Page History
...
- Identity Services implement Authentication Methods and access to Identity Providers, for example, credentials such as user account/password are used as an Authentication Method to access an LDAP Directory Service acting as the Identity Provider, see JS7 - Identity and Access Management.
- JOC Cockpit implements a flexible architecture that allows to add external Identity Service products with future JS7 releases.
- By default JS7 ships with two built-in Identity Services:
- The JS7 - JOC Identity Service includes to manage user accounts with JOC Cockpit and to use the JS7 database for persistence.
- The JS7 - LDAP Identity Service includes to authenticate users with an LDAP Directory Service.
Display feature availability StartingFromRelease 2.2.0
- For compatibility reasons early releases of JS7 include the JS7 - Shiro Identity Service (deprecated), see
Jira server SOS JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1145 Display feature availability EndingWithRelease 2.3.0
...
Identity Service | Identity Service Configuration Items | JOC Cockpit Configuration | ||||
---|---|---|---|---|---|---|
Service Type | Built-in | User Accounts/Passwords stored with | User Accounts/Passwords managed by | Roles/Permissions stored with | Roles->User Accounts Mapping managed with | Roles Mapping |
JOC | yes | JS7 Database | JOC Cockpit | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
LDAP | yes | LDAP Server | LDAP Server | JS7 Database | LDAP Server | Mapping of LDAP Security Groups to JOC Cockpit Roles performed with the LDAP Server |
LDAP-JOC | yes | LDAP Server | LDAP Server | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
VAULT | no | Vault Server | Vault Server | JS7 Database | Vault Server | Mapping of Vault Policies to JOC Cockpit Roles |
VAULT-JOC | no | Vault Server | Vault Server | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
VAULT-JOC-ACTIVE | no | Vault Server | Vault Server / JOC Cockpit | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
KEYCLOAK | no | Keycloak Server | Keycloak Server | JS7 Database | Keycloak Server | Mapping of Keycloak Policies to JOC Cockpit Roles |
KEYCLOAK-JOC | no | Keycloak Server | Keycloak Server | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
KEYCLOAK-JOC-ACTIVE | no | Keycloak Server | Keycloak Server / JOC Cockpit | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
Shiro (deprecated) | yes | shiro.inishiro.ini | JOC Cockpit | shiro.ini | shiro.ini | n/a |
Management of Identity Services
...
This operation brings forward the list of available Identity Services.
- By default the a number of built-in Identity Services are available: is available.
- In addition, connectors are available for external Identity Service products:
- The following Identity Services are considered deprecated:
- The JS7 - Shiro Identity Service (deprecated)
Display feature availability EndingWithRelease 2.4.0
- The JS7 - Shiro Identity Service (deprecated)
Add Identity Service
To add an Identity Service use the button Add Identity Service from the above list of Identity Services:
...
- JS7 - JOC Identity Service (does not require any settings)
- JS7 - LDAP Identity Service
- JS7 - HashiCorp® Vault Identity Service.
- The JS7 - Shiro Identity Service and JOC Identity Service do (deprecated) (does not require any settings.)
Processing of Identity Services
...
Overview
Content Tools