sample3/conf/authentication.json

	authentication.json revision b4260bb3e2303240ecf6c7e4e5639439c3f98889
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts{
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    "queryId" : "credential-query",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    "queryOnResource" : "managed/user",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    "propertyMapping" : {
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts        "authenticationId" : "username",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts        "userCredential" : "password"
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    },
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    "defaultUserRoles" : [ ],
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    "serverAuthContext" : {
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts        "sessionModule" : {
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts            "name" : "JWT_SESSION",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts            "properties" : {
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "keyAlias" : "openidm-localhost",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "privateKeyPassword" : "&{openidm.keystore.password}",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "keystoreType" : "&{openidm.keystore.type}",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "keystoreFile" : "&{openidm.keystore.location}",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "keystorePassword" : "&{openidm.keystore.password}",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "maxTokenLifeMinutes" : "120",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "tokenIdleTimeMinutes" : "30",
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                "sessionOnly" : true
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts            }
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts        },
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts        "authModules" : [
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts            {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                "name" : "MANAGED_USER",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                "properties" : {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "queryId" : "credential-query",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "queryOnResource" : "managed/user",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "propertyMapping" : {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "authenticationId" : "username",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "userCredential" : "password",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "userRoles" : "roles"
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    },
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "defaultUserRoles" : [ ]
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                },
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                "enabled" : true
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts            },
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts            {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                "name" : "INTERNAL_USER",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                "properties" : {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "queryId" : "credential-internaluser-query",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "queryOnResource" : "repo/internal/user",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "propertyMapping" : {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "authenticationId" : "username",
a6bf4d9e39eae70c6b74d0d91d35704662c84ff7Phill Cunnington                        "userCredential" : "password",
a6bf4d9e39eae70c6b74d0d91d35704662c84ff7Phill Cunnington                        "userRoles" : "roles"
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    },
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    "defaultUserRoles" : [ ]
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                },
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                "enabled" : true
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley            },
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley            {   "name" : "CLIENT_CERT",
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                "properties" : {
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    "queryOnResource" : "security/truststore",
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    "defaultUserRoles" : [ "openidm-cert" ],
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    "allowedAuthenticationIdPatterns" : [
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    ]
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                },
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                "enabled" : true
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley            },
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley            {
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                "name" : "PASSTHROUGH",
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                "properties" : {
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    "augmentSecurityContext": {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "type" : "text/javascript",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "file" : "auth/passthroughAuthnPopulateContext.js"
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                    },
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                    "queryOnResource" : "system/scriptedsql/account",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "propertyMapping" : {
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "authenticationId" : "uid"
a6bf4d9e39eae70c6b74d0d91d35704662c84ff7Phill Cunnington                    },
c289b3af72dda73e53e6886c920c198b779ebf37Rich Riley                    "managedUserLink" : "systemHrdb_managedUser",
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    "defaultUserRoles" : [
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                        "openidm-authorized"
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                    ]
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts                },
7d395d5d4197d1648464cb3606f69c23f08ffbd6James Phillpotts                "enabled" : true
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts            }
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts        ]
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts    }
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts}
8df974db6a280f05491e26c4f0f59e7568fe5b02James Phillpotts