Page History
...
- which application manages user accounts/passwords:
- the Identity Provider that is specific to an Identity Service,
- JOC Cockpit that propagates user accounts/passwords to the Identity Service but does not store such credentials with the JS7 database.
- where assignments of roles to user accounts are stored:
- with the Identity Provider of the Identity Service,
- with the the JS7 database- Database.
Identity Service | Identity Service Configuration Items | JOC Cockpit Configuration | ||||
---|---|---|---|---|---|---|
Service Type | Built-in | User Accounts/Passwords stored with | User Accounts/Passwords managed by | Roles/Permissions stored with | Roles->User Accounts Mapping managed with | Roles Mapping |
JOC | yes | JS7 Database | JOC Cockpit | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
LDAP | yes | LDAP Server | LDAP Server | JS7 Database | LDAP Server | Mapping of LDAP Security Groups to JOC Cockpit Roles performed with the LDAP Server |
LDAP-JOC | yes | LDAP Server | LDAP Server | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
VAULT | no | Vault Server | Vault Server | JS7 Database | Vault Server | Mapping of Vault Policies to JOC Cockpit Roles |
VAULT-JOC | no | Vault Server | Vault Server | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
VAULT-JOC-ACTIVE | no | Vault Server | Vault Server / JOC Cockpit | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
KEYCLOAK | no | Keycloak Server | Keycloak Server | JS7 Database | Keycloak Server | Mapping of Keycloak Policies to JOC Cockpit Roles |
KEYCLOAK-JOC | no | Keycloak Server | Keycloak Server | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
KEYCLOAK-JOC-ACTIVE | no | Keycloak Server | Keycloak Server / JOC Cockpit | JS7 Database | JOC Cockpit | Mapping of user accounts and roles with JOC Cockpit |
SHIRO | yes | JS7 Database / shiro.ini | JOC Cockpit | JS7 Database / shiro.ini | JOC Cockpit | The SHIRO Identity Service Type is:
|
...
- By default a number of built-in Identity Services are available:
- In addition, connectors are available for external Identity Service products:
- The following Identity Services are considered to be deprecated and removed from future JS7 releases:
- The JS7 - Shiro Identity Service
Display feature availability EndingWithRelease 2.4.0
- The JS7 - Shiro Identity Service
...
Global settings are applied to all Identity Services.
Explanation:
...
- JS7 - JOC Identity Service (does not require any settings)
- JS7 - LDAP Identity Service
- JS7 - HashiCorp® Vault Identity Service.
- JS7 - Shiro Identity Service (does not require any settings)
...
Overview
Content Tools