Authentication, authorization on stand alone enterprise version.

82 views
Skip to first unread message

@gokool

unread,
Apr 25, 2012, 11:37:23 PM4/25/12
to Neo4j
We have a deployment of the enterprise version of Neo4J as a stand
alone server. We are building a Javascript application through which
users would see the graph data according to some business use-cases
(not as nodes and edges but as business entities and their
relationships). However, if a user wants to, they could locate the URL
of the Neo4J server and hence gain access to the whole data through
either the Cypher api or the REST API. We want to be able to limit
that.
Is there a way to authenticate access to the Cypher/REST APIs through
configuration. Is there a way Neo4J admin module lets one do this.
Also, is there a way to authorize users by profile at the graph layer.
i.e. I should be able to say, let user of profile "X" access the nodes
with property "P1" and users of profile "Y" access the nodes with
property "P2".

@gokool

Jim Webber

unread,
Apr 26, 2012, 12:58:02 AM4/26/12
to ne...@googlegroups.com
Hello,

The Neo4j admin module doesn't directly support this. What you'd use in this case is an authentication rule (code) that you plug into the server. If you take a look at this:

http://docs.neo4j.org/chunked/stable/security-server.html

Check out section 25.1.4. That's where you can see how to customise the security surface of Neo4j to support arbitrary authorisation.

Jim

@gokool

unread,
Apr 26, 2012, 1:44:13 AM4/26/12
to Neo4j
Thanks Jim. This is helpful.
So I am guessing that once I modify the code, the way I would
integrate this to my deployment would be to compile the jar again and
overwrite that jar file on the server.

Peter Neubauer

unread,
Apr 26, 2012, 1:47:58 AM4/26/12
to ne...@googlegroups.com

Or,
You build your own jar against the apis, and add put it into the plugins folder. Then it is picked up and you just have to adjust the server configuration.

Michael Hunger

unread,
Apr 26, 2012, 4:10:23 AM4/26/12
to ne...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages