Page History
...
The <shiro-configuration-file>
specifies the file holding the latest Shiro configuration of the JobScheduler release from which to migrate, see What to migrate. Users can copy the file to their JS7 environment. During execution of the management script a no connection is required to the JobScheduler installation that should be migrated is not required.
Execution of the management script for migration performs the following operations in JS7:
- Add an Identity Service with Service Type
JOC
and the nameJOC-FROM-SHIRO
- For each LDAP realm included with the
<shiro-configuration-file>
a corresponding Identity Service is created form the name of the LDAP realm.
- For each LDAP realm included with the
- Populate roles of the
JOC-FROM-SHIRO
Identity Service- Any roles and permissions from the
<shiro-configuration-file>
are added to theJOC-FROM-SHIRO
Identity Service.
- Any roles and permissions from the
- Populate accounts of the
JOC-FROM-SHIRO
Identity Service- Any user accounts from the
<shiro-configuration-file>
are added to theJOC-FROM-SHIRO
Identity Service. - This includes to add assignments of roles to user accounts provided that assignments and roles are specified.
- This includes to add hashed passwords available from the
<shiro-configuration-file>
.- JS7 implements its own password hashing algorithm. However, password hashes migrated from Shiro can be used with JS7.
- When a user changes the password then the JS7 password hashing algorithm is applied.
- This procedure is intended for smooth migration that does not force users to change passwords.
- Any user accounts from the
- Should the management script find existing configuration items with the same name in the
JOC-FROM-SHIRO
Identity Service, for example matching names of roles or user accounts, then they will not be overwritten from the<shiro-configuration-file>
.
...
Overview
Content Tools