diff --git a/README.md b/README.md
index 66c4080..ffd3482 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,9 @@
# OpenRMF Documentation (v 0.12)
## Introduction to OpenRMF
-OpenRMF is an open source tool for managing, viewing, and reporting of your DoD STIG checklists and Nessus Patch Scans in one web-based interface using your browser. It also generates a compliance listing of all your checklists across a whole system based on NIST 800-53 for your Risk Management Framework (RMF) documentation and process. This tool helps you manage multiple systems going through the RMF process and allows you to structure your data in a clean interface all in one location for your group or program. It can save you _weeks_ of manually checking vulnerability-to-CCI-to-NIST controls and manually generating reports, so you can get on to the value-added work for your cybersecurity hygiene.
+OpenRMF is an open source tool for managing, viewing, and reporting of your DoD STIG checklists and Nessus Patch Scans in one web-based interface using your browser. It also generates a compliance listing of all your checklists across a whole system based on NIST 800-53 for your Risk Management Framework (RMF) documentation and process. This tool helps you manage multiple systems going through the RMF process and allows you to structure your data in a clean interface all in one location for your group or program.
+
+It will save you _weeks_ of manually checking vulnerability-to-CCI-to-NIST controls and manually generating reports, so you can get on to the value-added work for your cybersecurity hygiene.
Read more about its genesis here.
@@ -24,7 +26,7 @@ Read more about its genesis GitHub Issues page.
@@ -66,7 +74,9 @@ You need a web browser that is fairly current. And you need Docker installed on
## Run OpenRMF locally
The best way to run this application (once you have Docker installed) is to go to the Code -- Releases tab https://github.com/Cingulara/openrmf-docs/releases and pull down the latest release. Unzip the file and then run the ./start.sh or .\start.cmd file to pull the latest images and run OpenRMF. Then you can open a local browser to http://{ip-address}:8080/ and see what happens. If you want to change the ports you only have to edit the docker-compose.yml file locally. These files are in the [scripts](scripts) folder of this repo.
-Be sure to check out the [Keycloak information](#authentication-with-keycloak) because version 0.8 and beyond has RBAC for AuthN and AuthZ on the web and API calls. Or you could use another OpenID compliant application to provide AuthN and AuthZ.
+Be sure to check out the [Keycloak information](#authentication-with-keycloak) because OpenRMF version 0.8 and beyond has RBAC for AuthN and AuthZ on the web and API calls. Or you could use another OpenID compliant application to provide AuthN and AuthZ.
+
+> You need to setup Keycloak first before running OpenRMF.
> The data is currently mapped to internal Docker-managed volumes for persistence. You can run the "docker volume rm" command below if you wish to remove and start over as you test. If you want persistence you could change the connection strings to another MongoDB server and adjust the docker-compose.yml accordingly. Or use a volume in your docker-compose.yml or individual docker commands.
@@ -90,7 +100,9 @@ Starting with version 0.10.7 we include metrics tracking for all our major subsy
## Authentication with Keycloak
-Starting with version 0.8 we have AuthN and AuthZ setup for use. See the [Keycloak Document](keycloak.md) document for more information.
+Starting with version 0.8 we have AuthN and AuthZ setup for use. See the [Keycloak Document](keycloak.md) document for more information.
+
+> NOTE: You need to setup Keycloak before running OpenRMF. And you must get the .env file correctly setup.
## Creating MongoDB Users by Hand
If you wish you can create a MongoDB setup locally to persist your data and see what it does. Checkout the [create users by hand](create-users-by-hand.md) readme for more on that.
@@ -103,6 +115,9 @@ If you want to remove all data from volumes you can run the below. Do at your ow
## Screenshots of the UI
+The OpenRMF Dashboard for all Systems
+
+
The System Listing
diff --git a/architecture/README.md b/architecture/README.md
index 860495e..0cc160e 100644
--- a/architecture/README.md
+++ b/architecture/README.md
@@ -1,5 +1,5 @@
# OpenRMF Architecture
-This has the current architecture information for the OpenRMF application as of version 0.11.
+This has the current architecture information for the OpenRMF application as of version 0.11 and beyond (current version).
diff --git a/deployments/chart/openrmf/values.yaml b/deployments/chart/openrmf/values.yaml
index 3f18a59..91ebd1c 100644
--- a/deployments/chart/openrmf/values.yaml
+++ b/deployments/chart/openrmf/values.yaml
@@ -27,20 +27,20 @@ installType: minikube
# examples: 0.8, 0.8.1, latest
auditImage: 0.11
auditmsgImage: 0.11
-checklistmsgImage: 0.11
-complianceImage: 0.11
+checklistmsgImage: 0.12.2
+complianceImage: 0.12.2
compliancemsgImage: 0.11
-controlImage: 0.11
+controlImage: 0.12.1
controlmsgImage: 0.11
-readImage: 0.11.1
-saveImage: 0.11
-scoremsgImage: 0.11
-scoringImage: 0.11
-templateImage: 0.11.1
-templatemsgImage: 0.11
-uploadImage: 0.11
-systemmsgImage: 0.11
-webuiImage: 0.11.1
+readImage: 0.12.10
+saveImage: 0.12.3
+scoremsgImage: 0.12.3
+scoringImage: 0.12.2
+templateImage: 0.12.1
+templatemsgImage: 0.12
+uploadImage: 0.12.3
+systemmsgImage: 0.12.1
+webuiImage: 0.12.12
mongoImage: 4.0.5
natsImage: 2.1.2-linux
diff --git a/docs/artifacts.md b/docs/artifacts.md
new file mode 100644
index 0000000..b42c23e
--- /dev/null
+++ b/docs/artifacts.md
@@ -0,0 +1,38 @@
+---
+title: Step 6 - Generate RMF Artifact Reports
+nav_order: 450
+---
+
+# Generating your System's RMF Artifacts
+
+With all your data in one place for your entire system, you can how start to generate the RMF artifacts required such as your POA&M, Risk Assessment Report, and Test Summary Report. Below are examples of each. All of these can be found on the System
+page where you see the title, list of checklists, overall score, and other data.
+
+## Nessus Scan Export
+
+
+
+The Nessus Scan Export shows patching items across your system servers/hosts, sorted by criticality/severity, and gives details on the ID, description, and severity level.
+
+## POA&M Export
+
+
+
+The Plan of Actions and Milestones (POA&M) Export lists all Open and Not Reviewed items across every single checklist within your system. The data is ordered by severity and then vulnerability so all high level items are near the top. The POA&M is used to show your plan to address, mitigate, and/or close the items still open while you go through the RMF Process.
+
+## Test Plan Summary Export
+
+
+
+The Test Plan Export shows all Nessus Patch data with items that need to be addressed in Critical and High (CAT I) down to Low (CAT III) items. It then shows similar data across all your checklists (manual and SCAP generated) in a similar fashion. This gives you a high level count of items per severity.
+
+## Risk Assessment Report (RAR) Export
+
+
+
+The RAR shows all open or not reviewed items in a format to show you the host, the NIST control, the checklist the item was in, as well as severity of the item. This allows you to fill in the actual risk of this item as it pertains to your system and your risk profile.
+
+
+## Color Coding Rules
+
+For compliance, a green color means all the vulnerabilities for that control are either Not a Finding or marked as Not Applicable. If 1 vulnerability is marked as Open, then that whole group is Open. And if there are any vulnerabilities that are Not Reviewed with no Open vulnerabilities for that group, then the whole group is marked as Not Reviewed.
\ No newline at end of file
diff --git a/docs/assets/UI-system-view.png b/docs/assets/UI-system-view.png
new file mode 100644
index 0000000..b311dae
Binary files /dev/null and b/docs/assets/UI-system-view.png differ
diff --git a/docs/assets/nessus-export-xlsx.png b/docs/assets/nessus-export-xlsx.png
new file mode 100644
index 0000000..9e669c1
Binary files /dev/null and b/docs/assets/nessus-export-xlsx.png differ
diff --git a/docs/assets/poam-export.png b/docs/assets/poam-export.png
new file mode 100644
index 0000000..5d310b0
Binary files /dev/null and b/docs/assets/poam-export.png differ
diff --git a/docs/assets/rar-export.png b/docs/assets/rar-export.png
new file mode 100644
index 0000000..f6c797e
Binary files /dev/null and b/docs/assets/rar-export.png differ
diff --git a/docs/assets/reports-host-for-control.png b/docs/assets/reports-host-for-control.png
new file mode 100644
index 0000000..5b052ea
Binary files /dev/null and b/docs/assets/reports-host-for-control.png differ
diff --git a/docs/assets/reports.png b/docs/assets/reports.png
index 4976de0..b99eb98 100644
Binary files a/docs/assets/reports.png and b/docs/assets/reports.png differ
diff --git a/docs/assets/system-record.png b/docs/assets/system-record.png
index def09e1..b23dd33 100644
Binary files a/docs/assets/system-record.png and b/docs/assets/system-record.png differ
diff --git a/docs/assets/test-plan-summary-export.png b/docs/assets/test-plan-summary-export.png
new file mode 100644
index 0000000..1146dd2
Binary files /dev/null and b/docs/assets/test-plan-summary-export.png differ
diff --git a/docs/assets/upload-checklist-xccdf.png b/docs/assets/upload-checklist-xccdf.png
index 9a58de5..2302f71 100644
Binary files a/docs/assets/upload-checklist-xccdf.png and b/docs/assets/upload-checklist-xccdf.png differ
diff --git a/docs/assets/upload-template.png b/docs/assets/upload-template.png
index ee90e53..602b52a 100644
Binary files a/docs/assets/upload-template.png and b/docs/assets/upload-template.png differ
diff --git a/docs/index.md b/docs/index.md
index 732f16f..3b70356 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -8,14 +8,20 @@ nav_order: 1
Welcome to the OpenRMF Docs site. This site contains help screens, scenarios, screenshots and
other useful information to use the OpenRMF tool fo you and your team.
-OpenRMF is the only open source tool to manage your DoD STIG checklists, generate NIST compliance, keep track of your security items that are Open or Not Reviewed, and shrink your timeline to submit for an ATO!
+OpenRMF is the only web-based open source tool to manage your DoD STIG checklists, generate NIST compliance, keep track of your security items that are Open or Not Reviewed, and massively shrink your timeline to collect data and submit for an ATO!
See [What's New](./whatsnew.md) with the latest version.
## What it does
-OpenRMF manages your RMF documentation and removes the Cybersecurity mystery! It allows management to view the status of checklists and RMF progress on their systems. It allows IT administrators and developers to store their checklists and scans in a single place. It allows cybersecurity analysts to see the status of systems in a quick glance. And it allows assessors to have a single place to view the system and all its checklists so their job is more organized.
+OpenRMF manages your RMF documentation and removes the Cybersecurity mystery! It allows management to view the status of checklists and RMF progress on their systems.
-It has a great use for everyone! Most importantly: It minimizes the manual nature of managing all this data for you!
+It allows IT administrators and developers to store their checklists and scans in a single place.
+
+It allows cybersecurity analysts to see the status of systems in a quick glance.
+
+And it allows assessors to have a single place to view the system and all its checklists so their job is more organized.
+
+It has great use cases for everyone! Most importantly: It greatly minimizes the manual nature of managing all this data for you!
Some of the high level features are below:
@@ -24,38 +30,42 @@ Some of the high level features are below:
* Upload a DISA Checklist CKL, DISA SCAP XCCDF format file or Nessus SCAP XCCDF format file easily to visualize your RMF process
* Upload a .Nessus ACAS scan file to see Patch summary of Critical and High items
* Automatically organizes your checklists by system
-* Live online editing of your checklist through your web browser with auditing of the changes
* Single source of truth for your system checklists
* Single source of truth for your latest Nessus patch scans
+* Live online editing of your checklist through your web browser with auditing of the changes
+* One-click creation of your POA&M for your entire system (all servers, devices, SCAP scans, manual checklists)
+* One-click creation of your Risk Assessment Report (RAR) for your entire system (all servers, devices, SCAP scans, manual checklists)
+* One-click creation of your Test Plan Summary for your entire system (all servers, devices, SCAP scans, manual checklists)
* Interactive Reports and Searching of Nessus scan data
* Interactive Reports and Searching of System and checklist vulnerability data
-* Management insight into Cybersecurity Status and Security Posture instantly
-* Generating of Test Plan Summary for your System
-* AuthN, AuthZ, and Role Based Access Control (RBAC) to control access to read as well as edit data
-* Run on premise, on a local machine, or in the cloud
* Easily find errors and deltas across checklists in your system
* Easily run a compliance report in seconds for your Low, Moderate, or High system
+* Management insight into Cybersecurity Status and Security Posture instantly
+* AuthN, AuthZ, and Role Based Access Control (RBAC) to control access to read as well as edit data
+* Run on premise, on a local machine, or in the cloud (testing on Raspberry Pi 4 now)
+* Containerized to run locally, in a container runtime, or in Kubernetes
## Why use OpenRMF
-The current way to implement the Risk Management Framework for your DoD Authority to Operate is VERY manual and VERY slow. It is driven by disparate pieces of a Java Viewer for checklists, massive amounts of MS Excel spreadsheets for viewing the checklists for management, MS Word documents, various PDF files, and more. Information is shared (hopefully!) via email and shared folders. And there is no one central place for developers, operations, management, and cybersecurity analysts to see the most up to date information that is needed to eventually submit to eMASS.
+The current way to implement the Risk Management Framework for your DoD Authority to Operate is VERY manual and VERY, VERY slow. VERY slow. It is driven by disparate pieces of a Java Viewer for checklists, massive amounts of MS Excel spreadsheets for viewing the checklists for management, MS Word documents, various PDF files, your own home grown applications to help automate pieces of this process, and more. Information is shared (hopefully!) via email and shared folders. And there is no one central place for developers, operations, management, and cybersecurity analysts to see the most up to date information that is needed to eventually submit to eMASS.
That changes with OpenRMF!
OpenRMF solves this dilemma. All you need is a web browser to view the pertinent information on your checklists within your system. Checklists are grouped by system and quickly show information such as the number of Category 1, 2, and 3 items as well as the number of Open items versus the Not a Finding "closed" items. Without having to open every single checklist file in the heavy Java viewer DISA provides.
-OpenRMF helps in a few ways:
+OpenRMF helps in several ways:
* It is 100% browser based for all the major browsers (Chrome, Edge, Firefox, Safari, IE 11)
* You can import multiple checklists for a single source-of-truth for all checklists
* You can organize and manage your data by systems for a quicker, less stress filled way to see your system's risk profile
* Reports for management highlight the most asked question on status and numbers of items by type
* You can run a single compliance report across all your checklists based on the Low/Moderate/High label as well as PII data included
* You can export any checklists to Excel or download a CKL file for viewing in the DISA Java Viewer
+* You can drill down to your problem areas across all your checklists quickly with a few clicks and get actionable data quickly
With coming updates such as automating the Risk Assessment Report, automating the POA&M on fixes, as well as online editing of checklist status and comments OpenRMF is the app any DoD IT / Developer / Operations / Cybersecurity professional needs!
More information can be found in our product PDF on our website.
## Architecture
-Below is the top level architecture as of version 0.11 and beyond, drawn via Draw.io's great tool.
+Below is the top level architecture as of version 0.11 and beyond, drawn via Draw.io's great tool (now Diagrams.net).
-
+
diff --git a/docs/reports.md b/docs/reports.md
index 9ea8c4a..d6ada3a 100644
--- a/docs/reports.md
+++ b/docs/reports.md
@@ -37,4 +37,10 @@ This report lists out the controls and subcontrols across the RMF control listin
## System Checklist Vulnerability Report
This reports lets you search on a vulnerability and see what hosts and checklists have that vulnerability across all checklists within your system.
-
\ No newline at end of file
+
+
+
+## System Checklist Vulnerability Report
+This reports lets you search on a system and major RMF control and see what servers, workstations, devices, etc. relate to that control across all your checklists.
+
+
diff --git a/docs/whatsnew.md b/docs/whatsnew.md
index d3a241e..2eb993d 100644
--- a/docs/whatsnew.md
+++ b/docs/whatsnew.md
@@ -15,6 +15,10 @@ The latest working version is version 0.12. The recent updates on that are below
* Filtering on the Checklist page by status and severity/category of Vulnerabilities within that checklist
* Create a Test Plan Summary across your System of Checklists and Nessus ACAS scan data
* Updated color coding throughout the UI for Open items to show severity / category better
+* Generating the POA&M for Open and Not Reviewed items for a system (across all checklists)
+* Generating the Risk Assessment Report (RAR) for a system (across all checklists)
+* Generating the Test Plan Summary for a system (across all checklists)
+* Upgrading a Checklist to the latest version and release with the click of a button!
Version 0.11 updates are also below:
* Interactive Reports for Nessus Scan data, System Score and Checklist Vulnerability Data
diff --git a/img/UI-auditing.png b/img/UI-auditing.png
new file mode 100644
index 0000000..f54ce45
Binary files /dev/null and b/img/UI-auditing.png differ
diff --git a/img/UI-checklist-dashboard.png b/img/UI-checklist-dashboard.png
deleted file mode 100644
index 6d70281..0000000
Binary files a/img/UI-checklist-dashboard.png and /dev/null differ
diff --git a/img/UI-checklist-scoring-vulns.png b/img/UI-checklist-scoring-vulns.png
index 0bea96b..d49a9e8 100644
Binary files a/img/UI-checklist-scoring-vulns.png and b/img/UI-checklist-scoring-vulns.png differ
diff --git a/img/UI-checklist-upload.png b/img/UI-checklist-upload.png
index f56b40c..8977547 100644
Binary files a/img/UI-checklist-upload.png and b/img/UI-checklist-upload.png differ
diff --git a/img/UI-system-view.png b/img/UI-system-view.png
index 75e8d62..b311dae 100644
Binary files a/img/UI-system-view.png and b/img/UI-system-view.png differ
diff --git a/img/nessus-export-xlsx.png b/img/nessus-export-xlsx.png
index 624068d..9e669c1 100644
Binary files a/img/nessus-export-xlsx.png and b/img/nessus-export-xlsx.png differ
diff --git a/img/poam-export.png b/img/poam-export.png
new file mode 100644
index 0000000..5d310b0
Binary files /dev/null and b/img/poam-export.png differ
diff --git a/img/rar-export.png b/img/rar-export.png
new file mode 100644
index 0000000..f6c797e
Binary files /dev/null and b/img/rar-export.png differ
diff --git a/img/test-plan-summary-export.png b/img/test-plan-summary-export.png
new file mode 100644
index 0000000..1146dd2
Binary files /dev/null and b/img/test-plan-summary-export.png differ
diff --git a/keycloak.md b/keycloak.md
index 979c066..c6f77ae 100644
--- a/keycloak.md
+++ b/keycloak.md
@@ -28,6 +28,10 @@ To stop this, run the "stop" script for the Mac/Linux (.sh) or Windows (.cmd) co
8. Click on Authentication in the left menu
9. Click the Password Policy tab and set all appropriate policies (digits, special characters, upper and lower case, expiration, etc.)
10. Click Save to set all password policies
+
+### Password Policy Screenshot
+
+
11. Click Roles on the far left menu
12. Add the following roles: Administrator, Assessor, Download, Editor, Reader (use proper case)
13. Go to the Default Roles tab and add the Reader role, so new users can at least get Reader (if you wish)
@@ -41,6 +45,10 @@ To stop this, run the "stop" script for the Mac/Linux (.sh) or Windows (.cmd) co
21. Setup the Valid Redirect URIs to where your OpenRMF main root URL is (i.e. http://{ip-address}:8080/*)
22. Set the Web Origins appropriately for CORS (i.e. development could be * or your specific URL)
23. Click the Save button to save this initial setup
+
+### Client Settings Screenshot
+
+
24. Click on the Client Scopes tab to ensure the `roles` scope is in the right hand box to pass to OpenRMF upon login
25. Click on the Mappers tab under the openrmf Client
26. Click the Create button
@@ -51,16 +59,6 @@ To stop this, run the "stop" script for the Mac/Linux (.sh) or Windows (.cmd) co
31. Make the JSON type a String (see image below)
32. Save the mapper
-Now you are finally done! Check the OpenRMF web application by creating a user and logging in.
-
-> Remember the Redirect URIs cannot be "localhost" if you are running these components inside Docker. Localhost is local to the docker container!
-
-### Password Policy Screenshot
-
-
-### Client Settings Screenshot
-
-
### Roles Setup Screenshot
@@ -68,6 +66,10 @@ Now you are finally done! Check the OpenRMF web application by creating a user a
+Now you are finally done! Check the OpenRMF web application by creating a user and logging in.
+
+> Remember the Redirect URIs cannot be "localhost" if you are running these components inside Docker. Localhost is local to the docker container!
+
## Application Settings for Keycloak for running in Debug Mode
There are a few places when running in debug mode that you have to know the Keycloak URL and realm. They are listed below. Most of them deal with the APIs and validating login access to roles in the API code. And there is an Auth.js file in the web Javascript folder. These places point to the exact URL of Keycloak to validate the login and get roles. This corresponds to the Valid Redirect URIs field in the client setup so they must be setup correctly. Otherwise you will receive an error on an invalid caller trying to authenticate your user.
diff --git a/scripts/docker-compose.yml b/scripts/docker-compose.yml
index c0459c2..5b03366 100644
--- a/scripts/docker-compose.yml
+++ b/scripts/docker-compose.yml
@@ -3,7 +3,7 @@ version : '3'
services:
### 1 Web Front End Container
openrmf-web:
- image: cingulara/openrmf-web:0.12.7
+ image: cingulara/openrmf-web:0.12.12
ports:
- 8080:80
depends_on:
@@ -18,7 +18,7 @@ services:
### 8 API Containers
openrmfapi-scoring:
- image: cingulara/openrmf-api-scoring:0.12
+ image: cingulara/openrmf-api-scoring:0.12.2
ports:
- 8090:8080
env_file: .env
@@ -33,7 +33,7 @@ services:
- openrmf
openrmfapi-save:
- image: cingulara/openrmf-api-save:0.12.2
+ image: cingulara/openrmf-api-save:0.12.3
ports:
- 8082:8080
env_file: .env
@@ -51,7 +51,7 @@ services:
- openrmf
openrmfapi-template:
- image: cingulara/openrmf-api-template:0.12
+ image: cingulara/openrmf-api-template:0.12.1
ports:
- 8088:8080
env_file: .env
@@ -67,7 +67,7 @@ services:
- openrmf
openrmfapi-upload:
- image: cingulara/openrmf-api-upload:0.12.2
+ image: cingulara/openrmf-api-upload:0.12.3
ports:
- 8086:8080
env_file: .env
@@ -85,7 +85,7 @@ services:
- openrmf
openrmfapi-read:
- image: cingulara/openrmf-api-read:0.12.4
+ image: cingulara/openrmf-api-read:0.12.10
ports:
- 8084:8080
env_file: .env
@@ -101,7 +101,7 @@ services:
- openrmf
openrmfapi-compliance:
- image: cingulara/openrmf-api-compliance:0.12
+ image: cingulara/openrmf-api-compliance:0.12.2
ports:
- 8092:8080
env_file: .env
@@ -113,7 +113,7 @@ services:
- openrmf
openrmfapi-controls:
- image: cingulara/openrmf-api-controls:0.11
+ image: cingulara/openrmf-api-controls:0.12.1
ports:
- 8094:8080
env_file: .env
@@ -140,7 +140,7 @@ services:
### 7 Messaging Containers
openrmfmsg-score:
- image: cingulara/openrmf-msg-score:0.12.2
+ image: cingulara/openrmf-msg-score:0.12.3
environment:
- MONGODBCONNECTION=mongodb://openrmfscore:openrmf1234!@scoredb/openrmfscore?authSource=openrmfscore
- MONGODB=openrmfscore
@@ -152,7 +152,7 @@ services:
- openrmf
openrmfmsg-checklist:
- image: cingulara/openrmf-msg-checklist:0.12.1
+ image: cingulara/openrmf-msg-checklist:0.12.2
environment:
- MONGODBCONNECTION=mongodb://openrmf:openrmf1234!@checklistdb/openrmf?authSource=openrmf
- MONGODB=openrmf
@@ -182,7 +182,7 @@ services:
- openrmf
openrmfmsg-template:
- image: cingulara/openrmf-msg-template:0.11
+ image: cingulara/openrmf-msg-template:0.12
environment:
- MONGODBCONNECTION=mongodb://openrmftemplate:openrmf1234!@templatedb/openrmftemplate?authSource=openrmftemplate
- MONGODB=openrmftemplate
@@ -194,7 +194,7 @@ services:
- openrmf
openrmfmsg-system:
- image: cingulara/openrmf-msg-system:0.12
+ image: cingulara/openrmf-msg-system:0.12.1
environment:
- MONGODBCONNECTION=mongodb://openrmf:openrmf1234!@checklistdb/openrmf?authSource=openrmf
- MONGODB=openrmf