JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 12

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 13

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

The article is focused on configuration items used for HTTPS Basic Authentication with passwords. For a complete overview of settings see JS7 - Controller Configuration Items and JS7 - Agent Configuration Items,

  • HTTP Basic Authentication with passwords is a straightforward means allow to identify client and server in HTTP connections. However, HTTP connections are not secure and forwarding passwords without transport encryption means the passwords are visible in the network. It is therefore recommended that users switch to HTTPS Server Authentication which implements transport encryption.
  • Note the communication scheme between JS7 products as described in the JS7 - System Architecture article:
    • User browsers acting as http HTTP clients establish connections to JOC Cockpit as an HTTP server.
    • JOC Cockpit acting as an http HTTP client establishes connections to Controller instances acting as HTTP servers.
    • Controller instances acting as http HTTP clients establish connections to Agents acting as HTTP servers.

...

Code Block
languageyml
titleController configuration file: private.conf
linenumberstrue
collapsetrue
js7 {
    auth {
        users {
            # History account of JOC Cockpit (used forto release events)
            History {
                password="sha512:B793649879D61613FD3F711B68F7FF3DB19F2FE2D2C136E8523ABC87612219D5AECB4A09035AD88D544E227400A0A56F02BC990CF0D4CB348F8413DE00BCBF08"
            }

            # JOC account (needsof JOC Cockpit (requires UpdateItem permission for deployment)
            JOC {
                password="sha512:3662FD6BF84C6B8385FC15F66A137AB75C755147A81CC7AE64092BFE8A18723A7C049D459AB35C059B78FD6028BB61DCFC55801AE3894D2B52401643F17A07FE"
                permissions=[
                    UpdateItem
                ]
            }
        }
    }

    configuration {
        # truststore location for signatures
        trusted-signature-keys {
            PGP=${js7.config-directory}"/private/trusted-pgp-keys"
            X509=${js7.config-directory}"/private/trusted-x509-keys"
        }
    }

    journal {
        # allow History account to release unused journalsevents
        users-allowed-to-release-events=[
            History
        ]
    }
}

...

  • The configuration file is located in the JS7_CONTROLLER_CONFIG_DIR/private folder.
  • Note that the above configuration has to be deployed to both Controller instances if a Controller Cluster is to be used.
  • The configuration items relevant to Server Authentication with passwords from the example above are described in the following sections.

...