JS7 JobScheduler

Space shortcuts

Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Introduction

  • Identity Services implement authentication methods and access to Identity Providers, for example credentials such as account/password are used as an authentication method to access an LDAP Directory Service as the Identity Provider, see JS7 - Identity and Access Management.
  • JOC Cockpit implements a pluggable architecture that allows to add Identity Service products with future JS7 releases.
  • For compatibility reasons early releases of JS7 include the Shiro Identity Service, see  JOC-1145 - Getting issue details... STATUS
    • FEATURE AVAILABILITY ENDING WITH RELEASE 2.3.0

Manage Identity Services

The operation to manage Identity Services is available from the user menu in the right upper corner of any JOC Cockpit page:


This operation brings forward the list of available Identity Services.

  • By default the built-in JOC Identity Service is available.
  • The Shiro Identity Service is available for migration purposes up to release 2.3.0.

Add Identity Service

To add an Identity Service use the respective button from the list of Identity Services:


Explanation:

  • The Name of the Identity Service can be freely chosen.
  • The Identity Service Type is one of
    • JOC: the built-in Identity Service stores user accounts and role mappings with the JS7 database.
    • VAULT

Manage Settings

Settings are available at a global level and per Identity Service.

Global Settings

Global settings are applied for all Identity Services.

  • At the time of writing a single setting for the max. idle timeout of user sessions is applied.
    • Should the lifetime of a token provided by an external Identity Service be different from the max. idle timeout then JOC Cockpit will try to renew the token with the Identity Service. Renewal of a token does not require the user to repeatedly specify credentials for login.
    • Identity Services can restrict the lifetime of tokens and they can deny renewal of tokens. If a token cannot be renewed then the user session is terminated and the user is required to perform a login.

Vault Identity Service Settings

x

x

JOC Identity Service Settings

The built-in Identity Service does not require any settings.

Shiro Identity Service Settings

The Shiro Identity Service does not require any settings.






  • No labels