JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 16

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Enable HTTP Communication

By default the Agent Controller configuration ships with HTTP communication enabled. It is recommended to create public/private keys and certificates for secure HTTPS communication and to disable HTTP Communication.

...

js7.web.server: Authentication Settings


js7webserver





authpublic<true>|<false>


  • This setting specifies public access to a Controller should insecure incoming HTTP connections be used. If used with a value true then no authentication applies.
  • Default: false

...

js7.configuration: Trusted Signature Keys

js7configuration




trusted-signature-keys




PGP<directory>



X509<directory>
  • For any deployed objects such as workflows the Controller expects a signature. Such signatures are created with a private key and are verified by the Controller based on the available certificates. Agents perform similar signature verification and are configured accordingly.
  • When deploying objects with JOC Cockpit
    • for a Low Security Level JOC Cockpit creates the signature from a single private key that is used for any JOC Cockpit user accounts allowed to deploy objects.
    • for a Medium Security Level JOC Cockpit creates the signature from the private key of the JOC Cockpit user account that deploy objects.
    • for a High Security Level the user creates the signature outside of JOC Cockpit and uploads the signed objects.
  • The Controller supports PGP public keys and X509 certificates. This setting expects a directory respectively that holds a number of public key files or certificate files.
  • trusted-signature-keys
    • PGP: specifies the directory from which PGP public keys are used to verify the signature of deployed objects.
    • X509: specifies the directory from which X509 certificates are used to verify the signature of deployed objects.

js7.journal: Journal Release Permissions

js7journal



users-allowed-to-release-events<account>[,<account>]
  • The Controller writes a journal of events that e.g. result from order state transitions such as an order starting, failing, completing etc.
  • The journal file will grow unlimited if events are not released. Typically events are consumed by JOC Cockpit and are added to the order and task history. With events being stored persistently to the JOC Cockpit database they can be released from the Controller's journal. The Controller accordingly will free the space consumed by its journal files.
  • users-allowed-to-release-events:  specifies the list of accounts that are allowed to send a command to the Controller to release events.
    • Typically the "History" account is specified, this account is used by the JS7 - Configuration - JOC Cockpit.
    • If more than one account is specified then events are released only after all accounts did send the command to release events to the Controller.

...