Adding a user
The following user roles are available, which provide different sets of permissions:
|
Role |
Description |
|---|---|
|
NONE |
Role without permissions |
|
READ |
Provides the read permission to the monitoring functions |
|
OPERATOR |
Provides permissions to create, pause and start jobs (includes READ) |
|
ADMIN |
Provides the permission to shut down the Scheduler (includes READ + OPERATOR) |
To add another user, add a new row beginning with “User” which complies with the following pattern:
User<Number>=<PASSWORD-TYPE>:<USERNAME>:<PASSWORD>:<ROLE>
Instead of the placeholders use the according values, which are explained below:
|
Role |
Description |
|---|---|
|
<Number> |
An integer counter starting with 1. Increase this by 1 for each new user entry. |
|
<PASSWORD-TYPE> |
PLAIN or MD5 or BCRYPT(since 9.11.2) |
|
<USERNAME> |
The login name of the user for basic access authentication at the REST endpoint. |
|
<PASSWORD> |
Depending on <PASSWORD-TYPE> provide a plain or an MD5 password. In a plain password no colon “:” is supported! |
|
<ROLE> |
|
|
Table 84: Scheduler configuration – user authorization string |
|
An MD5 password hash can be generated with the following command in Linux:
echo -n SomePassword | md5sum
A BCRYPT password hash can be generated with the following script in Linux:
./genhash.sh SomePassword
The script is provided in the coldscheduler assembly subdirectory “/bin” (since 9.11.2).
Example entries for users (guest, operator, admin) in ColdScheduler.properties are illustrated below:
User1=PLAIN:guest:guest123Xy:READ User2=MD5:operator:5f4dcc3b5aa765d61d8327deb882cf99:OPERATOR User3=BCRYPT:admin:$2a$04$faKTk9ds8L46WrhBiT8LC.vQaPsOL0Zs6tsX7tHSR47lZTpe0wdKi:ADMIN DefaultUserRole=NONE