The js-io-rights.conf file contains rules that permit write access to defined directories in the server file system.
Each line of the js-io-rights.conf file must contain the following information.
■
|
A plus (+) or minus (-) sign to indicate whether rights are permitted or denied |
■
| |
■
|
The default content of the js-io-rights.conf configuration file is:
-rwx c:/ +rwx c:/orchestrator +rx ../../configuration/jetty/logs/ +rx ../server/vmo/log/ +rx ../bin/ +rx ./boot.properties +rx ../server/vmo/conf/ +rx ../server/vmo/conf/plugins/ +rx ../server/vmo/deploy/vmo-server/vmo-ds.xml +rx ../../apps/ +r ../../version.txt
The first two entries in the default js-io-rights.conf configuration file allow the following access rights:
Orchestrator resolves access rights in the order they appear in the js-io-rights.conf file. Each line can override the previous lines.
In the default js-io-rights.conf configuration file, the second line partially overrides the first line because c:/orchestrator is after c:/, which allows read, write, and execute access to c:/orchestrator but denies access to the rest of the file system under c:/.
The default configuration allows workflows and the Orchestrator API to write to the c:/orchestrator directory, but nowhere else.