Users¶
Administrators¶
Administrators can configure, monitor and manage the Axon.ivy Engine. At least one administrator must be configured in ivy.yaml.
1 2 3 4 5 6 7 8 9 10 | # Engine Administrators
# [engineDir]/configuration/ivy.yaml
Administrators:
devop:
Password: "${hash:admin}"
Email: devop@localhost.com
admin:
Password: "${hash:mySecret}"
Email: info@localhost.com
FullName: "James David"
|
It is highly recommended to hash passwords of administrators by enclosing the
password in cleartext with "${hash:
and }"
like
"${hash:1234}"
for password 1234
. Hashed passwords
can not be decrypted anymore.
The Axon.ivy Engine will automatically hash and replace the password in file,
when the configuration will be loaded
Workflow Users¶
Workflow Users are kept in a so-called security system which can be defined in ivy.yaml. Each application defines in app.yaml which security system is used. There are two types of security systems:
Internal Security System: Used to manage the users directly on the Axon.ivy Engine. There is only one Internal Security System, which is called Ivy Security System. No further settings are available for this Security System. This is also the default Security System for application which has no security system defined.
External Security System: Used to synchronize users from a name and directory service such as Active Directory. In addition to the users in the External Security System, new users can also be manually added and managed as with an Ivy Security System. The example below shows a simple connection to an Active Directory. Have a look at the ivy.securitysystem.yaml for all supported name and directory services and further settings.
1 2 3 4 5 6 7 8 9 10 11 12
# sample ivy.yaml that define an Active Directory as security system SecuritySystems: # Custom definied name of your security system ActiveDirectoryOfMyCompany: Provider: "Microsoft Active Directory" Connection: Url: "ldap://activedirectory.axonivy.com:389" UserName: "activedirectory_user@axonivy.com" Password: "${encrypt:1234}" Binding: DefaultContext: "DC=axonivy,DC=com" ImportUsersOfGroup: "CN=AXON Ivy IT,DC=axonivy,DC=com"
1 2
# app.yaml located in e.g. <configuration>/app-myApp.yaml SecuritySystem: ActiveDirectoryOfMyCompany