# =================================================================== # Spring Boot configuration for the "dev" profile. # # This configuration overrides the application.yml file. # # More information on profiles: https://www.jhipster.tech/profiles/ # More information on configuration properties: https://www.jhipster.tech/common-application-properties/ # =================================================================== # =================================================================== # Standard Spring Boot properties. # Full reference is available at: # http://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html # =================================================================== logging: level: ROOT: DEBUG tech.jhipster: DEBUG org.hibernate.SQL: DEBUG org.hibernate.orm.jdbc.bind: TRACE com.oguerreiro.resilient: DEBUG org.opensaml: DEBUG org.springframework.security.saml2: DEBUG org.springframework.security: DEBUG org.hibernate.proxy: TRACE org.hibernate.bytecode: TRACE spring: jpa: show-sql: true devtools: restart: enabled: true additional-exclude: static/** livereload: enabled: false # we use Webpack dev server + BrowserSync for livereload jackson: serialization: indent-output: true datasource: type: com.zaxxer.hikari.HikariDataSource url: jdbc:mysql://localhost:3306/resilient_resilient?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&createDatabaseIfNotExist=true username: root password: root # BROWNSEA Deploy # url: jdbc:mariadb://192.168.1.99:3306/resilient_resilient?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&createDatabaseIfNotExist=true # username: root # password: root%1234 # REMEMBER to disable liquibase: "liquibase.enabled: false" hikari: poolName: Hikari auto-commit: false data-source-properties: cachePrepStmts: true prepStmtCacheSize: 250 prepStmtCacheSqlLimit: 2048 useServerPrepStmts: true liquibase: # Remove 'faker' if you do not want the sample data to be loaded automatically # enabled: false contexts: dev mail: host: localhost port: 25 username: password: messages: cache-duration: PT1S # 1 second, see the ISO 8601 standard thymeleaf: cache: false # security: # SAMLv2 Config Placeholder server: port: 8081 # port: 8443 # ssl: # key-store: classpath:keystore/keystore.p12 # key-store-password: nova#123 # key-store-type: PKCS12 # key-alias: innova-ssl-cert # =================================================================== # JHipster specific properties # # Full reference is available at: https://www.jhipster.tech/common-application-properties/ # =================================================================== jhipster: cache: # Cache configuration ehcache: # Ehcache configuration time-to-live-seconds: 3600 # By default objects stay 1 hour in the cache max-entries: 100 # Number of objects in each cache entry # CORS is only enabled by default with the "dev" profile cors: # Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+) allowed-origins: 'http://innova.oguerreiro.com,https://innova.oguerreiro.com,https://resilient.localhost,http://resilient.localhost,http://localhost:8081,https://localhost:8081,http://localhost:8100,https://localhost:8100,http://localhost:9000,https://localhost:9000,http://localhost:4200,https://localhost:4200' # Enable CORS when running in GitHub Codespaces allowed-origin-patterns: 'https://*.githubpreview.dev' allowed-methods: '*' allowed-headers: '*' exposed-headers: 'Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params' allow-credentials: true max-age: 1800 security: remember-me: # security key (this key should be unique for your application, and kept secret) key: 6436150a69ff50bcf383fbb9d974e2e7bd5c4439beaeef76e87a042d920db55f1f161147c30e01db9fd82117e47db521be8f mail: # specific JHipster mail property, for standard properties see MailProperties base-url: http://127.0.0.1:8081 logging: use-json-format: false # By default, logs are not in Json format logstash: # Forward logs to logstash over a socket, used by LoggingConfiguration enabled: false host: localhost port: 5000 ring-buffer-size: 512 # =================================================================== # Application specific properties # Add your own application properties here, see the ApplicationProperties class # to have type-safe configuration, like in the JHipsterProperties above # # More documentation is available at: # https://www.jhipster.tech/common-application-properties/ # =================================================================== # application: # =================================================================== # Resilient specific properties # server.http # enabled: SpringBoot application.yml dosen't allow both http and https, # the solution is to provide http with a custom listener. # Set this to 'true' to enable it. Defaults to 'false' # port: The port number to listen. Defaults to 8081. # mock-idp # enabled: For DEV and test pourposes a mock-idp server is provided. # Set this to 'true' to enable it on SpringBoot startup. Defaults to 'false' # Available only with DEV profile. # path: The path to idp.js file. Default impl is package in \src\main\mock-idp\idp.js # =================================================================== resilient: server: http: enabled: false port: 8081 mock-idp: enabled: true path: classpath:mock-idp/idp.js security: basic: # ADDED to config the formLogin (user+password). This allows for the DISABLE of basic authentication enabled: true saml2: # ADDED to support SAMLv2 authentication to IDP. # Metadata endpoint ${base-url}/saml2/service-provider-metadata/mock-idp enabled: true idp-id: mock-idp # The id of the IDP to use. One from the collection in relyingparty.registration base-url: http://resilient.localhost # old: https://localhost:8443 success-url: http://resilient.localhost/ failure-url: http://resilient.localhost/login relyingparty: registration: mock-idp: assertingparty: entity-id: http://mock-idp.localhost/saml/metadata # old: http://localhost:3000/saml/metadata single-sign-on: url: http://mock-idp.localhost/saml/sso # old: http://localhost:3000/saml/sso # OPTIONAL. A list of query parameters to add to single-sign-on.url. This is usefull for mock-idp, to give instructions on how to behave query-parameters: spUrl: http://resilient.localhost # The callback to Service Provider, after IDP authentication (OK | KO). Appends the encoded url: acs=https%3A%2F%2Fresilient.localhost%2Flogin%2Fsaml2%2Fsso%2Fmock-idp issuerUrl: http://mock-idp.localhost/saml/metadata # The IDP entity-id. This is needed for mock-idp to build saml2 response single-logout: url: http://mock-idp.localhost/saml/slo # old: http://localhost:3000/saml/slo attributes: # This is a mapping between the needed attributes, and the names of the attributes in the SAML2 Response # Leave BLANK if SAML doesn't provide that attribute' name: name # the user display name [OPTIONAL] username: urn:mace:dir:attribute-def:mail # the username, typically for authentication. Fallsback to email. [MANDATORY] email: email # the user email [MANDATORY] organization-code: # organization unit code [OPTIONAL]. Eg. "organization_code" security-group-code: # security group code [OPTIONAL]. Eg. "security_group" role: # a single role is expected [OPTIONAL]. Eg. "roles" defaults: # For some attributes defaults can be given. This will be used if SAML2 response doesn't have them organization-code: NOVA # default organization unit code security-group-code: GRP_USER # default security group code role: ROLE_USER # default role verification: credentials: - certificate-location: classpath:saml/idp-public.cert want-authn-signed: false # Validate signature in entire message response (true-validates/false-doesn't validate) want-assertion-signed: true # Validate signature in assertions message response (true-validates/false-doesn't validate) signing: credentials: - private-key-location: classpath:saml/private.key certificate-location: classpath:saml/public.cert unl-idp: assertingparty: entity-id: http://unl-idp.localhost/saml/metadata single-sign-on: url: http://unl-idp.localhost/saml/sso # OPTIONAL. A list of query parameters to add to single-sign-on.url. This is usefull for mock-idp, to give instructions on how to behave query-parameters: spUrl: http://resilient.localhost # The callback to Service Provider, after IDP authentication (OK | KO). Appends the encoded url: acs=https%3A%2F%2Fresilient.localhost%2Flogin%2Fsaml2%2Fsso%2Fmock-idp issuerUrl: http://unl-idp.localhost/saml/metadata # The IDP entity-id. This is needed for mock-idp to build saml2 response single-logout: url: http://unl-idp.localhost/saml/slo # old: http://localhost:3000/saml/slo attributes: # This is a mapping between the needed attributes, and the names of the attributes in the SAML2 Response # Leave BLANK if SAML doesn't provide that attribute' name: urn:mace:dir:attribute-def:displayName # the user display name [OPTIONAL] username: urn:mace:dir:attribute-def:mail # the username, typically for authentication. Fallsback to email. [MANDATORY] email: urn:mace:dir:attribute-def:mail # the user email [MANDATORY] organization-code: # organization unit code [OPTIONAL] security-group-code: # security group code [OPTIONAL] role: # a single role is expected [OPTIONAL] defaults: # For some attributes defaults can be given. This will be used if SAML2 response doesn't have them organization-code: NOVA # default organization unit code security-group-code: GRP_USER # default security group code role: ROLE_USER # default role verification: credentials: - certificate-location: classpath:saml/idp-public.cert want-authn-signed: false # Validate signature in entire message response (true-validates/false-doesn't validate) want-assertion-signed: true # Validate signature in assertions message response (true-validates/false-doesn't validate) check-in-response-to: false # The UNL IDP doesn't implement this. Must be false. signing: credentials: - private-key-location: classpath:saml/private.key certificate-location: classpath:saml/public.cert