Page History
...
JS7 products use the following connections:
Network Connections
...
- Configure network connections to use HTTPS:
- Use of HTTPS includes providing valid certificates for the hosts that JS7 products are operated for. Use of self-signed certificates is not recommended as they cannot acceptable if they can be verified to a trusted source.
- As HTTPS is limited to secure connections, additional authentication is required. In this case, a JS7 Controller instance is configured to authenticate with an Agent in order to guarantee that the Controller instance is in fact, what it claims to be and is entitled to access the Agent.
- The JS7 - Secure Connections article explains the use of the built-in Certificate Authority and the use with external Certificate Authorities.
- For detailed instructions for configuration see:
- JS7 - JOC Cockpit HTTPS Connections, which explains HTTPS configuration for the JOC Cockpit and connection to the JS7 Controller.
- JS7 - Controller HTTPS Connections
- JS7 - Agent HTTPS Connections
- Restrict use of network interfaces:
- Consider restricting JS7 products to only listen to specific network interfaces.
- The JS7 Controller can be configured by use of the
--http_port
and--https_port
command line options to specify network interfaces, see the JS7 - Controller - Command Line Operation article for details. - The JS7 Agent can be configured by use of the
--http-port
and--https-port
options to specify network interfaces, see JS7 - Agent Command Line Operation. - The JOC Cockpit can be similarly configured to only use specific network interfaces, see:
...
Database connections are based on JDBC. If JDBC type 4 drivers are used then a DBMS client is not required for the operation of the JOC Cockpit. The Hibernate access layer is used for database access.
Consider DBMS vendor instructions how to set up secure connections to the database,
Default Configuration
- JS7 ships with JDBC Drivers that are open source or that are free for distribution with JS7.
- The JOC Cockpit installer allows:
- specification of alternative JDBC Drivers that can be downloaded from the respective vendor's web site.
- specification of individual Hibernate configuration files with security related settings.
- For details see the JS7 - Database article.
...
- Depending on the DBMS version in use it is preferable to download and apply the DBMS vendor's current JDBC Driver version:
- For use with MySQL® the JDBC Driver is not included with JS7. Instead a MariaDB® driver is provided for access to MySQL® databases.
- For use with SQL Server® the JDBC Driver is not included. Instead users have to download a current JDBC Driver from the vendor's site.
- For use with Oracle® newer the JDBC Driver is included. Newer JDBC Driver versions might be available from the vendor's web site.
- Vendor-specific JDBC Drivers include support for specific authentication mechanisms. For example
- the use of JDBC with Oracle Wallet, see JS7 - How to make JOC Cockpit connect to an Oracle database using Wallet®,
- the use of JDBC with Integrated Security, see JS7 - How to connect to an SQL Server database without using passwords.
- Consider additional security related settings that apply to your DBMS in the Hibernate configuration file. For the location of this file see the JS7 - Database article.
...
Overview
Content Tools