sample6/conf/authentication.json

0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel{
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel    "serverAuthContext" : {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel        "sessionModule" : {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            "name" : "JWT_SESSION",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            "properties" : {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "keyAlias" : "openidm-localhost",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "privateKeyPassword" : "&{openidm.keystore.password}",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "keystoreType" : "&{openidm.keystore.type}",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "keystoreFile" : "&{openidm.keystore.location}",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "keystorePassword" : "&{openidm.keystore.password}",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "maxTokenLifeMinutes" : "120",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "tokenIdleTimeMinutes" : "30",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "sessionOnly" : true
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            }
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel        },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel        "authModules" : [
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller            {
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                "name" : "STATIC_USER",
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                "properties" : {
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                    "queryOnResource" : "repo/internal/user",
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                    "username" : "anonymous",
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                    "password" : "anonymous",
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                    "defaultUserRoles" : [ "openidm-reg" ]
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                },
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller                "enabled" : true
194cdefb77cf5217ac87c29c6412db51bd6b8c8dBrendan Mmiller            },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "name" : "MANAGED_USER",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "properties" : {
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "queryId" : "credential-query",
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "queryOnResource" : "managed/user",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    "propertyMapping" : {
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                        "authenticationId" : "username",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                        "userCredential" : "password",
48a99a679220c6522d8b11dc1305f7780ae02a8eJake Feasel                        "userRoles" : "authzRoles"
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    "defaultUserRoles" : [ ]
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "enabled" : true
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            },
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller            {
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                "name" : "INTERNAL_USER",
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                "properties" : {
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "queryId" : "credential-internaluser-query",
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "queryOnResource" : "repo/internal/user",
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                    "propertyMapping" : {
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                        "authenticationId" : "username",
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                        "userCredential" : "password",
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                        "userRoles" : "roles"
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                    },
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                    "defaultUserRoles" : [ ]
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                },
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller                "enabled" : true
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0Brendan Mmiller            },
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller            {   "name" : "CLIENT_CERT",
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                "properties" : {
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "queryOnResource" : "security/truststore",
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "defaultUserRoles" : [ "openidm-cert" ],
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                    "allowedAuthenticationIdPatterns" : [ ]
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                },
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller                "enabled" : true
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller            },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "name" : "PASSTHROUGH",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "properties" : {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    "augmentSecurityContext" : {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                        "type" : "text/javascript",
94dade725a55de70aec65a84bc4949882e5277b1Jake Feasel                        "file" : "auth/populateAsManagedUser.js"
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    },
0c3f79f75f596c8d6700b2de830000f754bb28a9Phill Cunnington                    "queryOnResource" : "system/ad/account",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    "propertyMapping" : {
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                        "authenticationId" : "sAMAccountName"
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    "managedUserLink" : "systemAdAccounts_managedUser",
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    "defaultUserRoles" : [
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                        "openidm-authorized"
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                    ]
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                },
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel                "enabled" : true
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel            }
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel        ]
0942ced8a2cc0c0f5fb5015ec53f81d5360ee79cJake Feasel    }
b4260bb3e2303240ecf6c7e4e5639439c3f98889Brendan Mmiller}