[users]
gauss=, application_manager, my_role
newton=, incident_manager, my_role
[main]
# Public LDAP Server for testing purposes
# see http://www.forumsys.com/en/tutorials/integration-how-to/ldap/online-ldap-test-server/
# Active Directory realm configuration
# See http://shiro.apache.org/static/current/apidocs/org/apache/shiro/realm/activedirectory/ActiveDirectoryRealm.html
ldapRealm = com.sos.auth.shiro.SOSLdapAuthorizingRealm
ldapRealm.userDnTemplate = uid={0},dc=example,dc=com
ldapRealm.searchBase = dc=example,dc=com
ldapRealm.contextFactory.url = ldap://ldap.forumsys.com:389
ldapRealm.groupNameAttribute=ou
ldapRealm.userNameAttribute=uid
ldapRealm.userSearchFilter=(uniqueMember=uid=%s,dc=example,dc=com)
# Mapping of a LDAP group to roles. You can assign more than one role with separator sign |
# In this example the LDAP group mapping is commented out. The user gauss will have the roles application_manager and my_role.
# You can mix both role sources, the shiro.ini file and the LDAP group mapping.
# ldapRealm.groupRolesMap = \
# "scientists":"it_operator", \
# "mathematicians":"administrator|application_manager"
rolePermissionResolver = com.sos.auth.shiro.SOSPermissionResolverAdapter
rolePermissionResolver.ini = $iniRealm
ldapRealm.rolePermissionResolver = $rolePermissionResolver
securityManager.realms = $ldapRealm
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
# Session timeout in milliseconds
securityManager.sessionManager.globalSessionTimeout = 360000
[roles]
# Permissions can be assigned to roles with a comma separated list of permissions. Permissions may have * as a wildcard
all = sos:products
administrator = sos:products:joc_cockpit:jobscheduler_master:view, \
sos:products:joc_cockpit:jobscheduler_master:execute:pause, \
360000
[roles]
#Permissions can be assigned to roles with a comma seperated list of permissions. Permissions may have * as a wildcard
all = sos:products
administrator:joc_cockpit:jobscheduler_master:execute:continue, \
= sos:products:joc_cockpit:jobscheduler_master:execute:viewrestart, \
sos:products:joc_cockpit:jobscheduler_master:execute:pauseterminate, \
sos:products:joc_cockpit:jobscheduler_master:continueexecute:abort, \
sos:products:joc_cockpit:jobscheduler_master:restart_cluster, \
sos:products:joc_cockpit:jobscheduler_universal_agent
application_manager = sos:products:joc_cockpit:jobscheduler_master:view, \
sos:products:joc_cockpit:jobscheduler_master:manage_categories, \
sos:products:joc_cockpit:jobscheduler_master:execute:pause, \
sos:products:joc_cockpit:jobscheduler_master:execute:continue, \
sos:products:joc_cockpit:jobscheduler_master_cluster:view:status, \
sos:products:joc_cockpit:jobscheduler_universal_agent:view:status, \
sos:products:joc_cockpit:daily_plan:view_:status, \
sos:products:joc_cockpit:history:view, \
sos:products:joc_cockpit:order, \
sos:products:joc_cockpit:job_chain, \
sos:products:joc_cockpit:job, \
sos:products:joc_cockpit:process_class, \
sos:products:joc_cockpit:schedule, \
sos:products:joc_cockpit:lock, \
sos:products:joc_cockpit:event, \
sos:products:joc_cockpit:event_action, \
sos:products:joc_cockpit:holiday_calendar:view:status, \
sos:products:joc_cockpit:maintenance_window:view, \
sos:products:joc_cockpit:holidaymaintenance_calendar:viewwindow:enable_disable_maintenance_window, \
sos:products:joc_cockpit:maintenanceaudit_windowlog:view:status, \
sos:products:joc_cockpit:maintenance_window:enable_disable_mainenance_window
customization:share
it_operator = sos:products:joc_cockpit:jobscheduler_master:view, \
sos:products:joc_cockpit:jobscheduler_master_cluster:view:status, \
sos:products:joc_cockpit:jobscheduler_universal_agent:view:status, \
sos:products:joc_cockpit:daily_plan:view_:status, \
sos:products:joc_cockpit:history:view, \
sos:products:joc_cockpit:order, \
sos:products:joc_cockpit:job_chain, \
sos:products:joc_cockpit:job, \
sos:products:joc_cockpit:process_class, \
sos:products:joc_cockpit:schedule, \
sos:products:joc_cockpit:lock, \
sos:products:joc_cockpit:event, \
sos:products:joc_cockpit:event_action, \
sos:products:joc_cockpit:holiday_calendar:view:status, \
sos:products:joc_cockpit::maintenance_window:view, \
sos:products:joc_cockpit:holidayaudit_calendarlog:view:status, \
sos:products:joc_cockpit:maintenance_windowcustomization:share:view
incident_manager = sos:products:joc_cockpit:jobscheduler_master:view, \
sos:products:joc_cockpit:jobscheduler_master_cluster:view:status, \
sos:products:joc_cockpit:jobscheduler_universal_agent:view:status, \
sos:products:joc_cockpit:daily_plan:view_:status, \
sos:products:joc_cockpit:history:view, \
sos:products:joc_cockpit:order:view, \
sos:products:joc_cockpit:order:remove_setback, \
sos:products:joc_cockpit:job_chain:view, \
sos:products:joc_cockpit:job:view, \
sos:products:joc_cockpit:process_class:view, \
sos:products:joc_cockpit:schedule:view, \
sos:products:joc_cockpit:lock:view, \
sos:products:joc_cockpit:event:view, \
sos:products:joc_cockpit:event_action:view, \
sos:products:joc_cockpit:sos:products:joc_cockpit:holiday_calendar:view:status, \
sos:products:joc_cockpit:maintenance_window:view, \
sos:products:joc_cockpit:audit_log:view:status, \
sos:products:joc_cockpit:customization:share:view
business_user = sos:products:joc_cockpit:jobscheduler_master:view:status, \
sos:products:joc_cockpit:jobscheduler_master_cluster:view:status, \
sos:products:joc_cockpit:jobscheduler_universal_agent:view:status, \
sos:products:joc_cockpit:daily_plan:view_:status, \
sos:products:joc_cockpit:history:view, \
sos:products:joc_cockpit:order:view:status, \
sos:products:joc_cockpit:order:view:order_log, \
sos:products:joc_cockpit:order:view:status, \
sos:products:joc_cockpit:job_chain:view:status, \
sos:products:joc_cockpit:job_chain:view:history, \
sos:products:joc_cockpit:job:view:status, \
sos:products:joc_cockpit:job:view:history, \
sos:products:joc_cockpit:job:view:task_log, \
sos:products:joc_cockpit:process_class:view:_status, \
sos:products:joc_cockpit:schedule:view:status, \
sos:products:joc_cockpit:lock:view:status, \
sos:products:joc_cockpit:sos:products:joc_cockpit:holiday_calendar:view:status, \
sos:products:joc_cockpit:maintenance_window:view:status
api_user = sos:products:joc_cockpit:history:view, \
sos:products:joc_cockpit:orderaudit_log:view:status, \
sos:products:joc_cockpit:order, \
:customization:share:view
api_user = sos:products:commands:jocjobscheduler_cockpit:job_chainmaster:view:status, \
sos:products:commands:joc_cockpithistory:jobview, \
sos:products:joc_cockpitcommands:order, \
-sos:products:joc_cockpitcommands:job:view:configuration_chain, \
-sos:products:joc_cockpitcommands:job_chain:view:configuration, \
-sos:products:joc_cockpitcommands:orderjob:view:configuration, \
-sos:products:commands:jocjob_cockpitchain:orderview:remove_setbackconfiguration, \
-sos:products:joc_cockpit:process_classcommands:order:view:_statusconfiguration, \
-sos:products:joc_cockpitcommands:schedule:view:statusorder:remove_setback, \
sos:products:commands:jocprocess_cockpit:lockclass:view:status, \
sos:products:joc_cockpit:sos:products:joc_cockpit:holiday_calendar:commands:schedule:view:status, \
sos:products:joc_cockpit:maintenance_windowcommands:lock:view:status, \
my_role = sos:products:commands:jocholiday_cockpitcalendar:historyview:viewstatus, \
sos:products:commands:jocmaintenance_cockpitwindow:order:view:status |