Scope
- The JOC Cockpit implements authentication and authorization by a number of permissions.
- Permissions can be assigned to roles that then are assigned to users.
More information about how this can be done is available in the Authentication and Authorization - Configuration article.
Matrix of Roles and Permissions
The document below shows the default roles and permissions delivered with the JOC Cockpit shiro.ini
configuration file. System administrators can define and modify roles and permissions as required.
The purpose of each role is explained in the notes at the foot of the matrix. Of particular interest is the api_user role that is not intended for use with the JOC Cockpit interface but is intended for use with the JobScheduler Web Service from another application. More information can be found in the Authentication and Authorization - Permissions for the JobScheduler REST Web Service article.
- The list with all permissions for use with the
shiro.ini
file: shiro.ini-JOC-Cockpit-permission-list.txt - Roles and Permissions Matrix as file: joc-role-operation-permission.xlsx
Examples
Allow orders to be viewed and executed
Allow all order operations except changing and removing orders
References
- Authentication and Authorization - Configuration
- Authentication and Authorization - Permissions for the JobScheduler REST Web Service