Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:application_configuration:dev:backend [2020/06/15 11:13]
kopro [Authentication] ad information about DefaultAccMultipleSystemAuthenticator 		devel:documentation:application_configuration:dev:backend [2020/08/13 11:03]
tomiskar [Role]
Line 73: Line 73:
 # Show transaction identifiers (uuid) in frontend application  # Show transaction identifiers (uuid) in frontend application 
 idm.pub.app.show.transactionId=false idm.pub.app.show.transactionId=false
-# Show role environmnent in frontend application for roles (table, role detail, niceLabel, info components, role select) +# Show role environment in frontend application for roles (table, role detail, niceLabel, info components, role select) 
 idm.pub.app.show.environment=true idm.pub.app.show.environment=true
 +# Show role baseCode in frontend application for roles (table, role detail, niceLabel, info components, role select) 
 +idm.pub.app.show.role.baseCode=true
 # Available size options for tables in frontend application # Available size options for tables in frontend application
 idm.pub.app.show.sizeOptions=10, 25, 50, 100 idm.pub.app.show.sizeOptions=10, 25, 50, 100
Line 80: Line 82:
 # default form can be disabled => at least one configured form projection is needed # default form can be disabled => at least one configured form projection is needed
 idm.pub.app.show.identity.formProjection.default=true idm.pub.app.show.identity.formProjection.default=true
 +# If is true, then role-request description will be show on the detail.
 +# Description will hidden if this property will be false and role request
 +# doesn't contains any value in description (can be filled during the approval process).
 +idm.pub.app.show.roleRequest.description=true
 # #
 # Private properties - used on backend only. # Private properties - used on backend only.
Line 87: Line 93:
 # demo data was created - prevent to create demo data duplicitly # demo data was created - prevent to create demo data duplicitly
 idm.sec.core.demo.data.created=false idm.sec.core.demo.data.created=false
-Enable forest index for tree structures +Create init data at application start. Init data (product provided roles) are updated automatically with pruct updates. 
-idm.sec.app.forest.index.enabled=true+# Set property to false to disable init data creation and updates. 
 +idm.sec.core.init.data.enabled=true
 </code> </code>
  
Line 501: Line 508:
  
 <code properties> <code properties>
 +#
 # Default user role will be added automatically, after an identity is logged in # Default user role will be added automatically, after an identity is logged in
 # could contains default authorities and authority policies configuration # could contains default authorities and authority policies configuration
 # for adding autocomplete or all record read permission etc. # for adding autocomplete or all record read permission etc.
 +# Role full code should be given (should contain environment, if it is used).
 +# Role authorities are updated automatically, when new IdM version is installed.
 idm.sec.core.role.default=userRole idm.sec.core.role.default=userRole
 +#
 # Admin user role # Admin user role
 +# Role full code should be given (should contain environment, if it is used).
 +# Role authorities are updated automatically, when new IdM version is installed.
 idm.sec.core.role.admin=superAdminRole idm.sec.core.role.admin=superAdminRole
 +#
 +# Helpdesk user role
 +# Role full code should be given (should contain environment, if it is used).
 +# Role authorities are updated automatically, when new IdM version is installed.
 +idm.sec.core.role.helpdesk=helpdeskRole
 +#
 +# User manager role
 +# Role full code should be given (should contain environment, if it is used).
 +# Role authorities are updated automatically, when new IdM version is installed.
 +idm.sec.core.role.userManager=userManagerRole
 +#
 +# Role manager role - role guarantee
 +# Role full code should be given (should contain environment, if it is used).
 +# Role authorities are updated automatically, when new IdM version is installed.
 +idm.sec.core.role.roleManager=roleManagerRole
 +#
 +# Virtual system implementer  role - product provided role for implementers (approve vs request etc.).
 +# Role full code should be given (should contain environment, if it is used).
 +# Role authorities are updated automatically, when new IdM version is installed.
 +idm.sec.vs.role.implementer=virtualSystemImplementerRole
 +#
 # Separator for the suffix with environment used in role code. # Separator for the suffix with environment used in role code.
 # Look out: when separator is changed, then all roles should be updated (manually from ui, by scripted LRT or by change script). # Look out: when separator is changed, then all roles should be updated (manually from ui, by scripted LRT or by change script).
Line 665: Line 699:
  
 ==== Authentication ==== ==== Authentication ====
-UUID of system, against which to user will be authenticated.+UUID of system, against which to user will be authenticated. This authentication is from version 10.4.0 deprecated.
 <code properties> <code properties>
 # ID system against which to authenticate # ID system against which to authenticate
Line 671: Line 705:
 </code> </code>
  
-Authentication against multiple system wich to user will be authenticated (since 10.4.0)+Authentication against multiple system wich to user will be authenticated (since 10.4.0) - ID or Code can be used:
 <code properties> <code properties>
-idm.sec.acc.security.auth.order1.systemId+idm.sec.acc.security.auth.order1.system
-idm.sec.acc.security.auth.order2.systemId=+idm.sec.acc.security.auth.order2.system=
 </code> </code>
  
  • by chalupat