Introduction
The architecture of JOC Cockpit ensures that users are restricted to directly accessing the JOC Cockpit user interface as illustrated in the diagram below. The JOC Cockpit includes the JS7 - REST Web Service API which, in turn, has access to the JS7 Controller instances. There is no connection from the JOC Cockpit to Agents.
See the JS7 - System Architecture article for more information.
Security Considerations for System Administrators
HTTP / HTTPS Connections
As indicated in the schematic architecture diagram above, connections between the JOC Cockpit, the REST Web Service API and the Controllers & Agents can be carried out using both HTTP and HTTPS protocols. By default after installation HTTP will be used. However, system administrators are recommended to implement HTTPS connections.
- Information about securing JOC Cockpit connections can be found from the JS7 - JOC Cockpit HTTPS Connections article.
- Information about setting up secure connections between the JOC Cockpit and Controllers can be found in the JS7 - Controller HTTPS Connections article.
- Refer to the JS7 - Agent HTTPS Connections article for information about securing the connections between Controller instances and Agents.
Authorization Tokens
Authorization tokens are used for communication between users and the JOC Cockpit, between the JS7 REST Web Service API and between the Controller instances and Agents. This means that if an attacker is able to take over and to use a token they will only be able to bypass a part of the communication chain.
Authorization Token for JOC Cockpit
The JOC Cockpit generates an authorization token each time a user logs on and saves this token either in the browser's local storage if Remember Me is set on logging in, or in the browser's session storage if Remember Me is not set. Note that there are situations when users can leave a valid authorization token on their file system although they are no longer working with the JOC Cockpit:
Situation | Remember Me | Remember Me |
---|---|---|
User logs out, browser reverts to Log In page | Authorization token is invalidated by the logout | Authorization token is deleted with the session storage |
Session expires, browser reverts to Log In page | Authorization token is deleted | Authorization token is deleted with the session storage |
New browser tab is opened in parallel to an existing browser tab | Authorization token in existing tab is valid Authorization token is required for new tab | Authorization token is maintained with the session storage |
Browser tab is closed during session and then reopened by opening the recent tab | Authorization token is invalidated | Authorization token is deleted with the session storage |
Browser tab is closed during session and then reopened by opening login page | Authorization token is invalidated | Authorization token is deleted with the session storage |
Note that:
- The browser's local storage will not be emptied after a period of time when Remember Me is set and a user does not log in again.
Session Idle Timeout
The JOC Cockpit uses the idle timeout period for user sessions which is available from the Manage Global Settings button in the Identity Services page :
The default value is 15 minutes. The JOC Cockpit does not require a restart to apply changes made to this value.
If a user does not logout from the JOC Cockpit but, for example, closes the browser or browser tab then:
- the authorization token will remain valid for the specified period since the user's last activity,
- the user session in JOC Cockpit will be closed, however, the JS7 REST Web Service API will accept the authorization token for the specified period.
Default User Account
The JOC Cockpit ships with a setting for the default user account that is configured with the JOC-INITIAL
Identity Service. By default the root
user account and password root
is used with permissions to carry out all operations with the JOC Cockpit.
Users should adjust the account and password to be used. For secure configuration it is recommended that LDAP access to a Directory Service is configured for user accounts with roles managed by an JS7 - LDAP Identity Service and that the root
account is dropped. This guarantees that general policies such as password rotation or password complexity requirements are considered when using the JOC Cockpit.
Default Profile Account
JOC Cockpit stores the users' profile settings in its database. When a user logs in for the first time then the settings of the default profile account are copied to the user profile. By default the profile of the root
user account that ships with the JOC-INITIAL Identity Service is used as the default user profile.
The default profile account can be specified with the default_profile_account
setting in section "joc" of the JS7 - Settings page.
Audit Log
The Audit Log allows compliance and operations reporting requirements for job scheduling activities to be met by providing an automatic and secure record of all actions that users of the JS7 - REST Web Service API - including JOC Cockpit users and external applications - perform on job-related objects. The Audit Log lists the relevant objects - Workflows, Orders, etc. - and any actions that modify their state.
Security Considerations for Users
Use of the Log In Form Remember Me Checkbox
The Remember Me setting in the JOC Cockpit Log In form shown below is a convenient function for users working in "normal" environments. However it should be used with caution in sensitive environments as it could allow unauthorized access to JOC Cockpit by third parties when users do not rigorously lock their computer. In addition, storing credentials with the browser can be considered a questionable practice.
The behavior of the JOC Cockpit when Remember Me is set or is not set depends on the situation:
Situation | Remember Me | Remember Me |
---|---|---|
User logs out, browser reverts to Log In page | Log In information displayed, credentials are available | Log In form is empty, input of credentials required |
Session expires, browser reverts to Log In page | Log In information displayed | Log In form is empty, input of credentials required |
Browser is closed during session and then reopened; Log In page is opened by user | Log In information displayed | Log In form is empty, input of credentials required |
Note that:
- The Log In form will not be emptied after a period of time when Remember Me is set and a user does not log in again,
- The behavior specified in the table above is independent of whether or not the browser is configured to store login information.
Use of the Remember Me functionality can be disabled by modifying the enable_remember_me
setting in the "joc" section of the JS7 - Settings page.
Password Reset and Password Change
A user account's password can be reset or changed with the JOC Cockpit if the JS7 - JOC Identity Service is used.
- When resetting or modifying a user account's password then the user is forced to specify a new password with the next login.
- This functionality by design is not offered for the JS7 - LDAP Identity Service or other external Identity Service.