Product Knowledge Base

Space shortcuts

Page tree

Versions Compared

Old Version 71

changes.mady.by.user Uwe Risse

Saved on

compared with

New Version 72

changes.mady.by.user Alan Amos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: 'Introduction' updated

...

This article describes the configuration of the JOC Cockpit to use an LDAP Directory Service for authentication and authorization that is performed with Apache Shiro. The Note that the authoritative documentation of Shiro is provided by the Shiro project and may differ from the below explanations depending on the Shiro version in use.

Release 1.12.0

Display feature availability
EndingWithRelease1.12

LDAP configuration is stored out This configuration is done in the JOC Cockpit's shiro.ini file whose overall configuration is described in the Authentication and Authorization - Configuration article. A general introduction to authentication and authorization with JOC Cockpit is provided with the JOC Cockpit - Authentication and Authorization article.

After A rrestart of JOC Cockpit is not required after changing the shiro.ini configuration file either by using the JOC Cockpit Account Manager or a text editor, no restart of JOC Cockpit is required. 

Relevant Tools

Release 1.12.1 and Newer

 

LDAP configuration is stored in the reporting database along with other authentication and authorization information. A form based editor is available for users with the necessary permissions such as the default root user with the all role. This editor is accessed via the "Manage Accounts" menu and can be used for the configuration of LDAP authentication.

A shiro.ini file is still available but is overwritten each time a user with permissions to modify the authentication and authorization configuration logs out. This file is intended as a backup if system administrators are faced with all users being locked out of the system.

A restart of JOC Cockpit is not required after changing the shiro.ini configuration file either by using the JOC Cockpit Account Manager or a text editor.

 

Relevant Tools

  • An LDAP Browser:
    • The screenshots used in this article were made with the "Softerra LDAP Browser", which was configured to use the relevant LDAP Directory Service.
  • A
  • An LDAP Browser:
    • The screenshots used in this article are made for the "Softerra LDAP Browser" that is configured to use the relevant LDAP Directory Service.
  • A command line utility:
    • The example commands used are were executed with ldapSearch.

How to set up an LDAP Configuration

...