Versions Compared

Old Version 28

changes.mady.by.user Randy Anft

Saved on

compared with

New Version Current

changes.mady.by.user Randy Anft

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Include Page
_MultiTenancyWarning
_MultiTenancyWarning

To prepare your setup for multi tenancy you will need to execute some steps per component.

Most components in a setup make use of one or more Databases (SQL and/or NoSQL). Furthermore, AMQP can be used to communicate between the components.

In order to make sure that no tenant can access data of another tenant, each tenant will need their own databases. Thus, you will need to create them for each tenant.

simply

Simply use the delivered create scripts to create the dedicated databases for each tenant.

For AMQP, you should also create the neccessary queues and exchanges per tenant for each component and configure the vHost to make sure that the correct messages are being sent to the correct tenant.

Table of Contents

Enabling Multi tenancy

Include Page
_EnablingMultiTenancy
_EnablingMultiTenancy

These properties are used in each component that is mentiond on this page.

X-Tenant-ID

Include Page
_X-Tenant-ID
_X-Tenant-ID

This property can be used in each component that is mentiond on this page.

We advise to set up an HTTP server (for example NGINX or Apache HTTPD) which can be configured to add this HTTP header depending on, for instance, the url from which the Runtime is called.

AMQP Tenant Id

Include Page
_MtAmqpHeader
_MtAmqpHeader

Info

We only support multi-tenancy where each tenant uses the same database vendor per component. You are not able to mix, for example, an Oracle tenant with an Microsoft SQL Server tenant. 

Property Configuration

To enable multi-tenancy, it is essential to modify existing properties and add new ones for each tenant across all JDBC, JNDI, RabbitMQ, and MongoDB connections.

The primary adjustment involves inserting tenants.<tenantName> between the property prefix and the actual property value. An example of this structure is provided below.

Code Block
languageyml
titleapplication.properties
# RabbitMQ Host property for the Trace Event Publisher

# Single Tenant
blueriq.trace.event.publisher.channel.amqp.rabbitmq.host=localhost

# Multi Tenant Google
blueriq.trace.event.publisher.channel.amqp.rabbitmq.tenants.google.host=localhost

# Multi Tenant Apple
blueriq.trace.event.publisher.channel.amqp.rabbitmq.tenants.apple.host=apple.com

Default configuration

Include Page
_defaultMultiTenantProperties
_defaultMultiTenantProperties

Info

This works for all components that use Datasource,RabbitMQ or MongoDB configuration


UI Expand
titleRuntime

Runtime

Excerpt Include
Multi-tenant Runtime setup COPY
Multi-tenant Runtime setup COPY
nopaneltrue

Authentication - OAuth2 and Keycloak

In single-tenant mode as well as in multi-tenancy mode, OAuth2 and Keycloak can be used for the authentication mechanism. The difference with multi-tenancy is that the application now expects a claim to be present in the JWT token with the claim path name "tenant" and with the tenant name as value. This claim name is customizable if the tenant is present in the JWT token with a different claim name.

Customizing the tenant path

The tenant claim can be customized using a JsonPath expression in the same way the roles-path and username-path can be set.

Code Block
languageyml
titleapplication.properties
blueriq:
  jwt:
    tenant-path: $.custom_tenant_claim_path
UI Expand
titleCase Engine

Case Engine

Excerpt Include
Case Engine Multi-tenancy
Case Engine Multi-tenancy
nopaneltrue

UI Expand
titleCustomer Data Service
 

 Customer Data Service

Excerpt Include
Multi-tenancy
Multi-tenancy
nopaneltrue

UI Expand
titleDCM Lists Service

DCM Lists Service

Excerpt Include
Multi-tenancy for the DCM Lists Service
Multi-tenancy for the DCM Lists Service
nopaneltrue

UI Expand
titleDCM Maintenance

DCM Maintenance App

Excerpt Include
Multi-tenancy for the DCM Maintenance App
Multi-tenancy for the DCM Maintenance App
nopaneltrue

UI Expand
titleAudit Consumer

Audit Consumer

Excerpt Include
Audit Consumer - Multi-tenancy [editor]
Audit Consumer - Multi-tenancy [editor]
nopaneltrue