How to secure KDB/Q web interface

Question

I am aware of the fact that we can run a Q process with the -p parameter which enables other instances to connect to it and enables also a web interface on that port.

Is there a way how to secure the connection so there will be some kind of authorization? In the moment I don't like the fact that anyone can view and even execute queries on my database when it is running with the -p parameter.

score 5 · Accepted Answer · edited Nov 24 '17 at 16:21

5

You can add authentication by using -U:

-U /path/to/password.txt

This file contains user:password where password is result of in q md5"password" and strip off 0x in front.

edited Nov 24 '17 at 16:21

Thomas Smyth - Treliant

4,993
6
25
36

answered Mar 19 '12 at 13:35

algolicious

1,182
2
10
14

Thanks for this one. How does this work if I have the Q script connecting to the remote box which will be secured? – Jan Zyka Apr 03 '12 at 14:17
h:hopen `:host:port:username:password – algolicious Apr 10 '12 at 08:19
h"select from price where sym=`MSFT" – algolicious Apr 10 '12 at 08:20

score 4 · Answer 2 · edited Dec 09 '17 at 19:54

4

there's also the .z.pw and .z.ac hooks, which can be used for more complex auth logic

edited Dec 09 '17 at 19:54

Thomas Smyth - Treliant

4,993
6
25
36

answered Mar 23 '12 at 03:00

Aaron Davies

1,190
1
11
17

How to secure KDB/Q web interface

2 Answers2