sample6/conf/authentication.json

	authentication.json revision 48a99a679220c6522d8b11dc1305f7780ae02a8e
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg{
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg    "serverAuthContext" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg        "sessionModule" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            "name" : "JWT_SESSION",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            "properties" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "keyAlias" : "openidm-localhost",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "privateKeyPassword" : "&{openidm.keystore.password}",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "keystoreType" : "&{openidm.keystore.type}",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "keystoreFile" : "&{openidm.keystore.location}",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "keystorePassword" : "&{openidm.keystore.password}",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "maxTokenLifeMinutes" : "120",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "tokenIdleTimeMinutes" : "30",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "sessionOnly" : true
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            }
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg        },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg        "authModules" : [
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "name" : "STATIC_USER",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "properties" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryOnResource" : "repo/internal/user",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "username" : "anonymous",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "password" : "anonymous",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "defaultUserRoles" : [ "openidm-reg" ]
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "enabled" : true
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "name" : "MANAGED_USER",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "properties" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "augmentSecurityContext": {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "type" : "text/javascript",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "file" : "auth/populateRolesFromRelationship.js"
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryId" : "credential-query",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryOnResource" : "managed/user",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "propertyMapping" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "authenticationId" : "username",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "userCredential" : "password",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "userRoles" : "authzRoles"
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "defaultUserRoles" : [ ]
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "enabled" : true
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "name" : "INTERNAL_USER",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "properties" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryId" : "credential-internaluser-query",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryOnResource" : "repo/internal/user",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "propertyMapping" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "authenticationId" : "username",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "userCredential" : "password",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "userRoles" : "roles"
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "defaultUserRoles" : [ ]
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "enabled" : true
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            {   "name" : "CLIENT_CERT",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "properties" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryOnResource" : "security/truststore",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "defaultUserRoles" : [ "openidm-cert" ],
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "allowedAuthenticationIdPatterns" : [ ]
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "enabled" : true
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "name" : "PASSTHROUGH",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "properties" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "augmentSecurityContext" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "type" : "text/javascript",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "file" : "auth/populateAsManagedUser.js"
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "queryOnResource" : "system/ad/account",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "propertyMapping" : {
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "authenticationId" : "sAMAccountName"
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "managedUserLink" : "systemAdAccounts_managedUser",
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    "defaultUserRoles" : [
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                        "openidm-authorized"
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                    ]
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                },
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg                "enabled" : true
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg            }
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg        ]
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg    }
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg}
eff68915baacc246f5ec7256f498b3d1dbbcf683fuankg