Documentation and Web Server Technology for DataHub Frontend

Original Slack Thread

<@U06TM7M40RK> is there a documentation related to security hardening for the datahub frontend?

To enhance the security of the DataHub frontend, you can refer to several resources that provide guidance on authentication, encryption, and secure deployment practices:

1. Authentication: DataHub supports various authentication mechanisms, including native authentication, Single Sign-On (SSO) with OpenID Connect, and Java Authentication and Authorization Service (JAAS). You can find more details on configuring these authentication methods in the <https://github.com/datahub-project/datahub/blob/master/docs/authentication/README.md|DataHub Authentication Overview> and <https://github.com/datahub-project/datahub/blob/master/docs/authentication/introducing-metadata-service-authentication.md|Metadata Service Authentication>.

2. Changing Default Credentials: It’s crucial to change the default credentials for the DataHub frontend to prevent unauthorized access. Instructions for changing the default user credentials can be found in the <https://github.com/datahub-project/datahub/blob/master/docs/authentication/changing-default-credentials.md|Changing Default Credentials Guide>.

3. SSL/TLS Configuration: Enabling SSL/TLS for secure communication is recommended. You can configure SSL for the DataHub frontend using Kubernetes Ingress with Nginx or AWS ALB, as discussed in the <Slack conversation>.

4. Security Reporting and Policies: If you encounter any security vulnerabilities, you can report them to the DataHub team. The <https://github.com/datahub-project/datahub/security/policy|DataHub Security Policy> provides instructions on how to report vulnerabilities and the process for handling them.

5. Environment Variables: You can configure session timeouts and other security-related settings using environment variables. Details on these configurations are available in the <https://github.com/datahub-project/datahub/blob/master/docs/deploy/environment-vars.md|Environment Variables Documentation>.

Would you like more detailed steps or additional information on any specific aspect of security hardening for the DataHub frontend?

Sources:

• <https://github.com/datahub-project/datahub/blob/master/docs/authentication/changing-default-credentials.md|Changing Default Credentials Guide>
• <Slack conversation on SSL/TLS Configuration>
• <https://github.com/datahub-project/datahub/blob/master/docs/authentication/README.md|DataHub Authentication Overview>
• <https://github.com/datahub-project/datahub/blob/master/docs/authentication/introducing-metadata-service-authentication.md|Metadata Service Authentication>
• <https://github.com/datahub-project/datahub/blob/master/docs/deploy/environment-vars.md|Environment Variables Documentation> 0 button 0 button Hint: Mention @runllm in the thread for followups.

<@U06TM7M40RK> what web server technology is datahub frontend using?

The DataHub frontend is built using the <https://www.playframework.com/|Play Framework>, which is a web application framework written in Java. The Play Framework serves as a mid-tier between the DataHub GMS (Graph Metadata Service) backend and the DataHub Web React frontend. This setup allows the DataHub frontend to handle requests and serve the user interface effectively.

For more information, you can refer to the <https://github.com/datahub-project/datahub/blob/master/datahub-frontend/README.md|DataHub Frontend documentation>.

Would you like more detailed information about the Play Framework or how it integrates with DataHub?

Sources:

• <https://github.com/datahub-project/datahub/blob/master/datahub-frontend/README.md|DataHub Frontend documentation> 0 button 0 button Hint: Mention @runllm in the thread for followups.