Web server configuration
The Server Configuration panel in Team Edition enables administrators to manage server settings important for the server. The panel is structured into distinct sections, each dedicated to specific aspects of server management.
To access the Server Configuration, navigate as administrator to Settings -> Administration -> Server Configuration.
The sections within the Server Configuration include:
- Server Information: Specifies essential server details.
- Configuration: Manages general configurations.
- Authentication Settings: Controls the methods for authentication.
- Security: Manages the storage of credentials.
- Disabled drivers: Allows to disable specific drivers on the server.
Server information¶
| Setting name | Description |
|---|---|
| Server Name | The name assigned to the server for identification purposes. |
| Allowed Server URLs | The URLs through which the server can be accessed. You can specify multiple server URLs separated by a new line. |
| Session lifetime | Specify the duration, in minutes, for which a session remains active before expiring. |
| Force HTTPS mode | Force HTTPS enforces secure connections across the entire application. Learn more |
Configuration¶
| Setting name | Description | Additional article |
|---|---|---|
| Enable private projects | Allows users to create private connections in privet projects that are not visible to other users. | Projects |
| Navigator simple view | Shows only basic information in new connections within the navigation tree. | Simple and advanced view |
| AI Integration | Enables AI-powered features throughout the application, including AI Chat, database object descriptions, intelligent SQL query optimization, and error correction. | AI smart assistance |
| AI MCP Server | Enables retrieving information from data sources via MCP endpoints. | MCP |
| Allow drivers downloading | Enables downloading JDBC drivers from external sources (Maven, GitHub). | |
| Cloud (AWS) | Enables AWS cloud services. | AWS Settings |
| Cloud (Azure) | Enables Microsoft Azure cloud services. | Cloud Explorer |
| Cloud (Google) | Enables Google Cloud services. | Cloud Explorer |
| Cloud Storage | Enables cloud file systems (e.g. S3). Users can access files in cloud storages if they have appropriate permissions. | Cloud Storage |
| DBeaver Proxy Driver | Adds DBeaver Proxy Driver protocol support. It allows using JDBC proxy to connect to databases accessible to DBeaver server. | DBeaver Proxy driver |
| DBeaver Database Tunnel | Enables DBeaver Database Tunnel. Allows native database drivers to connect to databases accessible through DBeaver server. | DBeaver Database Tunnel |
| Enable desktop application | Enables access from desktop application. When disabled, users can work only through the web interface. | |
| Git | Integrates Team Edition with Git services for version control. | Team Edition Git integration. |
Resource management¶
| Setting name | Description | Additional article |
|---|---|---|
| Enable Resource Manager | Activates the Resource Manager, allowing users to store and manage scripts on the server. | Resource manager |
Secret Management¶
| Setting name | Description | Additional article |
|---|---|---|
| Enable Secret Management | Enables Secret Management functionality. | Secret Management |
Authentication settings¶
The Authentication Settings section allows enabling various authentication methods that can later be configured in the Identity Provider tab.
Tip
For more information, see Authentication methods.
Security¶
| Setting name | Description |
|---|---|
| Save credentials | Allows saving credentials for pre-configured databases. |
| Save users credentials | Allows saving credentials for non-admin users. |
| Bind session to IP | Binds user sessions to client IP addresses. For details, see section below. |
Bind session to IP¶
Binding sessions to IPs links each user session to their client’s IP address. This prevents a stolen session cookie from being reused from another network and makes account sharing harder.
This setting links a user session to the client’s IP address. If binding is enabled, users may be logged out when their
IP address changes (for example, behind NAT or when switching networks).
Info
You can also configure this option with the CLOUDBEAVER_BIND_SESSION_TO_IP environment variable.
For more information, see Environment variables configuration.
| Value | Environment variable | Description |
|---|---|---|
| Enable | true |
Always bind sessions to IP addresses |
| Disable | false |
Never bind |
| Enable for databases.team | dbeaverDomains |
Used only for *.databases.team deployments (generated by the Domain Manager) |
Disabled drivers¶
The Disabled Drivers section allows administrators to control the availability of database drivers on the server.
- Search for the driver: Enter the name of a specific driver in the search field to quickly locate it.
- Disabling a driver: Select the desired driver from the search results to disable it.
- Enabling a driver: To re-enable a disabled driver, click on the
Xnext to its name in the list.Tip
For more information on how to manage these settings through the configuration file, see Server configuration.
Insecure drivers¶
Certain database drivers are disabled by default due to security risks. This primarily affects embedded databases, which have direct access to the local file system. If enabled, these drivers may allow users to read local files with the same permissions as the system user running the application. As a result, this could lead to unauthorized access to sensitive data and potential security vulnerabilities.
If an administrator enables one of these drivers, a warning notification will appear to highlight the associated security risks. Before enabling such drivers, it is strongly recommended to assess whether they are necessary and implement appropriate security controls to mitigate potential threats.