Security

Security management in JMap encompasses several aspects.

Identity management can be handled by JMap Server or delegated to another external system:

• Directories such as LDAP or Microsoft Active Directory (AD) In these cases, JMap accesses existing users and groups in AD or LDAP to manage permissions within JMap. Entity management is performed directly in AD or LDAP. Single Sign-On (SSO), supported for JMap Pro applications, can be enabled for AD. See the Single Sign-On for JMap Pro section for more information.

• Identity managers such as OpenID Connect or SAML2 In these cases, JMap can retrieve the list of configured groups to manage permissions for different resources. Users are not initially available in JMap but are added as they are used. Single sign-on (SSO) for these protocols is supported for JMap Web and JMap NG applications.

See the Managing Users and User and Groups sections for more information.

Access management, or rather permission management, is applied to all the resources handled by JMap. This includes user access to JMap applications as well as the access permissions of JMap administrators. See the Managing Permissions section for more information.

JMap allows you to easily use the HTTPS protocol for JMap Admin and for the various applications. See section Using HTTPS with JMap for more information.