MongoDB authentication in Sitecore

Securing application data is critical for any client and business, and the same principle applies to Sitecore application as well.

One of the most important component of Sitecore is MongoDB, which is where we store all Experience(xDB) related data, MongoDB was shipped into Sitecore’s ecosystem from Sitecore 7.5, and it’s very important to make sure the data stored in xDB is secured, and only authorized uses has access to the data.

Recently, we heard about thousands of MongoDB data being hacked, so what’s the reason behind it? any guess? it’s simple- all those DBs were not configured to be secure and anyone can access it.

It would be great if MongoDB installation itself comes with an option, where we can secure our data while installing it, like how we do it for SQL.

Even though, we can go back and secure the data  by setting up users/roles and permissions, but it’s always great to do it it first place.

We also have to see and make sure that Connection string used for MongoDB is all protected with credentials, so that only authorized users can access it.

As part of this blog post, i would like to cover the steps which we can follow and make our Sitecore application more secure.

  1. Create MongoDB User
    1. Follow the below command to create the user.
    2. db.createUser({user: “mongoadmin”,pwd: “mongoadmin”,roles: [ { role: “userAdminAnyDatabase”, db:”admin” },{ role: “root”, db:”admin” }]})
    3. We just created a new mongouser- “mongoadmin” under database “admin”, and has given all rights to this user by assigning role “root“.
  2. Verifying the User
    1. If we want to verify that user gets created or not, we can use the following command for the same:
    2. db.auth(“mongoadmin”,”mongoadmin”)
    3. This should return 1, if the user is authenticated.
    4. We can also see the list of all users by running following command:
    5. db.getUsers()
  3. Assigning specific roles to unique collections
    1. We shouldn’t be giving “root” level access to the user, and it should be more specific to the database and collection.
    2. For example: we can give read and write access to analytics database in Sitecore.
    3. In order to do that, please login to mongo shell and switch to admin.
    4. use analytics
      db.createUser({user: “mongouser”,pwd: “mongopassword”,roles: [ { role: “readWrite“, db:”analytics” }]})

    5. In this case we created a new user called “mongouser” and assigned “readWrite” role to it, and is specific to “analytics” database.
    6. In the same way, we can do it for other three databases also.
  4. Connection string updates
    1. This is how the default connection string looks like:
    2. <add name=”analytics” connectionString=”mongodb://localhost:27017/sample_analytics” />
      <add name=”tracking.live” connectionString=”mongodb://localhost:27017/sample_tracking_live” />
      <add name=”tracking.history” connectionString=”mongodb://localhost:27017/sample_tracking_history” />
      <add name=”tracking.contact” connectionString=”mongodb://localhost:27017/sample_tracking_contact” />

    3. After making updates to connection string, and adding required username and password details to it, this is how it looks:
    4. <add name=”analytics” connectionString=”mongodb://mongoadmin:mongoadmin@localhost:27017/sample_analytics?authSource=admin” />
      <add name=”tracking.live” connectionString=”mongodb://mongoadmin:mongoadmin@localhost:27017/sample_tracking_live?authSource=admin” />
      <add name=”tracking.history” connectionString=”mongodb://mongoadmin:mongoadmin@localhost:27017/sample_tracking_history?authSource=admin” />
      <add name=”tracking.contact” connectionString=”mongodb://mongoadmin:mongoadmin@localhost:27017/sample_tracking_contact?authSource=admin” />

    5. This is how the format looks like:
    6. mongodb//[username:password@]host[:port]/database?authSource

If we are trying to access MongoDB without passing valid credentials, we get this error in the log, please see the screen shot for ref:

MongoAuthenticationFailed

Once we pass the valid credentials, this error will go off.

It’s always a good practice to authenticate MongoDB in local environment as well, this helps us in setting the habit for it and we can uncover any issues well in advance.

I hope this helps in getting the understanding about how we can secure and authenticate MongoDB, and how to create users/permissions for the same.

There is a great article in MongoDB documentation, around setting up auth for Mongo and setting up users, creating roles for the same, please consider reviewing this as well, this is great source of information.

https://docs.mongodb.com/manual/tutorial/enable-authentication/

Thanks, and please let me know for any questions, happy to discuss more.

Happy learning 🙂

Sitecore MongoDB Blog series: Part 3-Creating custom contact facets

In previous blog post, we gone through introduction of MongoDB with Sitecore which includes scaling, contacts and understanding MongoDB queries.

In this blog post we will go through and understand, how to create a custom contact facet and how to deploy it to Sitecore.

By default there are facets which Sitecore uses, and you can find the details here:

\App_Config\Include\Sitecore.Analytics.Model.Config

<entities>
<contact>
<factory type=”Sitecore.Analytics.Data.ContactFactory, Sitecore.Analytics” singleInstance=”true” />
<template type=”Sitecore.Analytics.Data.ContactTemplateFactory, Sitecore.Analytics” singleInstance=”true” />
<facets>
<facet name=”Personal” contract=”Sitecore.Analytics.Model.Entities.IContactPersonalInfo, Sitecore.Analytics.Model” />
<facet name=”Addresses” contract=”Sitecore.Analytics.Model.Entities.IContactAddresses, Sitecore.Analytics.Model” />
<facet name=”Emails” contract=”Sitecore.Analytics.Model.Entities.IContactEmailAddresses, Sitecore.Analytics.Model” />
<facet name=”Phone Numbers” contract=”Sitecore.Analytics.Model.Entities.IContactPhoneNumbers, Sitecore.Analytics.Model” />
<facet name=”Picture” contract=”Sitecore.Analytics.Model.Entities.IContactPicture, Sitecore.Analytics.Model” />
<facet name=”Communication Profile” contract=”Sitecore.Analytics.Model.Entities.IContactCommunicationProfile, Sitecore.Analytics.Model” />
<facet name=”Preferences” contract=”Sitecore.Analytics.Model.Entities.IContactPreferences, Sitecore.Analytics.Model” />
</facets>
</contact>
</entities>

In this specific example, we will show how to add a custom string value to existing contact card, we can call this Facet “Education

In order to create a custom Facet, we need following components:

  1. Interface (that’s used to create a contract/facet)
  2. Implementation
  3. Configuring the system to use new Facet.

Interface:

Education is the Facet, and the Education property we define for this is Element for this Facet,so we need to create Facet and Element interface.

Here is IProfileEducationFacet Interface, this should inherit IFacet.

IProfileFacet

Next step is to create IProfileEducationElement Interface, here is the sample snippet for the same:

IProfileEducationElement

Implementation:

Once we have Interfaces created for Facet and Element, next step will be to create class that can implement those interfaces.

ProfileEducationFacet class

ProfileFacet

ProfileEducationElement class

ProfileEducationElement

 

Once the Facets and Elements are created, next step will be to register these Facets and Elements in Sitecore, we also call this deploying to Sitecore.

In order to deploy these facets and Elements, we can either update the default configuration file, or we can also create a patch file, which will have changes specific to Education Facets.

Here is the patch file for ref:

FacetDeployPatch

<configuration xmlns:patch=”http://www.sitecore.net/xmlconfig/”&gt;
<sitecore>
<model>
<elements>
<element patch:after=”*[@interface=’Sitecore.Analytics.Model.Entities.IBehaviorProfileValue, Sitecore.Analytics.Model’]” interface=”Sample._Classes.xDBProfile.Elements.IProfileEducationElement, Sample.Sitecore”
implementation=”Sample._Classes.xDBProfile.Elements.ProfileEducationElement, Sample.Sitecore” />
<element patch:after=”*[@interface=’Sitecore.Analytics.Model.Entities.IBehaviorProfileValue, Sitecore.Analytics.Model’]” interface=”Sample._Classes.xDBProfile.Facets.IProfileEducationFacet, Sample.Sitecore”
implementation=”Sample._Classes.xDBProfile.Facets.ProfileEducationFacet, Sample.Sitecore” />
</elements>
<entities>
<contact>
<facets>
<facet patch:after=”*[@name=’Preferences’]” name=”Education” contract=”Sample._Classes.xDBProfile.Facets.IProfileEducationFacet, Sample.Sitecore” />
</facets>
</contact>
</entities>
</model>
</sitecore>
</configuration>

Getting and setting properties are done using GetAttribute and SetAttribute methods retrieved from Sitecore.Analytics.Model.Framework.Element and Sitecore.Analytics.Model.Framework.Facet.

Happy learning 🙂

Sitecore MongoDB Blog series: Part 2-Understand scaling, contacts and queries

In previous blog post we have gone through MongoDB introduction with Sitecore, features and installation.In this blog we will go over available scaling options in MongoDB, and then followed with introduction to contacts and out of the box queries.

Scaling:

There are three types of scaling:

  1. Standalone environment
  2. Vertical Scaling and
  3. Horizontal Scaling

Standalone environment:

A standalone is all in one configuration, where we install all xDB components in the same computer, which includes:

  • Content management server
  • Content delivery server
  • Database server
  • Reporting server
  • Collection server.

This is not an optimal production environment setup, and it’s mostly resembles the development environment, where we have all components in the same workstation, we can say this setup as “not scalable environment”.

standalone-setup

Vertical Scaling:

Vertical scaling means adding more resources to single node in the system,which typically involves adding/upgrading more hardware to single machine.

When we start inclining towards Vertical setup, we tend to have separate servers for each component, i.e separate servers for:

  • Database
  • Content management
  • Content delivery and
  • Reporting server

If we see that specific component requires hardware upgrade, then we can just scale that environment/component up, without touching any other server, and this way we can scale the complete Sitecore system.

Horizontal Scaling:

Though we can scale each component of the System, by following vertical Scaling, but what about if we have just one Content delivery server and because of some server issue, we lost all data from that server, just can’t imagine right?

In this specific case even we have scaled up the content delivery server by upgrading the size,RAM and all other component(s) as per the requirements, but such thing can’t help us out if something goes wrong with that specific server, which will ultimately results in data loss.

In this scenario, we can resolve the issue by deploying multiple servers for the same components, which includes:

  • Multiple content management servers
  • Multiple content delivery servers
  • Multiple MongoDB(Analytics) servers
  • Separate session state server.

This type of setup helps in resolving the issue of, one server going down for some reason, From MongoDB presepective, we can achieve this by adding multiple servers for Analytics, we do it via adding Replica sets.

By means of replication we achieve following:

  • Availability
  • MongoDB provides high data availability with replica sets.
  • A replica set consists of two or more copies of the same data.

What happens in Replica set is, we setup the environment which defines a primary server, which will be used to read and write the Analytics  information, at the same time all data from replicaset-1 will get copied to replicaset-2 and replicaset-3, all the servers are always in sync.

From here, if something goes wrong to replicaset-1 server, MongoDB internally makes either replicaset-2 or replicaset-3 as a primary source of reading and writing the information, this we can always make sure data availability.

horizontal-scalibility

Introduction to Contacts:

  • In xDB a contact is an individual visitor.
  • This visitor may be anonymous or he may have been authenticated.
  • A contact is a combination of facets.
  • Contact Includes:
    • Identifiers
    • Personal Information
    • Email
    • Phone Number
    • Addresses

contacts

Identifying Contacts:

  • Contact identification is the process of connecting the current session, device and contact session to an identifier. This is implemented using the Identify() method which is part of the Sitecore Analytics tracker namespace.
  • Sitecore.Analytics.Tracker.Current.Session.Identify(identifier)
  • A contact is always identified by an identifier, identifier is an string value which uniquely identifies a contact in relation to website and this value is always provided by contact itself.
  • Identifiers can be one of the following:
    • User login
    • User id from third party system and/or
    • Email address

Here is the sample snippet which shows how we can validate the use in MongoDB:

mongo-validate-user

MongoDB Queries:

Let’s look into the sample two queries, which is used to fetch data from out of the collections.

Consider a case where we have millions of records in “Contacts” collection, and wants to get specific contact record, we can add a filter where we can pass “FirstName”, and we use “Personal.Firstname” Facet for this.

db.getCollection(‘Contacts’).find({“Personal.FirstName”:”Ankit Joshi”})

FirstNameFilter

Another example, if we want to find an identifier based on specific Id, we can use this query:

db.getCollection(‘Identifiers’).find({“_id”:”ANKIT”})

IdentifyFilter

In the same way we can also create custom collections, and add documents to it using Mongo Shell.

We can create custom collections using Mongo Shell, and the beauty of this is, when we try to create a new collection, and if that collection doesn’t exists it will create it automatically, and documents of the collections can have different structure, which makes it more flexible.

Let me know your feedback and comments if any?

References:

https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/xdb/platform/scalability_options

Happy learning 🙂

Sitecore MongoDB Blog series: Part 1-Introduction to MongoDB in Sitecore

Sitecore introduced MongoDB in it’s ecosystem to solve the problem of scaling analytics, let’s try to understand MongoDB from Sitecore prespective, and see how it’s useful and where exactly it sit in the Sitecore system, we will have series of three posts where we will start with the introduction about it, it’s features, advantages, setting up MongoDB in your environment.

In the second series we will talk about contacts and some of the out of the box queries, and will to understand MongoDB collection, and in the final post we will see how we can create custom facets to extend MongoDB functionality.

mongodb

Introduction to MongoDB

Sitecore 7.5 introduced MongoDB as the main datastore for the Sitecore Experience Database (xDB). Sitecore xDB allows organizations to collect all of their customer interactions from all channels to create a comprehensive, single view of the customer that allows marketers to better optimize the customer experience in real-time.

Following are some of the features of MongoDB:

  • Open source
  • NoSQL
  • Document oriented database.
  • Primarily used for collecting data and information about visitors(for analytics)
  • Visitors and their interactions are written to MongoDB in JSON format, which then processed by an aggregation pipeline into a format that is used for reporting.

There are several advantages and benefits with MongoDB, some of them are listed below:

  • Scalability
    • Standalone environment
    • Vertical Scaling and
    • Horizontal Scaling
  • Performance
  • Flexibility
  • Unstructured data and Schemas

Scaling is one of the critical feature in Sitecore, and we will discuss about all different scaling options in the next series of this post, where we will talk more about horizontal scaling and how MongoDB uses it to make sure the availability of data.

Installing MongoDB:

Let’s take a look, how you can install MongoDB:

Please follow the below steps, to install MongoDB.

  1. Download MongoDB as per your Sitecore version, you can see more details here: https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/xdb/platform/software_recommendations and
  2. https://kb.sitecore.net/articles/633863
  3. Next, you need to install Mongo, you can do it either in default installation path (C:\Program Files\MongoDB\Server\mongo version), or in custom path like (D:\Mongo\..)
  4. Create data and db folder:
    1. C:\Program Files\MongoDB\Server\3.0\data
    2. This folder is not created by default during installation, we need to install this.
    3. Once this folder is create, please create db folder under this.
  5. Create logs folder:
    1. C:\Program Files\MongoDB\Server\3.0\logs
  6. We can create a new config file where we specify db and logs folder, and this file will be used to install MongoDB as a service, so that it will start everytime when we start/boot windows.
  7. In this example, I have created a new folder “config” and added config file under that.
  8. C:\Program Files\MongoDB\Server\3.0\config
  9. Please use the below snippet and save make sure to change the db and log location, as per your environment location.mongoconfig
  10. C:\Program Files\MongoDB\Server\3.0\config\mongod-3.0.cfg
  11. Open up a Command Prompt (Run As Administrator), and navigate to bin folder
    1. C:\Program Files\MongoDB\Server\3.0\bin
  12. Run the following command to create MongoDB as a service:
  13. mongod –config=”C:\Program Files\MongoDB\Server\3.0\config\mongod-3.0.cfg” –install –serviceName=”MongoDB 3.0″
  14. Go to services and look for “MongoDB 3.0”, click startMongoDBService

Connection Strings:

mongo_connectionstring

  • name – analytics,tracking.live, tracking.history and tracking.contact.
  • mongodb prefix
  • servername- in case of local, it’s default to localhost
  • Mongo database(collection name)

Note:

This is for replicate set

mongo_connectionstring_replicaset

This is how contact looks in Mongo, and some out of the box properties.

contactcard

Hope this helps to give you base level understanding about MongoDB in Sitecore, and how to install MongoDB as windows service.

In the next post, we will see how we can scale MongoDB in Sitecore, and also closer look of contacts,collection and some queries to get data out of it.

Let me know your comments and feedback on the same, and anything which want to me cover specifically.

References:

https://briancaos.wordpress.com/2014/10/01/sitecore-and-xdb-setting-up-mongodb-on-your-developer-machine/

Happy learning 🙂