applicationConfig.properties 8.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199
  1. ############################################################################
  2. # MaxKey
  3. ############################################################################
  4. # domain name configuration
  5. config.server.domain=maxkey.org
  6. config.server.domain.sub=sso.${config.server.domain}
  7. config.server.name=http://${config.server.domain.sub}
  8. config.server.prefix.uri=${config.server.name}/maxkey
  9. #default.uri
  10. config.server.default.uri=${config.server.prefix.uri}/maxkey/appList
  11. config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login
  12. #InMemory 0 , jdbc 1, Redis 2
  13. config.server.persistence=0
  14. config.app.issuer=CN=ConSec,CN=COM,CN=SH
  15. ############################################################################
  16. # Login configuration
  17. #enable captcha
  18. config.login.captcha=true
  19. #text or arithmetic
  20. config.login.captcha.type=text
  21. #enable two factor,use one time password
  22. config.login.onetimepwd=true
  23. #enable social sign on
  24. config.login.socialsignon=true
  25. #social sign on providers
  26. config.login.socialsignon.providers=sinaweibo,google,qq,dingtalk,microsoft,facebook
  27. #Enable kerberos/SPNEGO
  28. config.login.kerberos=true
  29. #wsFederation
  30. config.login.wsfederation=false
  31. #remeberme
  32. config.login.remeberme=true
  33. #validity
  34. config.login.remeberme.validity=0
  35. #to default application web site
  36. config.login.default.uri=appList
  37. config.ipaddress.whitelist=false
  38. config.otp.keyuri.format.type=totp
  39. config.otp.keyuri.format.digits=6
  40. config.otp.keyuri.format.issuer=MaxKey
  41. config.otp.keyuri.format.domain=${config.server.domain}
  42. config.otp.keyuri.format.period=30
  43. ############################################################################
  44. # Kerberos Login configuration
  45. ############################################################################
  46. #short name of user domain must be in upper case,eg:MAXKEY
  47. config.support.kerberos.default.userdomain=MAXKEY
  48. #short name of user domain must be in upper case,eg:MAXKEY.ORG
  49. config.support.kerberos.default.fulluserdomain=MAXKEY.ORG
  50. #last 8Bit crypto for Kerberos web Authentication
  51. config.support.kerberos.default.crypto=846KZSzYq56M6d5o
  52. #Kerberos Authentication server RUL
  53. config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn/
  54. ############################################################################
  55. # HTTPHEADER Login configuration
  56. ############################################################################
  57. config.support.httpheader.enable=false
  58. config.support.httpheader.headername=header-user
  59. # iv-user is for IBM Security Access Manager
  60. #config.httpheader.headername=iv-user
  61. ############################################################################
  62. # BASIC Login support configuration
  63. ############################################################################
  64. config.support.basic.enable=false
  65. #############################################################################
  66. # WsFederation Login support configuration
  67. #identifier: the identifer for the ADFS server
  68. #url: the login url for ADFS
  69. #principal: the name of the attribute/assertion returned by ADFS that contains the principal's username.
  70. #relyingParty: the identifier of the CAS Server as it has been configured in ADFS.
  71. #tolerance: (optional) the amount of drift to allow when validating the timestamp on the token. Default: 10000 (ms)
  72. #attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server
  73. #signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS.
  74. ############################################################################
  75. config.support.wsfederation.identifier=http://adfs.maxkey.org/adfs/services/trust
  76. config.support.wsfederation.url=https://adfs.maxkey.org/adfs/ls/
  77. config.support.wsfederation.principal=upn
  78. config.support.wsfederation.relyingParty=urn:federation:connsec
  79. config.support.wsfederation.signingCertificate=adfs-signing.crt
  80. config.support.wsfederation.tolerance=10000
  81. config.support.wsfederation.upn.suffix=maxkey.org
  82. config.support.wsfederation.logoutUrl=https://adfs.maxkey.org/adfs/ls/?wa=wsignout1.0
  83. #############################################################################
  84. #############################################################################
  85. config.oidc.metadata.issuer=${config.server.name}/maxkey
  86. config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize
  87. config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token
  88. config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo
  89. #############################################################################
  90. ############################################################################
  91. # Social Sign On Configuration #
  92. #you config client.id & client.secret only
  93. ############################################################################
  94. ############################################################################
  95. #sina weibo
  96. config.socialsignon.sinaweibo.provider=sinaweibo
  97. config.socialsignon.sinaweibo.provider.name=\u65B0\u6D6A\u5FAE\u535A
  98. config.socialsignon.sinaweibo.icon=images/social/sinaweibo.png
  99. config.socialsignon.sinaweibo.client.id=3379757634
  100. config.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba
  101. config.socialsignon.sinaweibo.account.id=id
  102. config.socialsignon.sinaweibo.sortorder=1
  103. #Google
  104. config.socialsignon.google.provider=google
  105. config.socialsignon.google.provider.name=Google
  106. config.socialsignon.google.icon=images/social/google.png
  107. config.socialsignon.google.client.id=519914515488.apps.googleusercontent.com
  108. config.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt
  109. config.socialsignon.google.account.id=id
  110. config.socialsignon.google.sortorder=2
  111. #QQ
  112. config.socialsignon.qq.provider=qq
  113. config.socialsignon.qq.provider.name=QQ
  114. config.socialsignon.qq.icon=images/social/qq.png
  115. config.socialsignon.qq.client.id=101225363
  116. config.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd
  117. config.socialsignon.qq.account.id=openid
  118. config.socialsignon.qq.sortorder=4
  119. #dingtalk
  120. config.socialsignon.dingtalk.provider=dingtalk
  121. config.socialsignon.dingtalk.provider.name=dingtalk
  122. config.socialsignon.dingtalk.icon=images/social/dingtalk.png
  123. config.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg
  124. config.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9
  125. config.socialsignon.dingtalk.account.id=openid
  126. config.socialsignon.dingtalk.sortorder=5
  127. #Microsoft
  128. config.socialsignon.microsoft.provider=microsoft
  129. config.socialsignon.microsoft.provider.name=Microsoft
  130. config.socialsignon.microsoft.icon=images/social/live.png
  131. config.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95
  132. config.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5
  133. config.socialsignon.microsoft.account.id=id
  134. config.socialsignon.microsoft.sortorder=6
  135. #facebook
  136. config.socialsignon.facebook.provider=facebook
  137. config.socialsignon.facebook.provider.name=facebook
  138. config.socialsignon.facebook.icon=images/social/facebook.png
  139. config.socialsignon.facebook.client.id=appKey
  140. config.socialsignon.facebook.client.secret=appSecret
  141. config.socialsignon.facebook.account.id=id
  142. config.socialsignon.facebook.sortorder=7
  143. ############################################################################
  144. # SAML V2.0 configuration
  145. #saml common
  146. config.saml.v20.max.parser.pool.size=2
  147. config.saml.v20.assertion.validity.time.ins.seconds=90
  148. config.saml.v20.replay.cache.life.in.millis=14400000
  149. config.saml.v20.issue.instant.check.clock.skew.in.seconds=90
  150. config.saml.v20.issue.instant.check.validity.time.in.seconds=300
  151. #saml idp keystore
  152. config.saml.v20.idp.keystore.password=maxkey
  153. config.saml.v20.idp.keystore.private.key.password=maxkey
  154. config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
  155. #keystore id for sec
  156. config.saml.v20.idp.issuing.entity.id=maxkey.org
  157. config.saml.v20.idp.issuer=https://sso.maxkey.org/maxkey/saml
  158. config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.org/
  159. #saml sp keystore
  160. config.saml.v20.sp.keystore.password=maxkey
  161. config.saml.v20.sp.keystore.private.key.password=maxkey
  162. config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
  163. config.saml.v20.sp.issuing.entity.id=client.maxkey.org
  164. #Saml v20 Metadata
  165. config.saml.v20.metadata.orgName=maxkey
  166. config.saml.v20.metadata.orgDisplayName=maxkey
  167. config.saml.v20.metadata.orgURL=https://github.com/shimingxy/MaxKey
  168. config.saml.v20.metadata.contactType=technical
  169. config.saml.v20.metadata.company=maxkey
  170. config.saml.v20.metadata.givenName=maxkey
  171. config.saml.v20.metadata.surName=maxkey
  172. config.saml.v20.metadata.emailAddress=shimingxy@163.com
  173. config.saml.v20.metadata.telephoneNumber=4008981111