Page History
...
- HTTP Basic Authentication with passwords is a basic straightforward means to identify client and server in HTTP connections. However, as HTTP connections are not secure and forward forwarding passwords without transport encryption means the passwords are visible in the network. It is therefore recommended to that users switch to HTTPS Server Authentication that which implements transport encryption.
- Consider Note the communication scheme between JS7 components as explained from described in the JS7 - System Architecture article:
- User browsers acting as http clients establish connections to JOC Cockpit as an http server.
- JOC Cockpit acting as an http client establishes connections to Controller instances acting as http servers.
- Controller instances acting as http clients establish connections to Agents acting as http servers.
...
- The configuration file is located with in the
sos-berlin.com/js7/controller/config/private
folder. - Consider Note that the above configuration has to be deployed to both Controller instances should if a Controller Cluster is to be used.
- Find below explanations about The configuration items from the above example relevant to Server Authentication with passwords from the example above are described in the following sections.
Agent Configuration
Configuration File: agent.conf
...
- The configuration file is located with in the
sos-berlin.com/js7/agent/config_<port>
folder. - This configuration item is required to enable HTTP connections to a Controller.
...
- The configuration file is located with in the
sos-berlin.com/js7/agent/config_<port>/private
folder. - Consider Note that the above configuration has to be deployed to any all Agent instances.
- The
js7.configuration.trusted-signature-keys
setting specifies directories that hold PGP public keys and X.509 certificates required by an Agent to verify the signatures of deployed objects such as workflows.- If you do not use PGP public keys then disable the
PGP
setting as otherwise warnings might occur if no PGP public keys are found from the indicated directory specified. - Accordingly drop the use of X.509 certificates by disabling the
X509
setting if no X.509 certificates are available from in the indicated directory specified.
- If you do not use PGP public keys then disable the
- The
js7.job.execution
setting specifies that job scripts which include shell code can be used that include shell code. If this setting is assigned thefalse
value or is omitted then jobs are limited to execute executing existing shell scripts from thesos-berlin.com/js7/agent/config_<port>/executables
folder. Some users of JS7 might consider it more secure to disallow shell commands in job scripts to include shell commands and instead to limit jobs to execute executing existing scripts located in this folder.
...
Overview
Content Tools