You are currently browsing legacy 1.0 version of documentation. Click here to switch to the newest 4.2 version.

We can help you with migration to the latest RavenDB

Contact Us Now
see on GitHub

Authentication bundle

With the Authentication bundle we can use OAuth for authentication.

Installation

In the appSettings of the RavenDB configuration file add the line:

<add key="Raven/AuthenticationMode" value="OAuth"/>

After that put the Raven.Bundles.Authentication.dll file in the server's Plugins directory and then run the server.
Once done you can use OAuth for authentication.

Adding users

In order to add a user we can use the following code:

using(var session = documentStore.OpenSession())
{
    session.Store(new AuthenticationUser
    {
        Name = "Ayende",
        Id = "Raven/Users/Ayende",
        AllowedDatabases = new[] {"*"}
    }.SetPassword("abc"));
    session.SaveChanges();
}

If no users are found on the database a user "admin" will be created with an auto generated password. This data can be viewed in the "authentication.config" file.

How to authenticate

In order to authenticate we configure our documentStore:

documentStore.Credentials = new NetworkCredential("userName", "password");

We can also use ConnectionStringName:

new DocumentStore { 
                    Url=http://ravendb.mydomain.com;
                    User=user;
                    Password=secret
                  }

Customizations

Related server configuration options:

  • Raven/AuthenticationMode - can be 'windows' (default) or 'oauth'
  • Raven/OAuthTokenServer - if the oauth mode is selected, will instruct connecting clients about the OAuthTokenServer, default is the local endpoint inside ravendb
  • Raven/OAuthTokenCertificatePath - the certificate to use when verifying the token signature, allows you to collaborate with external oauth servers. Default to creating a new certificate every time the server restarts
  • Raven/OAuthTokenCertificatePassword - password for the certificate

3rd party OAuth server

In order to user a 3rd party server we need to specify that server in the Raven/OAuthTokenServer and make sure that the server will return an Access Token created with the same Certificate as our server in string format.

example:

var token = AccessToken.Create(CertificatePath, userId,
                                       authorizedDatabases);
response.Write(token.Serialize());