Decision Insight 20210118 (Latest) Save PDF Selected topic Selected topic and subtopics All content Security reports Cluster security report A technical cluster can create a report of the security configuration of the cluster itself. You can use these two Gogo shell commands: argon:printSecurityReport – Generates a report and displays its content into the Gogo shell. argon:exportSecurityReport – Generates a report and saves the contents to a file. The report contains information such as: Name and version of the Java Virtual Machine Directories used by the cluster Configuration of the Web application Configuration of the authentication Configuration of the remote accesses The report can also list some security highlights, when it detects potential problems. Example --=[ Java and OS ]=------ Java home: T:\opt\jdk-1.7.0_60\jre Java version: 1.7.0_60 Java virtual machine: Java HotSpot(TM) 64-Bit Server VM 24.60-b09 mixed mode Java runtime version: Java(TM) SE Runtime Environment 1.7.0_60-b19 Java runtime information: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.60-b09 Java runtime name: 11340@server Java OS information: name=Windows 8.1, version=6.3 Process user: decisioninsight User home directory: C:\Users\decisioninsight Working directory: D:\Applications\Decision Insight Temporary directory: D:\tmp\ --=[ Web ]=------ HTTP host: <default> HTTP port: 8080 HTTPS disabled Context root: / Proxy disabled --=[ Authentication ]=------ Autologin disabled Authentication handled by the platform: disabled Single sign-on mode: off Third parties components: <not set> Password of built-in 'admin' account is set to the default value. --=[ Remote accesses ]=------ JMX interface: 10.10.11.77 JMX port: 1099 JMX SSL disabled --=[ Data integration properties encryption ]=------ Data integration properties encryption is disabled --=[ Security highlights ]=------ The 'admin' account is configured with the default password. You should change the password as soon as possible. The JMX server listens for external connections but connection is not encrypted usins SSL. User credentials will be sent in clear form over the wire. You should use SSL or listen for local connections only. User security report You can create a report of the security configuration of the users of a technical cluster. Use the Gogo shell command argon:exportUserSecurityReport. This command generates a report and saves the contents to a file. This report contains information on each user, such as: Name, first and last name Whether user has "bypass security" permission (in which case all permission checks are ignored) Whether user is enabled/disabled Whether authentication is handled internally by the deployment or by an external system (e.g. LDAP) Whether development mode is enabled/disabled Granted roles Granted permissions, on each space Granted permissions, on each application Example ============================================================================== USER SECURITY REPORT ============================================================================== Creation date: 2014-02-21T11:27:10.821Z Users count: 2 ============================================================================== ------------------------------------------------------------------------------ admin ------------------------------------------------------------------------------ ** User has 'bypass security' permission, all permission checks are ignored ** Full name: Disabled: No Authentication: Internal Development mode: No Roles: - Super administrator - User Platform permissions: - Access debugging tools - Access platform logs remotely - Access platform management tools - Bypass Security - Create and import new applications - Manage users and roles Application permissions: - HVP for OPERATIONAL SUPERVISOR (INTRADAY) - Access the application - Administration - Data analysis - Data collection - Data exploration - Data integration - Data modeling - Data visualization - System integration Space permissions: - Space hvp: Access, Admin, Edit - Space hvp analysis: Access, Admin, Edit - Space hvp constants: Access, Admin, Edit - Space hvpClassifier: Access, Admin, Edit - Space hvpConfiguration: Access, Admin, Edit [...] - Dashboard PAYMENT SEARCH: Access, Admin, Edit - Dashboard PILING UP: Access, Admin, Edit ------------------------------------------------------------------------------ mtaylor ------------------------------------------------------------------------------ Full name: Disabled: No Authentication: Internal Development mode: No Roles: - User Platform permissions: (none) Application permissions: - HVP for OPERATIONAL SUPERVISOR (INTRADAY) - Access the application Space permissions: - Space hvp: Access - Space hvp analysis: Access - Space hvp constants: Access - Space hvpClassifier: Access - Space hvpConfiguration: Access - Dashboard ABOVE PROFILE: Access, Edit - Dashboard ALL DASHBOARDS: Access - Dashboard DEADLINE - CURRENT: Access - Dashboard DEADLINE - DONE: Access - Dashboard HOME: Access, Edit - Dashboard LOST & STUCK: (none) - Dashboard LOW RATE: (none) - Dashboard MINI DASHBOARD: Access, Admin, Edit - Dashboard MISSING WORK: (none) - Dashboard PAYMENT DETAILS: (none) - Dashboard PAYMENT SEARCH: (none) - Dashboard PILING UP: (none) Related Links
Security reports Cluster security report A technical cluster can create a report of the security configuration of the cluster itself. You can use these two Gogo shell commands: argon:printSecurityReport – Generates a report and displays its content into the Gogo shell. argon:exportSecurityReport – Generates a report and saves the contents to a file. The report contains information such as: Name and version of the Java Virtual Machine Directories used by the cluster Configuration of the Web application Configuration of the authentication Configuration of the remote accesses The report can also list some security highlights, when it detects potential problems. Example --=[ Java and OS ]=------ Java home: T:\opt\jdk-1.7.0_60\jre Java version: 1.7.0_60 Java virtual machine: Java HotSpot(TM) 64-Bit Server VM 24.60-b09 mixed mode Java runtime version: Java(TM) SE Runtime Environment 1.7.0_60-b19 Java runtime information: Oracle Corporation Java HotSpot(TM) 64-Bit Server VM 24.60-b09 Java runtime name: 11340@server Java OS information: name=Windows 8.1, version=6.3 Process user: decisioninsight User home directory: C:\Users\decisioninsight Working directory: D:\Applications\Decision Insight Temporary directory: D:\tmp\ --=[ Web ]=------ HTTP host: <default> HTTP port: 8080 HTTPS disabled Context root: / Proxy disabled --=[ Authentication ]=------ Autologin disabled Authentication handled by the platform: disabled Single sign-on mode: off Third parties components: <not set> Password of built-in 'admin' account is set to the default value. --=[ Remote accesses ]=------ JMX interface: 10.10.11.77 JMX port: 1099 JMX SSL disabled --=[ Data integration properties encryption ]=------ Data integration properties encryption is disabled --=[ Security highlights ]=------ The 'admin' account is configured with the default password. You should change the password as soon as possible. The JMX server listens for external connections but connection is not encrypted usins SSL. User credentials will be sent in clear form over the wire. You should use SSL or listen for local connections only. User security report You can create a report of the security configuration of the users of a technical cluster. Use the Gogo shell command argon:exportUserSecurityReport. This command generates a report and saves the contents to a file. This report contains information on each user, such as: Name, first and last name Whether user has "bypass security" permission (in which case all permission checks are ignored) Whether user is enabled/disabled Whether authentication is handled internally by the deployment or by an external system (e.g. LDAP) Whether development mode is enabled/disabled Granted roles Granted permissions, on each space Granted permissions, on each application Example ============================================================================== USER SECURITY REPORT ============================================================================== Creation date: 2014-02-21T11:27:10.821Z Users count: 2 ============================================================================== ------------------------------------------------------------------------------ admin ------------------------------------------------------------------------------ ** User has 'bypass security' permission, all permission checks are ignored ** Full name: Disabled: No Authentication: Internal Development mode: No Roles: - Super administrator - User Platform permissions: - Access debugging tools - Access platform logs remotely - Access platform management tools - Bypass Security - Create and import new applications - Manage users and roles Application permissions: - HVP for OPERATIONAL SUPERVISOR (INTRADAY) - Access the application - Administration - Data analysis - Data collection - Data exploration - Data integration - Data modeling - Data visualization - System integration Space permissions: - Space hvp: Access, Admin, Edit - Space hvp analysis: Access, Admin, Edit - Space hvp constants: Access, Admin, Edit - Space hvpClassifier: Access, Admin, Edit - Space hvpConfiguration: Access, Admin, Edit [...] - Dashboard PAYMENT SEARCH: Access, Admin, Edit - Dashboard PILING UP: Access, Admin, Edit ------------------------------------------------------------------------------ mtaylor ------------------------------------------------------------------------------ Full name: Disabled: No Authentication: Internal Development mode: No Roles: - User Platform permissions: (none) Application permissions: - HVP for OPERATIONAL SUPERVISOR (INTRADAY) - Access the application Space permissions: - Space hvp: Access - Space hvp analysis: Access - Space hvp constants: Access - Space hvpClassifier: Access - Space hvpConfiguration: Access - Dashboard ABOVE PROFILE: Access, Edit - Dashboard ALL DASHBOARDS: Access - Dashboard DEADLINE - CURRENT: Access - Dashboard DEADLINE - DONE: Access - Dashboard HOME: Access, Edit - Dashboard LOST & STUCK: (none) - Dashboard LOW RATE: (none) - Dashboard MINI DASHBOARD: Access, Admin, Edit - Dashboard MISSING WORK: (none) - Dashboard PAYMENT DETAILS: (none) - Dashboard PAYMENT SEARCH: (none) - Dashboard PILING UP: (none)