such support and an API are not currently available. It is simple enough to add to QgsNetworkAccessManager for HTTP[S] connections, but not so simple for other types of connections, e.g. database via a library or client. Once completed this means a plugin would not be able to access the credentials and pass them on to a different connection method, e.g. Python HTTP lib, etc. Once such an API is available (or even now, with some work), plugins could be 'authorized' by the user for access to credentials using revocable access tokens or signed/revokable certificates. Until then, the continued Python access to the auth system credentials means security is not good for the user. It should be considered for deprecation or just complete removal in 2.14 release. Regards, Larry Shaffer Dakota Cartography Black Hills, South Dakota QGIS Support/Development | Boundless [email protected] <mailto:[email protected]> On Tue, Jan 12, 2016 at 8:14 AM, Bernhard Ströbl <[email protected] <mailto:[email protected]>> wrote: Hi Luigi, many thanks! That was the key. I now have <code> am = QgsAuthManager.instance() myAuthMethodConfig = QgsAuthMethodConfig() am.loadAuthenticationConfig(mykey,myAuthMethodConfig,True) myAuthMethodConfig.configMap() </code> Bernhard Am 12.01.2016 um 15:58 schrieb Luigi Pirelli: Hi Bernhard be inspired by Boundless qgis-geoserver-plugin https://github.com/boundlessgeo/qgis-geoserver-plugin/blob/master/src/geoserverexplorer/gui/gsexploreritems.py#L502 I hope it's enough cheers Luigi Pirelli ************************************************************************************************** * Boundless QGIS Support/Development: lpirelli AT boundlessgeo DOT com * LinkedIn: https://www.linkedin.com/in/luigipirelli * Stackexchange: http://gis.stackexchange.com/users/19667/luigi-pirelli * GitHub: https://github.com/luipir * Mastering QGIS: https://www.packtpub.com/application-development/mastering-qgis ************************************************************************************************** On 12 January 2016 at 12:47, Bernhard Ströbl <[email protected] <mailto:[email protected]>> wrote: Hi all, my goal is that my users do not save their PostgreSQL passwords in clear text but that they use the new Authentification system to do so. For my plugins I would need access to the PostgreSQL username and password, though. Is this generally possible in spite of security considerations as mentioned in the QGEP? If yes, how would I do it? what I have so far is: <code> am = QgsAuthManager.instance() myAuthMethodConfig = am.availableAuthMethodConfigs()[mykey] myAuthMethodConfig.configMap() # returns an empty dict :-( </code> QGIS 2.12.2 any help appreciated regards Bernhard [1] https://github.com/dakcarto/QGIS-Enhancement-Proposals/blob/auth-system/qep-14-authentication-system.rst __________ Information from ESET Mail Security, version of virus signature database 12855 (20160112) __________ The message was checked by ESET Mail Security. http://www.eset.com _______________________________________________ Qgis-developer mailing list [email protected] <mailto:[email protected]> List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer __________ Information from ESET Mail Security, version of virus signature database 12856 (20160112) __________ The message was checked by ESET Mail Security. http://www.eset.com
__________ Information from ESET Mail Security, version of virus signature database 12860 (20160113) __________ The message was checked by ESET Mail Security. http://www.eset.com _______________________________________________ Qgis-developer mailing list [email protected] List info: http://lists.osgeo.org/mailman/listinfo/qgis-developer Unsubscribe: http://lists.osgeo.org/mailman/listinfo/qgis-developer
