RSA IMG Collector Data Sheet for MySQL Database Supported

RSA IMG Collector Data Sheet for MySQL Database Supported
RSA IMG Role Collector Datasheet for MySQL Database
RSA IMG Collector Data Sheet for MySQL Database
This sheet provides the configuration information required for database driver to create a new MySQL Database Role
Data Collector.
Supported Software
RSA IMG v#
V6.8.1 and above
Application: MySQL Database
Collector Type: Role Collector
Prerequisites
1. Install the mysql database against which you want to configure a collector
2. Download/get the driver from the respective vendor

For mysql – download mysql-connector-java-5.1.25-bin.jar,
3. Make sure that the downloaded jar should be present at or copied to
<JBOSS_HOME>\server\default\deploy\aveksa.ear\APP-INF\lib on the Aveksa Server or Remote Agent
4. Ensure that the drive which contains the .jar file has the driver class file in it as well.
.
5. Now restart ACM. (Make sure that you do not have any requests in the queue)
6. Define the collector to use the database driver. If the driver is not in the available entries of the Database
Type: then choose OTHER. Define the Driver Class and provide the URL of the given new driver.
Configuration
Collector Description
Field Name
Value
Collector Name
(Required).<Name for MySQL Role Collector>
Version 1.0 February 2015
1
RSA IMG Role Collector Datasheet for MySQL Database
Description
N/A
Role Set
(Required). <Select Role Set from dropdown>
Data Source Type
Database
Agent
AveksaAgent
Associated identity collector
<Select associate identity collector from dropdown>
Status
Active
Copy from
N/A
Should Have Data
N/A
Has Data
N/A
Scheduled
N/A
Configuration Information
Field Name
Value
Driver Class
You can get this information from the documentation of this driver i.e. jar file
downloaded for this collector. For e.g. oracle.jdbc.driver.OracleDriver
Database URL
Syntax is like jdbc:[subprotocol]: [subsubprotocol:][databasename][;attributes].
For any database you need to provide the schema or database name and the port
assigned to this one at the time of its creation. For e.g. jdbc:oracle:thin:@//<Hostname
where database is running>:<Database port>/<Database name>
User Name
Version 1.0 February 2015
Username to login to database (Make sure that this user has all privileges on these
2
RSA IMG Role Collector Datasheet for MySQL Database
tables for e.g. “sys as sysdba”)
User Password
Password to login to database
User Attributes for
Attribute-Filter Validation
This property takes a comma separated list of user attribute names that will be used in
validating the attribute-filters assigned to roles. All the operand names used in the
attribute filter condition must be available in the user attribute names specified to this
property.
If any of the operand names in the obtained attribute filter condition string is not
available in the specified user attribute names, then the attribute filter will be treated as
bad data.
It is MANDATORY to set this property if
"GetRoleToUserAttributeFilterAssignmentsQuery" query is configured.
Attribute Filter Parser Class
Fully qualified JAVA class name for the concrete implementation of
"com.aveksa.sdk.util.AttributeFilterParser" interface in the collector SDK. This class
should provide the functionality to parse the attribute filter condition string obtained from
the native database and it should return the "com.aveksa.sdk.util.Condition" object as
result of the parsing.
It is MANDATORY to set this property if
"GetRoleToUserAttributeFilterAssignmentsQuery" query is configured.
Max Test Data Sample
Records Fetch Limit
This property takes a number that indicates the max number of test data sample
records to be fetched and returned by this collector in case of test data collection. For
example, if a value "5" is configured for this property, then a maximun of 5 role objects
will be fetched and returned. This is OPTIONAL property. Default value assumed when
this property is not set or set to an invalid value is 5.
Max Role Objects Cache
Limit
This property takes a number that indicates the max number of role objects that can be
cached by this collector before publishing them. This is OPTIONAL property. Default
value assumed when this property is not set or set to an invalid value is 100.
Role ID Column
This property takes a number that indicates the max number of role objects that can be
cached by this collector before publishing them. This is OPTIONAL property. Default
value assumed when this property is not set or set to an invalid value is 100.
Role Owner Column
Database column name that represents the user ID of the role owner in role data
table(s). The role owner's user ID will be extracted from this column in the role data
retrieval query resultset. It is OPTIONAL property and must be set when owner
information has to be retrieved in &quot;GetRolesQuery&quot; query.
Version 1.0 February 2015
3
RSA IMG Role Collector Datasheet for MySQL Database
Role Backup Owner
Column
Database column name that represents the user ID of the role backup owner in role
data table(s). The role backup owner's user ID will be extracted from this column in the
role data retrieval query resultset. It is OPTIONAL property and must be set when
backup owner information has to be retrieved in &quot;GetRolesQuery&quot; query.
Child Role ID Column
'Database column name that represents the child role ID in role data table(s). The child
role ID will be extracted from this column in the role to child role mappings retrieval
query resultset.
It is MANDATORY to set this property if "GetRoleToChildRoleMappingsQuery" query is
configured.
Parent Role ID Column
'Database column name that represents the parent role ID in role data table(s). The
parent role ID will be extracted from this column in the role to parent role mappings
retrieval query resultset.
It is MANDATORY to set this property if "GetRoleToParentRoleMappingsQuery" query
is configured.
Group Entitlement ID
Column
'Database column name that represents the group entitlement ID in role data table(s).
The group entitlement ID will be extracted from this column in the role to group
entitlement mappings retrieval query resultset.
It is MANDATORY to set this property if "GetRoleToGroupEntitlementMappingsQuery"
query is configured.
Entitlement Bag Name
Column
'Database column name that represents entitlement bag name in the role data table(s).
The entitlement bag name will be extracted from this column in the role to entitlement
bag mappings query resultset.
It is MANDATORY to set this property if "GetRoleToEntitlementBagMappingsQuery"
query is configured.
User Name Column
Database column name that represents user name in the role data table(s). The user
name will be extracted from this column in the role to user assignments queries
resultset.
It is MANDATORY to set this property if any of role to user assignments queries are
configured.
Data Source ID Column
Database column name that represents the data source ID to which the retrieved
entitlement references or user references belong to. The data source ID will be
extracted from this column in the role data retrieval query resultset.
It is MANDATORY to set this property if any of role data retrieval queries are
Version 1.0 February 2015
4
RSA IMG Role Collector Datasheet for MySQL Database
configured.
Get Role Data Query
SQL query for fetching all the roles along with user ID of the role owners.
It is MANDATORY property. In future, this query can be extended to retrieve more role
attributes.
Get Role To User
Assignments Data Query
SQL query for fetching all the role to user assignments data.
It is OPTIONAL property.
Get Role To User Group
Assignments Data Query
SQL query for fetching all the role to user group assignments data.
It is OPTIONAL property.
Get Role To User Attribute
Filter Assignments Data
Query
SQL query for fetching all the role to user attribute filter (or attribute assertions)
assignments data.
It is OPTIONAL property.
Get Role To Entitlement
Bag Mappings Data Query
SQL query for fetching all the role to entitlement bag mappings data.
It is OPTIONAL property.
Get Role To Child Role
Mappings Data Query
SQL query for fetching all the role to child role mappings data.
It is OPTIONAL property.
Get Role To Parent Role
Mappings Data Query
SQL query for fetching all the role to parent role mappings data.
It is OPTIONAL property.
Get Role To Group
Entitlement Mappings Data
Query
SQL query for fetching all the role to group entitlement mappings data.
It is OPTIONAL property.
Copyright © 2014 EMC Corporation. All Rights Reserved. Published in the USA.
Trademarks
Version 1.0 February 2015
5
RSA IMG Role Collector Datasheet for MySQL Database
RSA, the RSA Logo, and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.
All other trademarks used herein are the property of their respective owners. For a list of EMC trademarks, go to
www.rsa.com/legal/trademarks_list.pdf.
Version 1.0 February 2015
6
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising