[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: FORBIDDEN as response from PASOE

Status
Not open for further replies.
O

OctavioOlguin

Guest
This is oeablSecurity.properties ########################################################################## ## ## ## Copyright (c) 2017 by Progress Software Corporation ## ## ## ## All rights reserved. No part of this program or document may be ## ## reproduced in any form or by any means without permission in writing ## ## from Progress Software Corporation. ## ## ## ########################################################################## # # Spring Security bean properties definition file for all oeabl.war based # web applications found in a PASOE instance # # The properties values found in this file constitute the full superset of # all Spring Security configuration properties and their values. Any # property value declared in this file may superceded by a declaration found # in the oeabl based web application's WEB-INF/oeablSecurity.properties # file, which has a basic subset of commonly changed properties. # # PAS for OE will resolve properties by loading multiple .properties files # and using the last declared value it finds. The minimum requirement # is that PAS for OE must find one oeablSecurity.properties file in one # of the following locaitons: # 1) conf/oeablSecurity.properties # 2) conf/ /oeablSecurity.properties # 3) webapps/ /WEB-INF/oeablSecurity.properties # # The best practice is to declare the properties and values that span # multiple web applications in the conf/oeablSecurity.properties file. # # Then declare the property and value that may differ between multiple # oeabl based web applications in either the web application's # conf/ /oeablSecurity.properties # # Last, declare the property and value that differs between multiple # web applications mapped to the same ABL business application in: # WEB-INF/oeablSecurity.properties file. # # The web application develop may also choose to include the full superset # of Spring Security properties in their web application's # conf/ /oeablSecurity.properties # OR # WEB-INF/oeablSecurity.properties file. # # -------------------- oeablSecurity.properties ------------------------------ # Detailed information about the properties found in this property file # may be found in the file: # # conf/oeablSecurity.properties.README. # ########################################################################## ## ##%% version 0001 ##%% Mar 02, 2016 2:29:12 PM ################# Authentication Manager Name list ##################### ## The following names apply to the authmanager properties in the ## various transports: ## http.apsv.authmanager ## http.soap.authmanager ## http.rest.authmanager ## http.web.authmanager ## http.authmanager ## ## Authentication Managers will only apply to loginModels that perform ## direct logins using user accounts. Therefor, this property is used only ## for 'basic' and 'form' login models (below) ## ## http.all.authmanager will apply the same authentication to all transports. ## ## manager name Description ## =================================================================== ## local web application WEB-INF/user.properties ## extlocal web application WEB-INF/user.properties w. ## encrypted passwords ## ldap LDAPv3 Directory Service client (simple) ## ad Microsoft Active Directory Directory Service client ## oerealm ABL class callback to application accounts ## http.all.authmanager=local ################## The HTTP client Authentication model to use ############### ## This property controls which HTTP client authentication model to use. The ## allowed names are: ## ## name Description ## =================================================================== ## anonymous No user login - all clients have public access ## basic Users authenticate using the HTTP BASIC standard ## form Users authenticate using a HTTP POST message & ## form data ## container Users authenticate via Tomcat realm services and ## authorize URL access via Spring Security ## sso OpenEdge Single Sign-on using ClientPrincipal ## access tokens ## client.login.model=anonymous ################## J2EE Tomcat Realm Role mapping ############################ ## This property is used by the containerLoginModel.xml configuration. It ## provides a [comma separated - no whitespace] list of Role names supplied ## by the Tomcat realm login token that will be passed through to Spring's ## URL authorization. ## ## Each PAS for OE transport and the default URI space has its own settable ## list. The property http.jee.all.mappableRoles can be used to set all ## transports & default at one time. ## http.jee.all.mappableRoles=ROLE_PSCUser http.jee.apsv.mappableRoles=${http.jee.all.mappableRoles} http.jee.soap.mappableRoles=${http.jee.all.mappableRoles} http.jee.rest.mappableRoles=${http.jee.all.mappableRoles} http.jee.web.mappableRoles=${http.jee.all.mappableRoles} http.jee.mappableRoles=${http.jee.all.mappableRoles} #################APSV Transport Specific Property ####################### ## For APSV Transport authentication and authorization is disable by default ## i.e. apsv.security.enable=none. ## ## If there is a requirement to enable this in production, then set ## apsv.security.enable property value as "basic". ## Example: apsv.security.enable=basic ## ## The http.apsv.authprovider property is used to configure the authentication ## manager as per production need. ########################################################################## http.apsv.authmanager=${http.all.authmanager} http.apsv.realm=${http.all.realm} apsv.security.enable=none #################SOAP Transport Specific property ######################## ## For SOAP Transport authentication and authorization is disable by default ## i.e. apsv.security.enable=none. ## ## If there is a requirement to enable this in production, then set ## soap.security.enable property value as "basic". ## Example: soap.security.enable=basic ## ## The http.soap.authprovider property is used to configure the authentication ## manager as per production need. ########################################################################## soap.security.enable=none http.soap.authmanager=${http.all.authmanager} http.soap.realm=${http.all.realm} #################REST Transport Specific property ######################## ## The http.rest.authprovider property is used to configure the authentication ## manager as per production need. ########################################################################## http.rest.authmanager=${http.all.authmanager} http.rest.realm=${http.all.realm} #################WEB Transport Specific property ######################### ## The http.web.authprovider property is used to configure the authentication ## manager as per production need. ########################################################################## http.web.authmanager=${http.all.authmanager} http.web.realm=${http.all.authmanager} ###############Authentication provider for public /** URI space ######### ## ## The http.authprovider property is used to configure the authentication ## manager as per production need. ########################################################################## http.authmanager=${http.all.authmanager} ## Set all individual transports using these properties http.all.realm=OpenEdge #############OEMetaDataSource Configuration ############################## ## This common set of properties applies to the OEMetadataSource bean ## that loads intercept-url configurations from a .CSV file. ######################################################################### oemetadatasource.all.requestmatcher=ant oemetadatasource.all.csvpath=WEB-INF/oeablSecurity.csv #############Default Filter Configuration ################################ ## This is the common section for all the transports(apsv,soap,rest,web) to ## configure common filter beans like [pre-auth,ClientPrinciple & Cors] ## based upon the selected spring security. ## ## Bean properties naming should follow the format " . =value" ######################################################################### #############Form login Filter bean ###################################### http.formlogin.loginpage=/static/auth/login.jsp http.formlogin.loginurl=/static/auth/j_spring_security_check http.formlogin.usedefaulttarget=false http.formlogin.defaulturl=/ http.formlogin.failureurl=/static/auth/loginfail.html http.formlogin.usernamefield=j_username http.formlogin.userpasswordfield=j_password #############login Filter bean ############################################ http.logout.url=/static/auth/j_spring_security_logout http.logout.invalidate=true http.logout.deletecookie=JSESSIONID ##The Pre-auth security filter for SSO ## PreAuthentication and preauthAuthProvider properties are used for ## Rollbase integration. ## ## By default this filter is disabled, if any user already authenticated or ## authorized by Rollbase then it skips all the authentication configurations ## and directly access the OpenEdge services after validation ## ## To turn on Rollbase SSO : ## 1. Set "enabled" property to true ## 2. For single-domain supply the Domain Access Code as the value for ## "key" property ## 3. For multi-domain supply the absolute path of a 'registryFile' ## generated using OpenEdge's $DLC/bin/gendomreg.bat utility as ## "registryFile" property OEPreauthfilter.enabled=false OEPreauthfilter.key= OEPreauthfilter.registryFile= preauthAuthProvider.rolePrefix=ROLE_ preauthAuthProvider.enabledAttrName=ATTR_ENABLED preauthAuthProvider.lockedAttrName=ATTR_LOCKED preauthAuthProvider.expiredAttrName=ATTR_EXPIRED ## Properties for the OEClientPrincipalFilter bean (see authFilters.xml) ## The security filter that turns a Spring token into an OpenEdge ## ClientPrincipal object. The filter is thus responsible for: ## 1. Creating a ClientPrincipal if one was not created in a previous ## authentication process step ## 2. If the previous authentication process produced a Spring token - ## copy that information into the ClientPrincipal ## 3. If the ClientPrincipal is not already sealed - seal it using this ## filter's domain and registry configuration ## 4. If enablecp is true, then send the ClientPrincipal to the ABL business ## logic OEClientPrincipalFilter.enabled=true OEClientPrincipalFilter.key= OEClientPrincipalFilter.registryFile= OEClientPrincipalFilter.domain= OEClientPrincipalFilter.roles= OEClientPrincipalFilter.authz=true OEClientPrincipalFilter.expires=0 OEClientPrincipalFilter.accntinfo=false OEClientPrincipalFilter.ccid=false OEClientPrincipalFilter.anonymous=false OEClientPrincipalFilter.sealAnonymous=false OEClientPrincipalFilter.appName=OE OEClientPrincipalFilter.passthru=false OEClientPrincipalFilter.domainRoleFilter= ## DO NOT USE OEClientPrincipalFilter.properties.prop-1= OEClientPrincipalFilter.properties.prop-2= # Declare placeholders for up to 10 OEClientPrincipalFilter # properties. Any number of properties larger than 10 # requires customization of authFilters.xml. # # Any property 'key' value whose first character is a # comment (#) is ignored when creating a Client-Principal # token OEClientPrincipalFilter.properties.1.key=#doNotAdd OEClientPrincipalFilter.properties.1.value= OEClientPrincipalFilter.properties.2.key=#doNotAdd OEClientPrincipalFilter.properties.2.value= OEClientPrincipalFilter.properties.3.key=#doNotAdd OEClientPrincipalFilter.properties.3.value= OEClientPrincipalFilter.properties.4.key=#doNotAdd OEClientPrincipalFilter.properties.4.value= OEClientPrincipalFilter.properties.5.key=#doNotAdd OEClientPrincipalFilter.properties.5.value= OEClientPrincipalFilter.properties.6.key=#doNotAdd OEClientPrincipalFilter.properties.6.value= OEClientPrincipalFilter.properties.7.key=#doNotAdd OEClientPrincipalFilter.properties.7.value= OEClientPrincipalFilter.properties.8.key=#doNotAdd OEClientPrincipalFilter.properties.8.value= OEClientPrincipalFilter.properties.9.key=#doNotAdd OEClientPrincipalFilter.properties.9.value= OEClientPrincipalFilter.properties.10.key=#doNotAdd OEClientPrincipalFilter.properties.10.value= ## Properties for the OECORSFilter Filter bean (see authFilters.xml) ## The security filter that implements the CORS standard for controlling ## cross site resource access by http clients. OECORSFilter.responseHeaders=Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,X-CLIENT-CONTEXT-ID OECORSFilter.allowAll=true OECORSFilter.allowDomains= OECORSFilter.allowSubdomains=false OECORSFilter.allowMethods=GET,POST,PUT,DELETE,OPTIONS,PATCH OECORSFilter.messageHeaders=Accept,Accept-Language,Content-Language,Content-Type,X-CLIENT-CONTEXT-ID,Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Pragma,Cache-control,Authorization OECORSFilter.supportCredentials=true OECORSFilter.maxAge=-1 ## Common OpenEdge SSO Producer and Consumer properties ## (see properties for OESSOTokenManager, OESSOFilter, OESSORefreshFilter ) OESSO.error.detail=0 OESSO.require.https=true ## Properties for the OEAuthnSuccessHandler bean (see authFilters.xml) ## The OEAuthnSuccessHandler bean interfaces with the OE ClientPrincipal SSO ## token producer OESSOTokenManager after a successfull user login. The ## OESSOTokenManager produces a sealed OECP token that is returned to the ## client in the body of the HTTP response. ## ## The OEAuthnSuccessHandler bean has two properties to control: ## a) The requirement for the client to use HTTPS and protect the returned ## OECP token from theft. ## b) The amount of error detail that may be returned to the client in the ## event an error occurs while generating the OECP token. OEAuthnSuccessHandler.tokenErrorDetail=${OESSO.error.detail} OEAuthnSuccessHandler.tokenSecure=${OESSO.require.https} ## Properties for the OEAuthnFailureHandler (see authFilters.xml) ## The OEAuthnFailureHandler is called when a user account validation fails ## and in this case it will return a SSO failure to the caller if SSO is ## enabled. OEAuthnFailureHandler.tokenErrorDetail=${OESSO.error.detail} ## Properties for the OEFormEntryPoint bean (see authFilters.xml) ## The OEFormEntryPoint bean is invoked when a HTTP request requires user login ## services. It interfaces with the OESSOTokenManager bean to determine if an ## SSO, JSON, or HTML type of reponse message is returned. ## ## The OEFormEntryPoint bean has one properties to control: ## a) The amount of error detail that may be returned to the client in the ## event an error occurs while generating the OECP token. OEFormEntryPoint.tokenErrorDetail=${OESSO.error.detail} ## Properties for the OESSOTokenManager bean (see authFilters.xml) ## The OESSOTokenManager bean is the primary component for the verification ## and generation of OECP SSO tokens. The OESSOTokenManager works a ## supporting role for other Spring filter beans that are actively involved ## in the HTTP request authentication process. ## OESSOTokenManager.tokenPolicy=disabled OESSOTokenManager.ssoTokenURLOption=OECP OESSOTokenManager.ssoTokenExpires=3600 OESSOTokenManager.ssoAllowScope= OESSOTokenManager.ssoGrantScope= OESSOTokenManager.ssoTokenRefresh=true OESSOTokenManager.ssoRefreshDeltaTime=3600 OESSOTokenManager.springRolePrefix= ## Properties for the OESSOFilter bean (see authFilters.xml) ## The OESSOFilter bean is injected into the HTTP authentication process ## to look for HTTP [Authorization] header that contains an OECP SSO token. ## If no header and token is found, it passes control to the next step ## in the authentication process. If a header and token is found it will ## use the OESSOTokenManager to extract, verify, and convert the OECP ## SSO token into a native OE ClientPrincipal token that is passed to the ## ABL session. ## ## The OESSOFilter bean has properties thtat control what header to look ## for in the HTTP request, what the header's authentication-scheme name ## is, and whether OECP SSO is enabled. OESSOFilter.authPolicy=disabled OESSOFilter.authmanager=${http.all.authmanager} OESSOFilter.authScheme=OECP OESSOFilter.authClientType=* OESSOFilter.authErrorDetail=${OESSO.error.detail} OESSOFilter.authSecurity=${OESSO.require.https} ## Properties for the OESSORefreshFilter bean (see authFilters.xml) ## The OESSORefreshFilter bean is injected into the authentication process ## and intercepts client requests to refresh an expired OECS SSO token. ## If no request is found, the bean passes the request to the next step ## in the authentication process. When a request if found, it interfaces ## with the OESSOTokenManager to validate the refresh request and issue ## an updated OECP SSO token that has a new expiration date. ## ## The OESSORefreshFilter has properties that allow it to recognize when ## a HTTP request is asking to refresh a SSO token. OESSORefreshFilter.refreshURL=/static/auth/token OESSORefreshFilter.refreshURLOption=refresh OESSORefreshFilter.refreshClientType=* OESSORefreshFilter.refreshErrorDetail=${OESSO.error.detail} OESSORefreshFilter.refreshSecure=${OESSO.require.https} ## Propertied for the customAuthorizationFilter bean (see customAuthHeaderFilter.xml) ## The custom HTTP Authorization header filter provides a hook into the ## Spring Security process for securely handling Authorizaiton headers ## that have a custom 'scheme'. ## NOTE: The default class for this filter bean is a NOOP placeholder. ## The developer is required to configure the correct Java class ## NOTE: customAuthorizationFilter is only enabled in BASIC security ## configurations that do not depend upon HTTP session contexts customAuthorizationFilter.authPolicy=disabled customAuthorizationFilter.authScheme=CHANGEME customAuthorizationFilter.authClientType=* customAuthorizationFilter.authHeader=Authorization customAuthorizationFilter.authErrorDetail=${OESSO.error.detail} customAuthorizationFilter.authSecurity=true customAuthorizationFilter.ignoreFailure=false ##########Authentication Provider Bean configuration###################### ## Default configuration of authentication bean properties. This needs to be ## change with other values as per the production configuration. It has ## separate section for authentication manager beans like local, ldap, ## oerealm. ########################################################################## ##-------------local & extlocal authmanager configuration ---------------- local.userservice.properties=/WEB-INF/users.properties ## Properties for the 'ldap' Authentication Manager (see authManagers.xml) ## . URL of the Directory Service (http | https) ## . The X-509 Distinguished Name (DN) of a user account to perform seaches ## with ## (NOT the user being authenticated) ## . The password for the X-509 Distinguished Name used to do searches ## . The group object attribute used as a ROLE name granted to the user ## being authenticated ## . The LDAP filter used to find the DN of the groups (aka ROLE) the ## authenticated user is a member of (note min of 1 group required) ## . The LDAP oject where the sub-tree group search is initiated ## . The LDAP oject where the sub-tree user account search is initiated ## . The LDAP filter used to find the DN of the user being authenticated ## ## ## ## ldap.url=ldap://localhost:389 ldap.manager-dn=uid=admin,ou=system ldap.manager-password=secret ldap.root.dn= ldap.grouprole.attribute=cn ldap.groupsearch.filter=(member={0}) ldap.groupsearch.base=dc=example,dc=com ldap.usersearch.base=dc=example,dc=com ldap.usersearch.filter=(uid={0}) ## Properties for the 'ldap' Authentication Manager (see authManager.xml) ## The LDAP authentication provider plug-in, with its references to the beans ## that implement binding to the service, populating roles, and how to make a ## connection. ## ## Authprovider peoperties ## 1. 'ldap.authprovider.useAuthenticationRequestCredentials' Determines ## whether the supplied password will be used as the credentials in the ## successful authentication token. Default value is false. ldap.authprovider.useAuthenticationRequestCredentials=false ## Properties for the 'ldap' Authentication Manager (see authManager.xml) ## The extended LDAP authentication manager configuration is an advanced ## version of the simple ldap authentication manager above. It has many more ## properties to control its operations at a much finer granularity. ## ## elements. ## Example: ldap name "OEUsers" Spring role name "ROLE_OEUSERS" ldap.authpopulator.rolePrefix=ROLE_ ldap.authpopulator.searchBase=${ldap.groupsearch.base} ldap.authpopulator.groupSearchFilter=${ldap.groupsearch.filter} ldap.authpopulator.groupRoleAttribute=${ldap.grouprole.attribute} ldap.authpopulator.searchSubtree=true ldap.authpopulator.ignorePartialResultException=true ldap.authpopulator.convertToUpperCase=true ## Properties for the oerealm Authentication Manager (see authManageres.xml) ## Properties that connects to an AppServer Realm service and uses it as a ## source of user account information during the authentication step managed ## by the OERealmAuthProvider bean.The sample in this template requires ## changing the properties "realmURL" and "realmClass" to contain the run-time ## AppServer used for authentication and the developer supplied OOABL class name. ## ## The location of where the OERealm server's OOABL class will be executed may ## be within this PAS for OE server, or in a remote OpenEdge application server. ## Thus following are the values that "realmURL" can take: ## (1) "internal://nxgas" for local PAS for OE Server ## (2) "http:// [: ]/[oeabl-app-name/]apsv" for remote PAS for ## OE server ## (3) "http:// [: ]/ /aia" for remote classic ## AppServer via AIA ## (4) "AppServer:// : / " ## for remote classic AppServer using NameServer ## (5) "AppServerDC:// : / " ## for remote classic AppServer using Direct Connect OERealm.AuthProvider.multiTenant=true OERealm.AuthProvider.userDomain= OERealm.AuthProvider.accntinfo=true OERealm.AuthProvider.authz=true OERealm.AuthProvider.expires=0 # Declare placeholders for up to 10 OEClientPrincipalFilter # properties. Any number of properties larger than 10 # requires customization of authFilters.xml. # # Any property 'key' value whose first character is a # comment (#) is ignored when creating a Client-Principal # token OERealm.AuthProvider.properties.1.key=#doNotAdd OERealm.AuthProvider.properties.1.value= OERealm.AuthProvider.properties.2.key=#doNotAdd OERealm.AuthProvider.properties.2.value= OERealm.AuthProvider.properties.3.key=#doNotAdd OERealm.AuthProvider.properties.3.value= OERealm.AuthProvider.properties.4.key=#doNotAdd OERealm.AuthProvider.properties.4.value= OERealm.AuthProvider.properties.5.key=#doNotAdd OERealm.AuthProvider.properties.5.value= OERealm.AuthProvider.properties.6.key=#doNotAdd OERealm.AuthProvider.properties.6.value= OERealm.AuthProvider.properties.7.key=#doNotAdd OERealm.AuthProvider.properties.7.value= OERealm.AuthProvider.properties.8.key=#doNotAdd OERealm.AuthProvider.properties.8.value= OERealm.AuthProvider.properties.9.key=#doNotAdd OERealm.AuthProvider.properties.9.value= OERealm.AuthProvider.properties.10.key=#doNotAdd OERealm.AuthProvider.properties.10.value= ## Properties for the 'oerealm' Authentication Manager (see authManagers.xml) ## ## <b:bean id="OERealmUserDetails" ## OERealm.UserDetails.realmURL=internal://nxgas OERealm.UserDetails.realmClass=OpenEdge.Security.Realm.HybridRealm OERealm.UserDetails.grantedAuthorities=ROLE_PSCUser OERealm.UserDetails.rolePrefix=ROLE_ OERealm.UserDetails.roleAttrName=ATTR_ROLES OERealm.UserDetails.enabledAttrName=ATTR_ENABLED OERealm.UserDetails.lockedAttrName=ATTR_LOCKED OERealm.UserDetails.expiredAttrName=ATTR_EXPIRED OERealm.UserDetails.propertiesAttrName= OERealm.UserDetails.userIdAttrName= OERealm.UserDetails.realmPwdAlg=0 OERealm.UserDetails.certLocation= OERealm.UserDetails.appendRealmError=false OERealm.UserDetails.realmTokenFile= ## Properties for the 'ad' (ActiveDirectory) Authentication Manager (see authManagers.xml) ad.user.domain=changeme.com ad.ldap.url=ldap://adhost:389 ad.ldap.rootdn=dc=changeme,dc=com ad.AuthoritiesMapper.prefix=ROLE_ ad.AuthoritiesMapper.convertToUpperCase=true ## OAuth2 authorization handling for 'Resource Servers' web data service access ## and 'Authorization Servers' for obtaining access & refresh tokens to access a ## Resource server's data. ## ## ## Enable/disable the OAuth2 Resource and/or Authorization server support. ## The allowable values are {disable|enable} oauth2.ResourceServer.enable=enable oauth2.AuthorizationServer.enable=disable ## JWT token handler properties for jwtAuthFilter, oauth2.authSvc..., & oauth2.resSvc... jwtToken.signatureAlg=mac jwtToken.macKey=oeph3::B8E894037D0A296A0908F2FAFB0A0148 jwtToken.macAlg=HMACSHA256 jwtToken.jksKeystore.path= jwtToken.jksKeystore.pwd=oeph3::B8E894037D0A296A0908F2FAFB0A0148 jwtToken.jksKeystore.alias=sample jwtToken.defaultRoles= jwtToken.usernameField=sub jwtToken.mapScopeToRole=true jwtToken.scopeToRolePrefix=scope. jwtToken.includeAllClaims=true ## OAuth2 Authorization server configuration ## The OAuth2 Authorization server's responsibility is to manage interactions with an OAuth2 client ## appication and authenticate the client application, or end-user, identity and then send them ## and "access token", and optionally a "refresh token". The "access token" can be used to access ## OAuth2 Resource servers (see configuration below), and the "refresh token" can be used with this ## OAuth2 Authorization server to get a new "access token" after the current one expires. ## oauth2.authSvc.clientCfg=oauth2AuthSvcClients.cfg oauth2.authSvc.grantType.authorizationCode.disable=false oauth2.authSvc.grantType.implicit.disable=false oauth2.authSvc.grantType.refresh.disable=false oauth2.authSvc.grantType.clientCredentials.disable=false oauth2.authSvc.grantType.password.disable=false oauth2.authSvc.refreshToken.enable=true oauth2.authSvc.refreshToken.reuse=true oauth2.authSvc.accessToken.expiresSeconds=300000 oauth2.authSvc.refreshToken.expiresSeconds=2592000 oauth2.authSvc.realmName=oeoauth ## OAuth2 Resource server configuration ## An OAuth2 Resource server provides data-services for client applications. The client application ## sends an "access token" obtained from an OAuth2 Authorization server, which the Resource server ## must validate before it is accepted. Validation involves obtaining a JWT token that can be ## validated by the Resource server and its "claims" used to perform URL access control to the ## Resource service's data-services. The JWT may be obtained as a "self-contained" access token ## or by using the access token as an indirect reference to a JWT stored in the issuing Authorizaiton ## server. ## oauth2.resSvc.audience=oeablapp oauth2.resSvc.stateless=true oauth2.resSvc.clientCfg=oauth2ResSvcClients.cfg oauth2.resSvc.requestmatcher=ant oauth2.resSvc.csvpath=WEB-INF/oeablSecurityJWT.csv oauth2.resSvc.tokenServices=oauth2 oauth2.resSvc.realmName=oeoauth oauth2.resSvc.remoteTokenService.url= localhost:443/.../check_token oauth2.resSvc.remoteTokenService.loginId=changeme oauth2.resSvc.remoteTokenService.loginPwd=changme oauth2.resSvc.remoteTokenService.tokenName=token oauth2.resSvc.jdbcTokenService.driver=com.mysql.jdbc.Driver oauth2.resSvc.jdbcTokenService.url=jdbc:mysql://localhost:3306/spring_security_db oauth2.resSvc.jdbcTokenService.loginId=changeme oauth2.resSvc.jdbcTokenService.loginPwd=changeme

Continue reading...
 
Status
Not open for further replies.
Top