Create a Connector

Use this task to create a connector that allows DCT Compliance to access a data source for discovery and masking operations.

A connector stores the connection information required to access the data source, such as the database host, port, schema, and authentication credentials. Each connector must be associated with a Job Orchestrator, which determines the compliance nodes used to execute connector operations.

Steps

  1. In the left navigation pane, click Compliance > Connectors.

  2. Click + Connector.

  3. In the Details step:

    1. Enter the connector name.

    2. (Optional) Add tags using Tag Key and Tag Value, then click + Tag.

  4. Click Next.

  5. In the Configuration step:

    1. Select the Job Orchestrator that will run operations for this connector.

    2. Select the Source Type (for example, Database – Oracle).

    3. Select the Connection Method: Hostname/IP (Basic) or JDBC URL (Advanced). The fields displayed depend on the selected connection method

      1. Schema Name: The schema that contains the tables that this connector will access.

      2. Host: The network hostname or IP address of the database server.

      3. Port: The TCP port of the server. For MS SQL Server, this is optional with the default set to 1433. If the server uses the default port, it does not need to be specified.

      4. SID: (Oracle only) Oracle System ID (SID).

      5. Authentication Method: Select the authentication method used to connect to the database.

      6. Username: The database user account

      7. Password: The password for the database user

      8. JDBC URL: The full JDBC connection string used to connect to the database.

      9. (Optional) Provide the required connection properties file for the selected connector type. Click Select File to upload the file from your local machine. For more information on properties file, see Setting properties section below.

    4. (Optional) Click Test Connection to validate the access.

  6. Click Next.

  7. In the Summary step, review all connector details.

  8. If you need to make changes, click Back to update the previous steps. Otherwise, click Submit.

Setting properties

Properties can sometimes be set through the JDBC URL or through a connection properties file. Customizing the JDBC URL is limited to Advanced, Generic, and Extended Connectors, while uploading a properties file is supported by all database connectors. All properties files must have the extension .properties and must adhere to Java properties file syntax. Even if a property specified in the properties file is not technically supported by the JDBC driver, it will still be passed along to the driver when building the JDBC Connection. All provided and unsupported properties will be logged whenever the properties file is loaded.

The properties file is assumed to be written using ISO 8859-1 character encoding.
Certain JDBC drivers do not allow specific supported properties to be set through the JDBC URL. For example, Caché DB does not support setting the schema property through the JDBC URL, so it must either be set through the extended connector's Schema form field or through a connection properties file. Please defer to specific Driver documentation to see how a property must be set.

When a property is defined in multiple places—such as a form field, the JDBC URL, or the properties file—the following hierarchy determines which value is applied:

  1. Connector Form Fields (if applicable) for:

    1. Username

    2. Password

    3. Schema

  2. For the remaining properties, the order of precedence is:

    1. Properties File

    2. Connector Form Fields for:

      1. Database name

      2. Host

      3. Port

      4. SID

      5. Instance name

      6. JDBC URL

    3. JDBC URL (if applicable)

This means that for properties like Username, Password, and Schema, the Connector Form Fields take precedence. For all other properties, the order of precedence is: Properties File, Connector Form Fields, and then the JDBC URL.

Please note that the JDBC driver determines the precedence of duplicate properties specified in the URL, Properties object, and JDBC Connection API. Refer to the specific JDBC Driver documentation to confirm the exact order of precedence. A masking connector form will include either the fields from 3a or those from 3b, but not both, so duplication between these two sets is not possible.

Security considerations

The property key or value provided in a database connector's properties file will not be regulated and is subject to any user with CREATE or UPDATE connector privileges. This means that even supported sensitive properties such as user, password, hostname, etc. will be available in plain text to anyone with theVIEW connectorprivilege.

If possible, specify sensitive properties through relevant form fields which will be obfuscated in all places or through the JDBC URL which will still be visible in plain text to any user with the VIEW connector privilege but will be redacted in support bundles.