Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
devel:documentation:application_configuration:dev:backend [2020/10/23 07:38] tomiskar [Entity filters] |
devel:documentation:application_configuration:dev:backend [2021/02/23 13:55] kucerar cas since information |
||
---|---|---|---|
Line 60: | Line 60: | ||
# Public properties - available for frontend without authentication (show information about app, decorators etc.). | # Public properties - available for frontend without authentication (show information about app, decorators etc.). | ||
# | # | ||
- | # Application stage - development, | + | # Application stage - development, |
idm.pub.app.stage= | idm.pub.app.stage= | ||
# Application instance / server id - is used for scheduler etc. | # Application instance / server id - is used for scheduler etc. | ||
Line 71: | Line 71: | ||
# Show identifiers (uuid) in frontend application. Empty value by default => identifier is shown, when application ' | # Show identifiers (uuid) in frontend application. Empty value by default => identifier is shown, when application ' | ||
idm.pub.app.show.id= | idm.pub.app.show.id= | ||
- | # Show transaction identifiers (uuid) in frontend application | + | # Show transaction identifiers (uuid) in frontend application. |
idm.pub.app.show.transactionId=false | idm.pub.app.show.transactionId=false | ||
- | # Show role environment in frontend application for roles (table, role detail, niceLabel, info components, role select) | + | # Show role environment in frontend application for roles (table, role detail, niceLabel, info components, role select). |
idm.pub.app.show.environment=true | idm.pub.app.show.environment=true | ||
- | # Show role baseCode in frontend application for roles (table, role detail, niceLabel, info components, role select) | + | # Show role baseCode in frontend application for roles (table, role detail, niceLabel, info components, role select). |
idm.pub.app.show.role.baseCode=true | idm.pub.app.show.role.baseCode=true | ||
+ | # Number of items (pagination) in role catalogue tree in root level. | ||
+ | idm.pub.app.show.roleCatalogue.tree.pagination.root.size=25 | ||
+ | # Number of items (pagination) in role catalogue tree in other levels. | ||
+ | idm.pub.app.show.roleCatalogue.tree.pagination.node.size=25 | ||
+ | # Number of items (pagination) in tree node structure in root level. | ||
+ | idm.pub.app.show.treeNode.tree.pagination.root.size=50 | ||
+ | # Number of items (pagination) in tree node structure in other levels. | ||
+ | idm.pub.app.show.treeNode.tree.pagination.node.size=50 | ||
# Available size options for tables in frontend application | # Available size options for tables in frontend application | ||
idm.pub.app.show.sizeOptions=10, | idm.pub.app.show.sizeOptions=10, | ||
Line 87: | Line 95: | ||
# Number of selected record is shown in drop down select header. | # Number of selected record is shown in drop down select header. | ||
idm.pub.app.show.table.quickButton.menuIncluded=true | idm.pub.app.show.table.quickButton.menuIncluded=true | ||
- | # show default form for newly created user | + | # Show default form for newly created user. |
- | # default | + | # Default |
idm.pub.app.show.identity.formProjection.default=true | idm.pub.app.show.identity.formProjection.default=true | ||
# If is true, then role-request description will be show on the detail. | # If is true, then role-request description will be show on the detail. | ||
Line 97: | Line 105: | ||
# Private properties - used on backend only. | # Private properties - used on backend only. | ||
# | # | ||
- | # create | + | # Create |
idm.sec.core.demo.data.enabled=true | idm.sec.core.demo.data.enabled=true | ||
- | # demo data was created - prevent to create demo data duplicitly | + | # Demo data was created - prevent to create demo data duplicitly. |
idm.sec.core.demo.data.created=false | idm.sec.core.demo.data.created=false | ||
# Create init data at application start. Init data (product provided roles) are updated automatically with pruct updates. | # Create init data at application start. Init data (product provided roles) are updated automatically with pruct updates. | ||
Line 658: | Line 666: | ||
# Default main WF for approve all roles. | # Default main WF for approve all roles. | ||
idm.sec.core.processor.role-request-approval-processor.wf=approve-identity-change-permissions | idm.sec.core.processor.role-request-approval-processor.wf=approve-identity-change-permissions | ||
+ | </ | ||
+ | |||
+ | ==== Universal requests ===== | ||
+ | <code properties> | ||
+ | ## Universal requests | ||
+ | # Role | ||
+ | idm.pub.core.request.idm-role.enabled=false | ||
+ | # Defines type of guarantee. Requests will be approving only by guarantee with this type. | ||
+ | # If returns null, then all guarantees will be used for approving (no limitations). | ||
+ | idm.sec.core.request.idm-role.approval.guarantee-type= | ||
</ | </ | ||
Line 791: | Line 809: | ||
This authentication filter reuses SSO authentication filter behavior above ('' | This authentication filter reuses SSO authentication filter behavior above ('' | ||
+ | |||
+ | === Two-factor authentication === | ||
+ | |||
+ | [[..: | ||
+ | |||
+ | <code properties> | ||
+ | # Verification secret length | ||
+ | totp.secret.length=32 | ||
+ | # Time Period ~ period to generate new authentication code | ||
+ | totp.time.period=30 | ||
+ | # Time Discrepancy - number of past (but still valid) authentication codes (e.g. when code is sent by notification, | ||
+ | totp.time.discrepancy=1 | ||
+ | |||
+ | </ | ||
+ | |||
+ | === CAS authentication filter === | ||
+ | @since 10.9.0 | ||
+ | [[..: | ||
+ | <code properties> | ||
+ | # Enable authentication via CAS. If enabled, all properties below "Other properties" | ||
+ | idm.pub.core.cas.sso.enabled=true | ||
+ | # Other properties | ||
+ | # Base URL where CAS is accessible. Syntax of this field is https:// | ||
+ | idm.pub.core.cas.url= | ||
+ | # Suffix which is, in effect, appended to idm.pub.core.cas.url. Resulting URL is used for login operation in CAS. It must start with slash (eg. /login). | ||
+ | idm.pub.core.cas.login-suffix=/ | ||
+ | # Suffix which is appended to idm.pub.core.cas.url. Resulting URL is used for single sign-out operation. It must start with slash (eg. /logout). | ||
+ | idm.pub.core.cas.logout-suffix=/ | ||
+ | # URL of CzechIdM. This URL is used for redirect back after logout and also for ticket validation. Syntax of this field is https:// | ||
+ | idm.pub.core.cas.idm-url= | ||
+ | # Header name in which CAS sends the ticket value. | ||
+ | idm.sec.core.cas.header-name=referer | ||
+ | # Path to CzechIdM for the HTTP Referer header used by CAS while redirecting back to application. This value is concatenated with CAS ticket to form Referer header. Syntax of this field is https:// | ||
+ | idm.sec.core.cas.header-prefix= | ||
+ | </ | ||
==== Backup ==== | ==== Backup ==== | ||
Line 797: | Line 850: | ||
<code properties> | <code properties> | ||
- | # configuration | + | # Configuration |
+ | # Configured attachment storage patrh ( see ' | ||
idm.sec.core.backups.default.folder.path=/ | idm.sec.core.backups.default.folder.path=/ | ||
</ | </ | ||
Line 837: | Line 891: | ||
You can disable long polling for all types of entites with use value `false`. | You can disable long polling for all types of entites with use value `false`. | ||
+ | |||
+ | |||
==== Provisioning ==== | ==== Provisioning ==== |