Page History

...

The architecture introduced with the JOC Cockpit ensures that users are restricted to directly access the JOC Cockpit as illustrated with the diagram below. The JOC Cockpit then calls the JS7 - REST Web Service API which, in turn, has access to the JobScheduler JS7 Controller instances. There is no connection from a JOC Cockpit to Agents.

See the JS7 - System Architecture article for more information.

...

As indicated with the schematic architecture diagram above, communication connections between the JOC Cockpit, the REST Web Service API and the Controllers & Agents can be carried out using both HTTP and HTTPS protocols. By default after installation HTTP will be used. However, system administrators are recommended to implement HTTPS connections.

...

Authorization tokens are used for communication between users and JOC Cockpit, between the JS7 REST Web Service API and between the Controller instances and Agents. This means that if an attacker is able to take over and to use a token they will be able to bypass a part of the communication chain only.

Authorization Token for the JOC Cockpit

The JOC Cockpit generates an authorization token each time a user logs on and saves this token either in the browser's local storage, if Remember Me is set on logging in, or in the browser's session storage, if Remember Me is not set. Note that there are situations when users can leave a valid authorization token on their file system although they are no longer working with the JOC Cockpit: 

...