Introduction
- The JS7 - Identity Services offer local management of user accounts for authentication and authorization.
- The Shiro Identity Service was a built-in service available with the JOC Cockpit
- The Shiro Identity Service was available for early releases of JS7.
- The Shiro Identity Service has been discontinued:
FEATURE AVAILABILITY ENDING WITH RELEASE 2.4.0
- A migration tool is available for users who are upgrading from early JS7 2.0, 2.1 releases or who are migrating from JS1 1.12, 1.13 releases.
- For details see JS7 - Shiro Identity Service Migration
- The JS7 - Shiro Identity Service Migration Tool will remain in place and can be applied throughout future JS7 2.x releases independently of the fact that the Shiro Identity Service has been discontinued.
Identity Service Type
The following integration level is available from Identity Service Types that can be used with JOC:
| Identity Service | Identity Service Configuration Items | JOC Cockpit Configuration | ||||
|---|---|---|---|---|---|---|
| Service Type | Built-in | User Accounts/Passwords stored with | User Accounts/Passwords managed by | Roles/Permissions stored with | Roles->User Accounts Mapping managed with | Announcement |
| SHIRO | yes | JS7 Database / shiro.ini | JOC Cockpit | JS7 Database / shiro.ini | JOC Cockpit | The SHIRO Service Type is
|
Explanation:
- Service Type:
SHIRO- Management of user accounts and passwords is performed by the JOC Cockpit.
- The assignment of roles to user accounts is performed by the JOC Cockpit.
- The JOC Cockpit stores user accounts, hashed passwords and role assignments:
- in the JS7 - Database and
- in the
JETTY_BASE/resources/joc/shiro.ini.activefile. - Users can create a copy of the
shiro.ini.activefile, add their modifications and submit changes by renaming the file toshiro.ini. With the next login of a user theshiro.inifile will be applied and its contents added to the JS7 database. As a result of this operation theshiro.inifile is renamed toshiro.ini.active. A previously availableshiro.ini.activefile will be renamed toshiro.ini.backup.
Identity Service Configuration
The JOC Cockpit provides the Manage Identity Services page for the configuration of Identity Services. This page is accessed from the user menu of an administrative account::
Identity Service Settings
No settings are required for use of the Shiro Identity Service.
Logging
- Log Files
- Standard Log Files
- Identity Services log output to the
JETTY_BASE/logs/joc.logfile. This includes reporting success or failure of authentication. - Successful and failed authentication attempts including user accounts involved are logged to the
JETTY_BASE/logs/audit.logfile.
- Identity Services log output to the
- Debug Log Files
- For problem analysis during setup of an Identity Service increase the log level as explained with JS7 - Log Levels and Debug Options.
- The
JETTY_BASE/logs/joc-debug.logfile includes general debug output of JOC Cockpit. - The
JETTY_BASE/logs/authentication-debug.logfile includes debug output related to authentication and authorization. - The
JETTY_BASE/logs/jetty.logfile includes debug output of attempts to establish SSL connections.
Overview
Content Tools