GIS Cloud Suite
Security
SuperMap provides security service to implement access control to the services through user-identification-based authentication and authorization, details introduction please refer to SuperMap iServer Documentation. When you log in the created GIS cloud suite for the first time, the password must be changed to activate your account. In GIS Cloud Suite, administrator can create users and roles, and associate users with roles, it is convenient to manage users and roles unified. The administrator can also set the expiration period for accounts that have not been used for a long time, and configure the account lock and automatic unlocking by setting the number of max login failures. Users are allow to grant token by their accounts.
GIS Cloud Suite uses Keycloak technolygy to achieve SSO(Single Sign On), it improves the security of applications and services. SSO means if a system has multiple applications, a user only needs to sign on for once and can access all the credible applications. In fact, there are multiple applications in GIS Cloud Suite(such as SuperMap iServer and SuperMap iPortal), in a traditional way, the administrator needs to manage lots of application accounts, and switchs the accounts when signing in the different applications. It wastes too much time on accounts switching, and increase the potential safety problems. Keycloak can solves these problems, it also allows the administrator to create users and roles, and associate user with role. What is more, you can add the industry applications to Keycloak, share the security system with the applications in GIS Cloud Suite. It is convenient to achieve unified management.