Uploaded image for project: 'JS - JobScheduler'
  1. JS - JobScheduler
  2. JS-1631

Agent restricts access to authenticated users

    XMLWordPrintable

    Details

      Description

      Desired Behavior

      • The Agent HTTPS web services are only accessible to authenticated users.
      • The credentials are read from data-directory/config/private/private.conf where each user has an entry of the form
        jobscheduler.agent.auth.users {
          _userName_ = "_hashScheme_:_hashedPassword_"
        }
        
      • An example would be:
        jobscheduler.agent.auth.users {
          a-scheduler = "plain:PASSWORD"
          b-scheduler = "sha512:130c7809c9e5a8d81347b55f5c82c3a7407f4b41b461eb641887d276b11af4b575c5a32d1cf104e531c700e4b1ddd75b27b9e849576f6dfb8ca42789fbc7ece2"  # "SHA512-PASSWORD"
        }
        
      • A JobScheduler uses its Scheduler ID as its user name.

      Recommendations

      • Both hashing schemes, as you can see in the example above, "plain" and "sha512" are available. We recommend the latter as a more secure procedure in comparison to a plain text.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jz Joacim Zschimmer
                Reporter:
                jz Joacim Zschimmer
                Approver:
                Santiago Aucejo Petzoldt
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: