Configuring the Nanopub Store
See Terminology ⇨ BEL Nanopub.
See Terminology ⇨ BEL Nanopub Store.
MongoDB is the only database supported as a BEL Nanopub Store with the 0.4.0 release. In the upcoming releases we plan to also support Apache Jena (RDF quad store).
Please follow the detailed Install MongoDB guide for your system.
MongoDB is configured within the OpenBEL API Config.
Here is the template for the evidence_store
configuration:
# Configuration template for OpenBEL API
# Storage of evidence through the Mongo database.
evidence_store:
mongo:
# The MongoDB host to connect to. For example if MongoDB's net.bindIp
# setting is configured as 127.0.0.1 we should be able to connect using
# localhost.
host: 'localhost'
# The default MongoDB port. Configured under MongoDB's `net.port` setting.
port: 27017
# The name of your database. We think "openbel-evidence" should be fine,
# but it's up to you.
database: 'openbel-evidence'
# MongoDB authentication and role assignment. These settings are necessary
# if you would like to have a MongoDB user authenticated and authorized to
# use the configure database.
#First, you will need to create a MongoDB user with the "readWrite" and
#"dbAdmin" roles for the "database" value set above. This is to allow read,
#write, and index creation in the OpenBEL API application.
#See https://github.com/OpenBEL/openbel-api/wiki/Configuring-the-Evidence-Store#adding-the-openbel-user
#username: 'openbel-user'
#Second, you will need to set a password for the MongoDB user set above.
#MongoDB passwords are hashed using SCRAM-SHA-1 on the client and server.
#This is the default hashing strategy on MongoDB 3.0 and after.
#See https://docs.mongodb.org/v3.0/core/security-scram-sha-1/
#password: 'changeme'
# If your MongoDB users are managed in a separate Mongo database then you
# will need to set it here. This can be useful if you are managing users in
# a separate Mongo database from the application's database.
# Optional; defaults to the "database" set above.
#authentication_database: 'openbel'
# RDF dataset for BEL datasets, annotations, and namespaces using Apache Jena.
resource_rdf:
jena:
tdb_directory: 'biological-concepts-rdf'
# Full-text search over annotation and namespace values using SQLite.
resource_search:
sqlite:
database_file: 'biological-concepts-rdf.db'
# Set a secret used during session creation....
session_secret: 'changeme'
# User authentication using Auth0.
auth:
enabled: false
redirect: 'https://openbel.auth0.com/authorize?response_type=code&scope=openid%20profile&client_id=K4oAPUaROjbWWTCoAhf0nKYfTGsZWbHE'
default_connection: 'linkedin'
domain: 'openbel.auth0.com'
id: 'K4oAPUaROjbWWTCoAhf0nKYfTGsZWbHE'
# secret: 'auth0 client secret here'
The required settings in evidence_store
are host
, port
, and database
.
The OpenBEL API provides support for user authentication and authorization for users internal to MongoDB. There is currently no support for external Authentication Mechanisms.
The configured user must be authorized to access OpenBEL API's Mongo database. Follows the instructions below on Adding the openbel-user.
Firstly, authentication will need to be enabled on MongoDB. See Enable Client Access Control.
Next you should add a user with both the "readWrite" and "dbAdmin" roles to the configured "database" set above. This is to grant the user read, write, and create index privileges on the database.See Manager User and Roles. For example to add the openbel-user
you would use the mongo
command like so:
$ mongo openbel
MongoDB shell version: 3.2.0
connecting to: openbel
> db.createUser(
{
"user": "openbel-user",
"pwd": "my_voice_is_my_password_please_verify_me",
"roles": [
{
"role": "readWrite",
"db": "openbel"
},
{
role: "dbAdmin",
db: "openbel"
}
]
}
)
>
bye
Now to test that that our authentication and authorization to the openbel
database was successful we try connecting and interacting with it:
$ mongo -u openbel-user -p openbel
MongoDB shell version: 3.2.0
Enter password: (enters password discreetly whilst looking over the shoulder)
connecting to: openbel
> db.stats()
{
"db": "openbel",
"collections": 3,
"objects": 33,
"avgObjSize": 2871.757575757576,
"dataSize": 94768,
"storageSize": 348160,
"numExtents": 5,
"indexes": 4,
"indexSize": 130816,
"fileSize": 67108864,
"nsSizeMB": 16,
"extentFreeList": {
"num": 0,
"totalSize": 0
},
"dataFileVersion" : {
"major" : 4,
"minor" : 22
},
"ok" : 1
}
> # Command was successful we are authorized with the openbel database.
>
bye
Now if we authenticate with the test
database and attempt to read we should receive a security error.
$ mongo -u openbel-user -p test
MongoDB shell version: 3.2.0
Enter password: (enters password discreetly whilst looking over the shoulder)
connecting to: test
> db.stats()
{
"ok" : 0,
"errmsg" : "not authorized on test to execute command { dbstats: 1.0, scale: undefined }",
"code" : 13
}
>
bye
Success. Great job! 👏
Now we can configure OpenBEL API with the following evidence_store
:
evidence_store:
mongo:
host: 'localhost'
port: 27017
database: 'openbel-evidence'
username: 'openbel-user'
password: 'my_voice_is_my_password_please_verify_me'
Tip Configure read permissions for the OpenBEL API configuration file. It will need to contain the plain text password even though it will be hashed (SCRAM-SHA-1) before sending from the MongoDB client drivers.