[JS-1670] Authentication and HTTPs for JobScheduler Master - SOS JIRA

XML

Word

Printable

Details

Type: Feature
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.11
Component/s: Job Scheduler Binaries
Labels:
None

Description

Like Agent (~~JS-1631~~), the new JobScheduler Master web services (~~JS-1642~~) support HTTPS and authentication.

The JobScheduler Master HTTPS web services are only accessible to authenticated users.

The credentials are read from data-directory/config/private/private.conf where each user has an entry of the form
```
jobscheduler.master.auth.users {
  USERNAME = "HASHSCHEME:HASHEDPASSWORD"
  ...
}
```

An example would be (two user sharing the same password):

jobscheduler.master.auth.users {
  eve = "plain:PASSWORD"
  joe = "sha512:911b0a07a8cacfebc5f1f45596d67017136c950499fa5b4ff6faffa031f3cec7f197853d1660712c154e1f59c60f682e34ea9b5cbd2d8d5adb0c834f963f30de"  # "PASSWORD"
  # JSON string encoding rules apply.
}

The Agent expects HTTP Basic Authentication.

The HTTPS certificate with its private key is expected in the Java keystore file ${SCHEDULER_DATA}/config/private/private-https.jks under the alias "master-https".

Attachments

Issue Links

is related to

JS-1671 Web service access for jobs

Released

relates to

JS-1628 HTTPS for Universal Agent, command line option -ip-address= replaced

Released

JS-1631 Agent restricts access to authenticated users

Released

Activity

People

Assignee:: Joacim Zschimmer

Reporter:: Joacim Zschimmer

Approver:: Oliver Haufe

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 13 October 2016 08:49

Updated:: 20 March 2017 20:30

Resolved:: 11 November 2016 13:04