Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Configure all databases in Digital Access

Owned by Ann Base (Deactivated)
Last updated: Dec 18, 2023 by Josefin Klang (Deactivated)
6 min read

This article includes updates for Digital Access 6.4.0.



This article describes how to configure different databases for Smart ID Digital Access component.

In some cases the built-in database used by default in Digital Access component can be considered insufficient, for example when the storage requirements surpass the capabilities of the built-in database, or if more than one service is used for load-balancing/high availability. It is then possible to change which database the Digital Access component uses.

Configure database settings in Digital Access Admin

From Digital Access 6.4.0 and later versions, make sure to configure the database settings in Digital Access Admin only.

A configuration already existing in customize.conf will be ignored after the upgrade and the settings should be stored in RemoteConfiguration.xml through Digital Access Admin instead.



  • Before you can configure the databases in Digital Access, you must create the databases manually in the desired database server. It is not required to create tables inside the databases. When Digital Access Admin service starts, it will do a lookup for all the tables and if not found it will create tables automatically.

The only exception is the default PostgreSQL database, which is already installed in Digital Access versions prior to 6.0.5. It is not recommended to use this database in production systems. Use an external database instead. Read the vendor-specific documentation on how to properly create a database.

Database types in Digital Access

Digital Access uses four databases:

Database

Description

Database

Description

User database

Used for storing user-specific information.

OATH database

Used for storing information specific to OATH authentication.

OAuth database

Used for storing Oauth-specific information.

Reporting database

Used for storing information used for generating reports, notification events.

Configure databases in Digital Access Admin

You can configure all Digital Access databases in Digital Access Admin as well as enable/disable databases that are not used. For example, if you are not using OAuth2 or Open ID Connect, you can disable the Oauth database. Similarly, all other databases can be disabled if they are not used.

For certain authentication methods where DA depends on user data, it is mandatory to have the User database set. 

In case of a fresh setup, all the databases will be disabled by default and Digital Access will not log any errors or try connecting to any databases if they are not enabled. Make sure you enable and save the respective database settings in use.

The default database name and user for this database is “hag”. If you use another database name and user, make sure to modify it in the configuration accordingly.

  1. Log in to Digital Access Admin with an administrator account.

  2. Go to Manage System > User Database.

  3. In the Database drop-down list, select database. The list contains the default configurations for the databases. If you use other databases which are not listed or need to change the default settings like port, or database drivers to use, then click on Advanced Fields. See also step 6.  Click “?” for more help.

  4. Enter Host and Name. The system will convert this information to the form shown in the Advanced Fields.

  5. Enter UserPassword and Retry Attempts, click “? “For help.

  6. If you do not want to configure a database in the Database drop-down list, but need to change the default settings like port, or database drivers to use, click Toggle Advanced Fields and enter DialectUrl and Driver. Click “?” for help.

  7. When done, click Save.

    1. Check Copy all users when you want to copy all users from the current configuration to the one about to be saved.

    2. When this page is saved it will save the information currently displayed. If the settings are saved while displaying the Standard Fields (Database, Host and Name) the information in the Standard Fields will be used, regardless of what manual changes has been made in the Advanced Fields. The same applies the other way around. If the page is saved while displaying the Advanced Fields the information in those fields will be used, regardless of what information might have been entered in the Standard Fields.

  8. Publish the configuration.

The default database name and user for this database is “oath”.  If you use another database name and user, make sure to modify it in the configuration accordingly.

  1. Log in to Digital Access Admin with an administrator account.

  2. Go to Manage System and click OATH Configuration.

  3. In the Database drop-down list, select database. The list contains the default configurations for the databases. If you use other databases which are not listed or need to change the default settings like port, or database driver, then click on Advanced Fields. 
    See also step 6. Click “?” for more help.

  4. Enter Host and Name, for help click “? When saving, the system will convert this information to the form shown in the Advanced Fields.

  5. Enter UserPassword and number of Retry Attempts. Click “?“For help.

  6. If you do not want to configure a database in the Database drop-down list, but need to change the default settings like port, or database drivers, click Toggle Advanced Fields and enter DialectURL and Driver. For help and examples, click “?”.

  7. When done, click Save.
    When this page is saved it will save the information currently displayed. If the settings are saved while displaying the Standard Fields (Database, Host and Name) the information in the Standard Fields will be used, regardless of what manual changes has been made in the Advanced Fields. The same applies the other way around. If the page is saved while displaying the Advanced Fields the information in those fields will be used, regardless of what information might have been entered in the Standard Fields.

  8. Publish the configuration.

After the changes to the database connectivity settings have been published, you must restart the Authentication service. A restart is needed since the Authentication service only reads its database settings on startup.

The default database name and user for this Database is “oauth”. If you use another database name and user, make sure to modify it in the configuration accordingly.

  1. Log in to Digital Access Admin with an administrator account.

  2. Go to Manage System > OpenID Connect (OAuth2) Configuration > Configure Database Connection.

  3. In the Database drop-down list, select database. The list contains the default configurations for the databases If you use other databases which is not listed or need to change the default settings like port, or database driver, then click on Advanced Fields. See also step 6. Click “?” for more help.

  4. Enter Host and Name, for help click “?. When saving, the system will convert this information to the form shown in the Advanced Fields.

  5. Enter UserPassword and number of Retry Attempts. Click “?“ for help.

  6. If you want to configure a database not in the Database drop-down list, or need to change the default settings like port, or database drivers, click Toggle Advanced Fields and enter DialectURL and Driver. For help and examples, click  “?”.

  7. When done, click Save.
    When this page is saved it will save the information currently displayed. If the settings are saved while displaying the Standard Fields (Database, Host and Name) the information in the Standard Fields will be used, regardless of what manual changes has been made in the Advanced Fields. The same applies the other way around. If the page is saved while displaying the Advanced Fields the information in those fields will be used, regardless of what information might have been entered in the Standard Fields.

  8. Publish the configuration.

Related information

Links

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions