JS7 JobScheduler

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Introduction

  • HTTP Basic Authentication with passwords is a basic means to identify client and server in HTTP connections. However, as HTTP connections are not secure and forward passwords without transport encryption the passwords are visible in the network. It is therefore recommended to switch to HTTPS Server Authentication that implements transport encryption.
  • Consider the communication scheme between JS7 components as explained from the JS7 - System Architecture:
    • User browsers acting as http clients establish connections to JOC Cockpit as an http server.
    • JOC Cockpit acting as an http client establishes connections to Controllers acting as http servers.
    • Controllers acting as http clients establish connections to Agents acting as http servers.

Controller Configuration

Configuration File: controller.conf

Download: controller.conf

Display controller.conf:

Controller configuration file: controller.conf 
# Allow http connections
js7.web.server.auth.public = true

Explanation:

  • The configuration file is located with the sos-berlin.com/js7/controller/config folder.
  • This configuration item is required to enable HTTP connections to a Controller.

Configuration File: private.conf

Download: private.conf

Display private.conf:

Controller configuration file: private.conf 
js7 {
    auth {
        users {
            # History account (used for release events)
            History {
                password="sha512:B793649879D61613FD3F711B68F7FF3DB19F2FE2D2C136E8523ABC87612219D5AECB4A09035AD88D544E227400A0A56F02BC990CF0D4CB348F8413DE00BCBF08"
            }
            # JOC account (needs UpdateItem permission for deployment)
            JOC {
                password="sha512:3662FD6BF84C6B8385FC15F66A137AB75C755147A81CC7AE64092BFE8A18723A7C049D459AB35C059B78FD6028BB61DCFC55801AE3894D2B52401643F17A07FE"
                permissions=[
                    UpdateItem
                ]
            }
        }
    }

    configuration {
        # truststore location for signatures
        trusted-signature-keys {
            PGP=${js7.config-directory}"/private/trusted-pgp-keys"
            X509=${js7.config-directory}"/private/trusted-x509-keys"
        }
    }

    journal {
        # allow History account to release unused journals
        users-allowed-to-release-events=[
            History
        ]
    }
}

Explanation:

  • The configuration file is located with the sos-berlin.com/js7/controller/config/private folder.
  • Consider that the above configuration has to be deployed to both Controller instances should a Controller Cluster be used.
  • Find below explanations about configuration items from the above example relevant to Server Authentication with passwords.

Agent Configuration

Configuration File: agent.conf


Download: agent.conf

Display agent.conf:


Controller configuration file: controller.conf 
# Allow http connections
js7.web.server.auth.public = true


Explanation:


  • The configuration file is located with the sos-berlin.com/js7/agent/config_<port> folder.
  • This configuration item is required to enable HTTP connections to a Controller.



Configuration File: private.conf


Download: private.conf

Display private.conf:

Agent configuration file: private.conf 
}

Explanation:

  • The configuration file is located with the sos-berlin.com/js7/agent/config_<port>/private folder.
  • Consider that the above configuration has to be deployed to any Agent instances.
  • Find below explanations about above configuration items relevant to Server Authentication with passwords.




  • No labels