Internal security (stateless authentication)

Internal security is the built-in user configuration option for Matillion ETL that requires no outside systems for managing user logins.

To configure stateless authentication, follow these steps:

1. SSH into your Matillion ETL instance.
2. Open the following file for editing: /usr/share/emerald/WEB-INF/classes/Emerald.properties.

3. Ensure the following variables are set:

   VARIABLE_AUTHENTICATION=true
   STATELESS_CONFIGURATION=true
   STATELESS_PROTOCOL_TYPE=BOTH
   STATELESS_OPENID_ENABLE=true
   DEFAULT_TOMCAT_USER_USERNAME=${whatever you like}
   DEFAULT_TOMCAT_USER_PASSWORD=${whatever you like}
   

4. Save and close the file.

   Note

   If you are using version 1.77 or higher, skip directly to step 8. From version 1.77, the settings in the Emerald.properties file take precedence over the etc/sysconfig/tomcat file.

5. Open the following file for editing: /etc/sysconfig/tomcat.

6. Ensure the following variables are set:

   MTLN_PERSISTENCE_URL_POSTGRES="jdbc:postgresql://<DatabaseAddress>:<Port>/DatabaseName"
   MTLN_PERSISTENCE_USERNAME_POSTGRES=<username>
   MTLN_PERSISTENCE_PASSWORD_POSTGRES=<password>
   

   Where the MTLN_PERSISTENCE_URL_POSTGRES address points to the fully qualified domain name (FQDN) of your persistence database and a port may or may not be required, depending on your setup. HA/clustered deployments will be required to provide details for their external Postgres database. For single-node deployments, this database is typically on the instance itself and should have the following values:

   MTLN_PERSISTENCE_URL_POSTGRES="jdbc:postgresql://127.0.0.1/postgres"
   MTLN_PERSISTENCE_USERNAME_POSTGRES=postgres
   MTLN_PERSISTENCE_PASSWORD_POSTGRES=postgres
   

7. Save and close the file.

8. The Tomcat service must be restarted for your changes to take effect:

   systemctl restart tomcat
   

9. You can now add users in the Admin → User Configuration menu.