JDBC driver
For connecting your favorite IDE, SQL Editor, or BI tool to Space and Time.
These instructions walk you through connecting to Space and Time via the open-source SQL editor DBeaver. The steps will vary slightly depending on your SQL editor, but the general concepts are the same.
Requirements
- Download the latest SxT JDBC driver jar
- Download DBeaver(or another SQL editor or choice)
Setting up the JDBC Driver
Step 1: Add a new driver
Add the .jar file as a new driver in your SQL editor.
DBeaver instructions:
- Open the "Database Menu"-->"Driver Manager"-->"New"
- Select the "Libraries" tab and "Add File"
- Navigate to the SxT JDBC driver .jar file linked in the Requirements section above
- Once you have the .jar file selected, click on the "Find Class" button and select Driver Class
io.spaceandtime.connection.JdbcDriver - Hit "Ok" to save the new library and settings
Step 2: Configure the driver properties
JDBC works on password authentication, while Space and Time operates on more secure public/private key authentication. The JDBC configuration requires a few non-standard properties to account for these differences.
Ensure that the following fields are populated:
Example configuration in DBeaver
DBeaver required driver properties:
- Class Name:
io.spaceandtime.connection.JdbcDriver - URL Template:
jdbc:sxt:thin://{host}
Step 3: Create a new connection
Example configuration in DBeaver
DBeaver required connection properties:
- Host - This will be the API base URL. Note: do not include http:// or https:// in this field.
- Username - This will be the
userIdyou registered with Space and Time. For easy registration, use the Space and Time CLI. - Password - This will be your
privateKeygenerated during the registration process. Your private key will never leave your machine. - publicKey - This will be the public key corresponding to the above private key.
Step 4: Test your connection
Before continuing, test your connection to ensure all properties were entered correctly.
DBeaver instructions:
- Select the "Test Connection" in the lower lefthand corner of the configuration screen
Accessing and permissioning resources
- (Optional)
biscuit_<schema-name.table-name>- list of biscuits tied to permissioned tables (case-sensitive). For easy biscuit generation, use the Space and Time CLI.- Blockchain tables are publicly available to the network and do not require a biscuit
- For private tables during the Controlled Release, one biscuit is required per table
(biscuit_<schema-name.table-name>)
The user's private key NEVER leaves the JDBC driver/user's computer. Rather, the private key is used to generate a cryptographic signature that allows Space and Time servers to validate key ownership without transmitting the key itself.
Biscuits
Space and Time use biscuits to manage the secure authorization between users and tables on a decentralized network. Establishing this relationship between the biscuit and the user does require one additional step for the JDBC driver.
Controlled Release
For the Controlled Release, Space and Time will require one biscuit per private table to be added to the JDBC properties. For example, if you wanted access to 3 private tables from the JDBC connection, "TableA", "TableB", and "TableC", you would need 3 new JDBC properties. Note that these properties are case-sensitive:
biscuit_Schema.TableA:biscuit_Schema.TableB:biscuit_Schema.TableC:
This guarantees correct authorization across a decentralized network.
Open Beta & beyond
Work is underway to make this process more dynamic for users, allowing the JDBC driver to be smarter when selecting a biscuit while enabling the biscuit scope to span beyond a single table. Check back periodically as we progress!
Blockchain data provided by Space and Time is public, meaning it is accessible by default and thus does not require biscuits to query. If you are only querying on-chain data, you can skip the biscuit setup process entirely.
Updated 6 days ago