JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 23

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 24

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • This setting specifies public access to a Controller if insecure incoming HTTP connections are to be used. If used with the value true then authentication no HTTP Server Authentication is not applied.
  • Default: false


Security Configuration File: private.conf

...

  • An additional authentication mechanism is applied when using HTTPS Certificates Server Authentication certificates or public keys for incoming connections, see below: the client of the incoming connection, e.g. JOC Cockpit, is required to provide a Client Authentication certificate and a password. This includes two certificates that are in place for a secure HTTPS connection: the given Controller's Server Authentication Certificate certificate and the JOC Cockpit's Client Authentication Certificatecertificate
    • The fact that a given certificate is to be used for Server Authentication and/or Client Authentication is specified with the key usage when the certificate is being created and signed.
    • The distinguished name that is specified with the Controller's configuration has to match the Client Authentication Certificate's or Client public key's subject attribute. This attribute specifies the hostname and additional information that is created when the certificate or public key is generated.
  • Controller
    • Settings in this section are used for connections from a pairing Controller instance, e.g. for a Secondary Controller instance if the given configuration is used for the Primary Controller instance and vice versa. 
    • distinguished-names
      • Specifies the distinguished name as given with the subject of the Client Authentication Certificate for incoming HTTPS connections of a pairing Controller instance.
      • Any number of distinguished names can be specified allowing a number of incoming HTTPS connections from different Controller instances. At a given point in time only one pairing Controller instance can connect to the given Controller.
  • History
    • Settings in this section are used for the History Service of JOC Cockpit instances that access the given Controller.
    • distinguished-names:  the same as for the Controller setting.
    • password: a password has to be used in addition to use of a certificate or public key. In addition the password is used if incoming HTTP connections are allowed.
  • JOC
    • Settings in this section are used for JOC Cockpit instances that access the given Controller.
    • distinguished-names:  the same as for the Controller setting.
    • password:  a password has to be used in addition to use of a certificate or public key. In addition the password is used if incoming HTTP connections are allowed.
    • permissions: JOC Cockpit requires the UpdateRepo permission to enable users to deploy objects such as workflows.

...