Skip to Content

Local user security provider in Jitterbit App Builder

The Local User security provider type is a forms-based authentication provider. It allows users to log into App Builder using a user name and password. Passwords are stored within App Builder.

Configuration

The Local User security provider is enabled by default. It cannot be disabled. However, individual users must have the Allow Local Authentication option enabled.

Parameters

The Local User security provider defines the following parameters.

Parameter Default Description
AccountLockoutThreshold Maximum number of failed attempts before the account is locked. A value of zero (0) indicates that the account lockout feature is disabled.
AccountLockoutDuration The period of time (in minutes) for which the account will remain locked. A value of zero (0) indicates that the account will remain locked until an Administrator manually unlocks the account.
AccountLockoutReset The period of time (in minutes) after which the failed attempt counter is reset. A value of zero (0) indicates that the counter will not be reset.

Password storage

As noted above, when using the Local User security provider, passwords are stored within App Builder. Passwords are stored in a cryptographically secure manner. Specifically, App Builder uses the following scheme:

----------------------- --------
Key Derivation Function PBKDF2
Hash Algorithm SHA-256
Key Length 16 bytes
Iterations 10,000
Salt Length 16 bytes

Account lockout

See Account Lockout (3.2,   3.3) for information regarding the account lockout feature.