sample6/conf/authentication.json

	authentication.json revision b4260bb3e2303240ecf6c7e4e5639439c3f98889
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper{
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    "queryId" : "credential-query",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    "queryOnResource" : "managed/user",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    "propertyMapping" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        "authenticationId" : "username",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        "userCredential" : "password",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        "userRoles" : "roles"
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    "defaultUserRoles" : [ ],
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    "serverAuthContext" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        "sessionModule" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            "name" : "JWT_SESSION",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            "properties" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "keyAlias" : "openidm-localhost",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "privateKeyPassword" : "&{openidm.keystore.password}",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "keystoreType" : "&{openidm.keystore.type}",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "keystoreFile" : "&{openidm.keystore.location}",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "keystorePassword" : "&{openidm.keystore.password}",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "maxTokenLifeMinutes" : "120",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "tokenIdleTimeMinutes" : "30",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "sessionOnly" : true
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            }
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        "authModules" : [
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "name" : "MANAGED_USER",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "properties" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "queryId" : "credential-query",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "queryOnResource" : "managed/user",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "propertyMapping" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "authenticationId" : "username",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "userCredential" : "password",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "userRoles" : "roles"
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "defaultUserRoles" : [ ]
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "enabled" : true
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "name" : "INTERNAL_USER",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "properties" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "queryId" : "credential-internaluser-query",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "queryOnResource" : "repo/internal/user",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "propertyMapping" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "authenticationId" : "username",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "userCredential" : "password",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "userRoles" : "roles"
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "defaultUserRoles" : [ ]
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "enabled" : true
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            {   "name" : "CLIENT_CERT",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "properties" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "queryOnResource" : "security/truststore",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "defaultUserRoles" : [ "openidm-cert" ],
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "allowedAuthenticationIdPatterns" : [ ]
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "enabled" : true
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "name" : "PASSTHROUGH",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "properties" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "augmentSecurityContext" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "type" : "text/javascript",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "file" : "auth/passthroughAuthnPopulateContext.js"
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "queryOnResource" : "system/ad/account",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "propertyMapping" : {
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "authenticationId" : "sAMAccountName"
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "managedUserLink" : "systemAdAccounts_managedUser",
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    "defaultUserRoles" : [
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                        "openidm-authorized"
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                    ]
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                },
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper                "enabled" : true
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper            }
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper        ]
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper    }
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper}
de47fb992b4c3414ac5b445d5cab364b0b8b8b43Mark de Reeper