OpenSSOAgentBootstrap.template revision 56443cf7fbca96bc184ca8d386c3f7fc6f947f42
43b4c41fbb07705c9df321221ab9cb9832460407Christian Maeder#
25cc5fbba63f84b47e389af749f55abbbde71c8cChristian Maeder# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder#
25cc5fbba63f84b47e389af749f55abbbde71c8cChristian Maeder# Copyright (c) 2008 Sun Microsystems Inc. All Rights Reserved
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder#
43b4c41fbb07705c9df321221ab9cb9832460407Christian Maeder# The contents of this file are subject to the terms
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# of the Common Development and Distribution License
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# (the License). You may not use this file except in
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# compliance with the License.
43b4c41fbb07705c9df321221ab9cb9832460407Christian Maeder#
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# You can obtain a copy of the License at
f4a2a20e49f41b2afa657e5e64d9e349c7faa091Christian Maeder# https://opensso.dev.java.net/public/CDDLv1.0.html or
f2f9df2e17e70674f0bf426ed1763c973ee4cde0Christian Maeder# opensso/legal/CDDLv1.0.txt
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# See the License for the specific language governing
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# permission and limitations under the License.
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder#
1aee4aaddde105264c1faf394d88e302c05094ffChristian Maeder# When distributing Covered Code, include this CDDL
a53841f6d6e86ac751c12a33dc8aadf53f59d977Klaus Luettich# Header Notice in each file and include the License file
a53841f6d6e86ac751c12a33dc8aadf53f59d977Klaus Luettich# at opensso/legal/CDDLv1.0.txt.
a53841f6d6e86ac751c12a33dc8aadf53f59d977Klaus Luettich# If applicable, add the following below the CDDL Header,
a53841f6d6e86ac751c12a33dc8aadf53f59d977Klaus Luettich# with the fields enclosed by brackets [] replaced by
a737caf82de97c1907027c03e4b4509eb492b4b8Christian Maeder# your own identifying information:
3e61f574717499939bd8e0ff538ea9e7b72d4e2dKlaus Luettich# "Portions Copyrighted [year] [name of copyright owner]"
96646aed2ae087b942ae23f15bbe729a8f7c43d3Christian Maeder#
01e383014b555bbcf639c0ca60c5810b3eff83c0Christian Maeder# $Id: OpenSSOAgentBootstrap.template,v 1.1 2008/11/28 12:26:12 saueree Exp $
3b06e23643a9f65390cb8c1caabe83fa7e87a708Till Mossakowski#
df29370ae8d8b41587957f6bcdcb43a3f1927e47Christian Maeder#
f4a2a20e49f41b2afa657e5e64d9e349c7faa091Christian Maeder
ce8b15da31cd181b7e90593cbbca98f47eda29d6Till Mossakowski# Portions Copyrighted 2010-2013 ForgeRock Inc.
e7757995211bd395dc79d26fe017d99375f7d2a6Christian Maeder
e7757995211bd395dc79d26fe017d99375f7d2a6Christian Maeder#------------------------------------------------------------------------------
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# J2EE Agents Bootstrap File
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder#
ac0bbbcb2774629bb87986e69cf53d3402c5f575Christian Maeder# OpenAM Policy Agent for:
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# Tomcat 6.0.x
2e2094a642e3775b0d76b890556407941d3a53b6Christian Maeder#
2e2094a642e3775b0d76b890556407941d3a53b6Christian Maeder# Version: 3.0
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder#------------------------------------------------------------------------------
e8db9a65830cf71504e33c6f441a67b4d184a3caChristian Maeder#
c0c2380bced8159ff0297ece14eba948bd236471Christian Maeder# THIS FILE PROVIDES THE CONFIGURATION SETTINGS NECESSARY FOR THE AGENT
8410667510a76409aca9bb24ff0eda0420088274Christian Maeder# TO FUNCTION CORRECTLY. PLEASE REFER TO THE DOCUMENTATION BEFORE
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# MODIFYING ANY OF THE VALUES IN THIS FILE.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder#
8410667510a76409aca9bb24ff0eda0420088274Christian Maeder# Note:
404166b9366552e9ec5abb87a37c76ec8a815fb7Klaus Luettich# Data present in this file provides the necessary configuration
b1f59a4ea7c96f4c03a4d7cfcb9c5e66871cfbbbChristian Maeder# settings needed by Agent to work correctly. Invalid configuration
ad270004874ce1d0697fb30d7309f180553bb315Christian Maeder# data present in this file can lead to malfunction of the Agent, the
4d56f2fa72e4aec20eb827c11ed49c8cbb7014bdChristian Maeder# application, and the Application Server.
4cb215739e9ab13447fa21162482ebe485b47455Christian Maeder#
8ef75f1cc0437656bf622cec5ac9e8ea221da8f2Christian Maeder# WARNING: The contents of this file are classified as an UNSTABLE
404166b9366552e9ec5abb87a37c76ec8a815fb7Klaus Luettich# interface by Sun Microsystems, Inc. As such, they are subject to
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# significant, incompatible changes in any future release of the
356fa49fe3e6a8398f92d13e9f920d0f093697ecChristian Maeder# software.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder#
55adfe57a4de1f36adc3e3bfc16f342e44a7d444Christian Maeder# INVALID CONFIGURATION SETTINGS MAY RESULT IN MALFUNCTION OF THE ENTIRE
d23b0cc79c0d204e6ec758dff8d0ba71c9f693f7Christian Maeder# SYSTEM.
8d97ef4f234681b11bb5924bd4d03adef858d2d2Christian Maeder#------------------------------------------------------------------------------
f4a2a20e49f41b2afa657e5e64d9e349c7faa091Christian Maeder#
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# NAMING SERVICE URL
e593b89bfd4952698dc37feced21cefe869d87a2Christian Maeder# Specifies the naming service url(s) that can be used by the system
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# for naming lookups. One or more urls can be specified for this
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder# property as a string of urls separated by single space characters.
7cc09dd93962a2155c34d209d1d4cd7d7b838264Christian Maeder# Hot-Swap Enabled: No
1aee4aaddde105264c1faf394d88e302c05094ffChristian Maeder#
1aee4aaddde105264c1faf394d88e302c05094ffChristian Maedercom.iplanet.am.naming.url=@AM_SERVICES_PROTO@://@AM_SERVICES_HOST@:@AM_SERVICES_PORT@@AM_SERVICES_DEPLOY_URI@/namingservice
f041c9a6bda23de33a38490e35b831ae18d96b45Christian Maeder
7cc09dd93962a2155c34d209d1d4cd7d7b838264Christian Maeder#
1aee4aaddde105264c1faf394d88e302c05094ffChristian Maeder# SERVICE RESOLVER
1aee4aaddde105264c1faf394d88e302c05094ffChristian Maeder# Specifies the service resolver used by this Agent.
c3053d57f642ca507cdf79512e604437c4546cb9Christian Maeder# Hot-Swap Enabled: No
dcbd32289a7bdf1e6edd06c6ab0698c6a9dbf37aChristian Maeder#
f4a2a20e49f41b2afa657e5e64d9e349c7faa091Christian Maedercom.sun.identity.agents.config.service.resolver = com.sun.identity.agents.tomcat.v6.AmTomcatAgentServiceResolver
f4a2a20e49f41b2afa657e5e64d9e349c7faa091Christian Maeder
dcbd32289a7bdf1e6edd06c6ab0698c6a9dbf37aChristian Maeder#
f4a2a20e49f41b2afa657e5e64d9e349c7faa091Christian Maeder# AGENT USERNAME AND PASSWORD PROPERTIES
c2fcc35abb03cf0b4ca4b050efeb10827f38c322Christian Maeder# These are the credentials used by the Agent to identify and
1aee4aaddde105264c1faf394d88e302c05094ffChristian Maeder# authenticate itself before requesting any services that require the
356fa49fe3e6a8398f92d13e9f920d0f093697ecChristian Maeder# Agent to be authenticated. If plain text password should not be
356fa49fe3e6a8398f92d13e9f920d0f093697ecChristian Maeder# used, then supply the encrypted password and encryption key.
356fa49fe3e6a8398f92d13e9f920d0f093697ecChristian Maeder# Hot-Swap Enabled: No
356fa49fe3e6a8398f92d13e9f920d0f093697ecChristian Maeder#
356fa49fe3e6a8398f92d13e9f920d0f093697ecChristian Maedercom.sun.identity.agents.app.username = @AGENT_PROFILE_NAME@
0206ab93ef846e4e0885996d052b9b73b9dc66b0Christian Maedercom.iplanet.am.service.secret = @AGENT_ENCRYPTED_PASSWORD@
f13d1e86e58da53680e78043e8df182eed867efbChristian Maeder
c2a4d8ae266aa37cc922eba97077520229a19902Christian Maeder# The key that will be used to encrypt and decrypt passwords
757e6c79ec40491d45dc72c82b5eb59a386634b0Jian Chun Wang# Hot-Swap Enabled: No
f041c9a6bda23de33a38490e35b831ae18d96b45Christian Maederam.encryption.pwd = @AGENT_ENCRYPT_KEY@
757e6c79ec40491d45dc72c82b5eb59a386634b0Jian Chun Wang
e7757995211bd395dc79d26fe017d99375f7d2a6Christian Maeder#
c6fcd42c6d6d9dae8c7835c24fcb7ce8531a9050Christian Maeder# DEBUG SERVICE PROPERTIES
31c49f2fa23d4ac089f35145d80a224deb6ea7e4Till Mossakowski# - com.iplanet.services.debug.directory: Specifies the complete path to the
c55a0f77be7e88d3620b419ec8961f4379a586e3Klaus Luettich# directory where debug files will be stored by the Agent.
36f63902db2b3463faa9f59912ad106e2d5aaa24Klaus Luettich# - com.sun.services.debug.mergeall: consolidates all the debug information
36f63902db2b3463faa9f59912ad106e2d5aaa24Klaus Luettich# into one file if it is set to on. Each component has its own debug file
363939beade943a02b31004cea09dec34fa8a6d9Christian Maeder# if it is set to off.
5ad5dffe06818a13e1632b1119fbca7881085fc1Dominik Luecke# Hot-Swap Enabled: No
8cacad2a09782249243b80985f28e9387019fe40Christian Maeder#
363939beade943a02b31004cea09dec34fa8a6d9Christian Maedercom.iplanet.services.debug.level=error
a7c27282e71cf4505026645f96d4f5cb8a284e32Christian Maedercom.iplanet.services.debug.directory=@DEBUG_LOGS_DIR@
363939beade943a02b31004cea09dec34fa8a6d9Christian Maedercom.sun.services.debug.mergeall=on
8a28707e9155465c6f2236a06eac6580a65c7025Christian Maeder
df35538fec1d9135602308d577255c0d466b6365Christian Maeder#
df35538fec1d9135602308d577255c0d466b6365Christian Maeder# AUDIT LOG PROPERTY
431d34c7007a787331c4e5ec997badb0f8190fc7Christian Maeder# - local.logfile: Specifies the complete path to the local audit log file
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# to be used by the Agent.
d3ae0072823e2ef0d41d4431fcc768e66489c20eChristian Maeder# Hot-Swap Enabled: No
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder#
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maedercom.sun.identity.agents.config.local.logfile = @AUDIT_LOGS_DIR@/@AUDIT_LOG_FILENAME@
5191fa24c532d1f67e7a642e9aece65efb8a0975Christian Maeder
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder#
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder# ORGANIZATION NAME
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# Specifies the organization or realm name to be used for authenticating
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# the Agent during runtime. The default value "/" identifies the root
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# organization or realm.
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# Hot-Swap Enabled: No
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder#
a7c27282e71cf4505026645f96d4f5cb8a284e32Christian Maedercom.sun.identity.agents.config.organization.name = /
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder#
f1541d4a151dbd08002dbd14e7eb1d5dde253689Christian Maeder# LOCK OF AGENT CONFIGURATION
776a1a086df734581431e6edb4343ed4c8d34d55Christian Maeder# When it's set to true, agent config in run-time is locked.
f1541d4a151dbd08002dbd14e7eb1d5dde253689Christian Maeder# Agent has to be restarted to let agent config change take effective
6dc9bc98d0854fe2e3dd3bfc4275096a0c28ee1cChristian Maeder# whether the changed config parameter is Hot-Swap or not.
6dc9bc98d0854fe2e3dd3bfc4275096a0c28ee1cChristian Maeder# When it's set to false, change of Hot-Swap agent config parameter can be
6dc9bc98d0854fe2e3dd3bfc4275096a0c28ee1cChristian Maeder# updated into run-time.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# Hot-Swap Enabled: No
61fa0ac06ede811c7aad54ec4c4202346727368eChristian Maeder#
c0c2380bced8159ff0297ece14eba948bd236471Christian Maedercom.sun.identity.agents.config.lock.enable = false
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder#
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# AGENT PROFILE NAME
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# The profile name used by the Agent to fetch the agent configuration data.
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder# The value of this property is the same as that of com.sun.identity.agents.app.username
9e748851c150e1022fb952bab3315e869aaf0214Christian Maeder# in most cases. However if multiple agent instances need to use the same credentials
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# to authenticate, com.sun.identity.agents.app.username and com.iplanet.am.service.secret
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# need to be set to the authenticating credentials accordingly.
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# Hot-Swap Enabled: No
2d130d212db7208777ca896a7ecad619a8944971Christian Maeder#
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maedercom.sun.identity.agents.config.profilename = @AGENT_PROFILE_NAME@
ca074a78b8dcccbb8c419586787882f98d0c6163Christian Maeder
63f0e65a37b95621334db9ee4ba0cd9d826f5c0fChristian Maeder#
6a79849bed67264c396dddb3e9c184bdfc1a1bc9Christian Maeder# OPENAM DEPLOYMENT URI
4017ebc0f692820736d796af3110c3b3018c108aChristian Maeder# This property controls the URI under which OpenAM has been deployed. If this
ad4889ebb40efae8595b0969dd6ba1162d52bac3Christian Maeder# parameter is not supplied then the default value is /openam.
4017ebc0f692820736d796af3110c3b3018c108aChristian Maeder# Hot-Swap Enabled: No
2d130d212db7208777ca896a7ecad619a8944971Christian Maeder#
bc8cbf12aa172bf5673b92a9e7a0151d4aa4c315Christian Maedercom.iplanet.am.services.deploymentDescriptor=@AM_SERVICES_DEPLOY_URI@
2d130d212db7208777ca896a7ecad619a8944971Christian Maeder