The JOC Cockpit brings user authentication and authorization to the JobScheduler.
Authentication can either take place against an Apache ShiroTM compliant configuration file, an LDAP compliant directory service or information stored in a database.
Authorization is defined in Roles - and Permissions and an example set of Roles and Permissions is provided with the JOC Cockpit installation archive and system . System administrators are able to define Roles for their Userstheir own User Roles and Permission sets as required.
The JOC Cockpit is able to handle authentication of multiple users and their authorization for multiple JobSchedulers simultaneously and includes an editor in the Manage Accounts view for the configuration of authentication and authorization.
- Shiro Authentication:
- Intended for development and use where security is of relatively low importanceimportant.
- User passwords are saved encrypted in plain text in the
shiro.inifile , which
Display feature availability StartingFromRelease 1.11.5
shiro.inifile itself is unencrypted.
- LDAP Authentication:
- Intended for use in production environments where LDAP is already in use.
shiro.inifile contains information specifying the LDAP service.
- Shiro and LDAP Authentication can be combined.
- Database Authentication:
- Intended for use in production environments.
shiro.inifile contains information specifying the database authentication service.
- Authentication information is entered manually in the database by a system administrator.