Product Knowledge Base

Space shortcuts

Page tree

Versions Compared

Old Version 8

changes.mady.by.user Alan Amos

Saved on

compared with

New Version Current

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 

Excerpt

The JOC Cockpit has been designed from the beginning to ensure that it is suitable for use in security-sensitive areasenvironments.

Architecture

The architecture introduced with the JOC Cockpit ensures that users are restricted to only being able to directly access to the JOC Cockpit as illustrated in the diagram below. The JOC Cockpit then calls the Web Service which, in turn, has access to the JobScheduler Masters themselves.

...

See the JOC Cockpit - Architecture article for more information.

Log In Form

The Remember Me setting in the JOC Cockpit Log In form shown below allows users to prevent misuse of log in information cached by the browser.

Image Removed

Security for System Administrators

HTTP / HTTPS Communication

As indicated in the schematic architecture diagram above, communication between the JOC Cockpit, the Web Service and the JobScheduler Masters and Agents can be carried out using both HTTP and HTTPS protocols. By default after installation HTTP will be used. However, HTTPS should be implemented by system administrators for all communication steps when the JobScheduler is to be used in sensitive environments.

Authorization Tokens

Separate authorization tokens are used for each communication step between the JOC Cockpit, the JobScheduler Web Service and the JobScheduler Masters and Agents. This means that if an attacker is able to take over and use a token they will only be able to bypass a part of the communication chain.

Authorization Token for the JOC Cockpit

The JOC Cockpit generates an authorization token each time a user logs on and saves this token either in the browser's local storage, if Remember Me is set on logging in, or in the browser's session storage, if Remember Me is not set. Note that there are situations where users can leave a valid authorization token on their file system although they are no longer working with the JOC Cockpit: 

 The behavior of the JOC Cockpit when Remember Me is set or not set depends on the situation. This behavior is specified in the following table:

Situation

Remember Me
Set

Remember Me
Not set

User logs out, browser reverts to Log In pageLog In information shown,
credentials are available 		Log In form is empty,
input of credentials required 		Authorization token is invalidated by the logoutAuthorization token is deleted with the session storage
Session expires, browser reverts to Log In pageLog In information shownLog In form is empty,
input of credentials required 		 pageAuthorization token is deletedAuthorization token is deleted with the session storage
Browser tab Browser is closed during session and then reopened ;
Log In page is opened by user		User is automatically logged inLog In form is empty,
input of credentials required 

Note that:

by opening recent tab (Firefox)Authorization token remains in browser's local storage and is not invalidated as a logout has not taken place. The token will then remain valid until the timeout period set in the shiro.ini configuration file has elapsed.Authorization token remains in browser's session storage and is not invalidated as a logout has not taken place. The token will then remain valid until the timeout period set in the shiro.ini configuration file has elapsed.

Browser tab is closed during session and then reopened by opening login page

Authorization token remains in browser's local storage and is not invalidated as a logout has not taken place. The token will then remain valid until the timeout period set in the shiro.ini configuration file has elapsed.Authorization token is deleted with the session storage

Note that:

  • the browser's local storage will not be the Log In form will not be emptied after a period of time when when Remember Me is  is set and a user does not log in again,
  • the behavior specified in the table is independent of whether or not the browser is set to save login information.
  • therefore do not use Remember Me if you are working in a security-sensitive environment.

 

Authorization Tokens

...

Status
titleRelevant?
  • .

Session Timeout

The JOC Cockpit uses the timeout period set in the shiro.ini configuration file for user sessions:

Code Block
languagetext
securityManager.sessionManager.globalSessionTimeout = 900000

The default value of 900.000 milliseconds translates to 15 minutes. To apply changes to this value the JOC Cockpit has to be restarted.

If a user does not logout from the JOC Cockpit but, for example, closes their browser or browser tab then:

  • the authorization token will remain valid for the specified period since the last user activity;
  • the user session in the JOC Cockpit will be closed but the JobScheduler Web Service will still accept the authorization token for the specified period.

Default User Account

The JOC Cockpit ships with a default setting in the shiro.ini configuration file for the account "root" with the password "root" and with permissions to carry out all operations with the JOC Cockpit.

Please adjust the account and password to be used. For a secure configuration it is recommended that LDAP access to a directory service is implemented for users with roles configured in the shiro.ini. This would guarantee that general policies such as frequency of password change or password complexity are considered when using the JOC Cockpit.

See the Authentication and Authorization - Configuration article for more information.

Audit Log

Excerpt Include
JOC Cockpit - Audit Log
JOC Cockpit - Audit Log
nopaneltrue

Read more ....

Security for Users

Use of the Log In Form Remember Me Checkbox

The Remember Me setting in the JOC Cockpit Log In form shown below is a convenient function for users working in "normal" environments. However it should be used with caution in security-sensitive environments as it could allow unauthorized personnel access to the scheduling environment when the user does not rigorously lock their computer.

Image Added

The behavior of the JOC Cockpit when Remember Me is set or not set depends on the situation. This behavior is specified in the following table:

Authorization Token for the JOC Cockpit

When a user logs on the JOC Cockpit generates an authorization token and saves it twice (Keys $SOS$accessTokenId and $SOS$permission), either in the browser's local storage, if Remember Me is set on logging in or in the browser's session storage, if Remember Me is not set.

...

Situation

Remember Me
Set

Remember Me
Not set

User logs out, browser reverts to Log In pageAccess token remains in browser's local storageLog In information shown,
credentials are available 		Log In form is empty,
input of credentials required Access token is deleted with the session storage
Session expires, browser reverts to Log In page In pageLog In information shownLog In form is empty,
input of credentials required 
Browser is closed during session and then reopened;
Log In page In page is opened by user		 User is automatically logged inLog In form is empty,
input of credentials required 

Note that:

HTTP / HTTPS Communication

...

  • The Log In form will not be emptied after a period of time when Remember Me is set and a user does not log in again,
  • The behavior specified in the table above is independent of whether or not the browser is set to save login information.

Password Reset and Password Change

A user password cannot be reset or changed with the JOC Cockpit. Depending on the configuration set in the shiro.ini configuration file:

  • users should ask their system administrator to modify their password in the shiro.ini file if local configuration is used;
  • any password changes effected for a directory service are automatically considered when using the JOC Cockpit if LDAP configuration is used.

See also