Orlando M Guerreiro
410061e9bf
Some checks failed
Release / release (push) Failing after 9m33s
fixed #13
227 lines
No EOL
12 KiB
YAML
227 lines
No EOL
12 KiB
YAML
# ===================================================================
|
|
# Spring Boot configuration for the "dev" profile.
|
|
#
|
|
# This configuration overrides the application.yml file.
|
|
#
|
|
# More information on profiles: https://www.jhipster.tech/profiles/
|
|
# More information on configuration properties: https://www.jhipster.tech/common-application-properties/
|
|
# ===================================================================
|
|
|
|
# ===================================================================
|
|
# Standard Spring Boot properties.
|
|
# Full reference is available at:
|
|
# http://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
|
|
# ===================================================================
|
|
|
|
logging:
|
|
level:
|
|
ROOT: DEBUG
|
|
tech.jhipster: DEBUG
|
|
org.hibernate.SQL: DEBUG
|
|
org.hibernate.orm.jdbc.bind: TRACE
|
|
com.oguerreiro.resilient: DEBUG
|
|
org.opensaml: DEBUG
|
|
org.springframework.security.saml2: DEBUG
|
|
org.springframework.security: DEBUG
|
|
org.hibernate.proxy: TRACE
|
|
org.hibernate.bytecode: TRACE
|
|
|
|
spring:
|
|
jpa:
|
|
show-sql: true
|
|
devtools:
|
|
restart:
|
|
enabled: true
|
|
additional-exclude: static/**
|
|
livereload:
|
|
enabled: false # we use Webpack dev server + BrowserSync for livereload
|
|
jackson:
|
|
serialization:
|
|
indent-output: true
|
|
datasource:
|
|
type: com.zaxxer.hikari.HikariDataSource
|
|
url: jdbc:mysql://localhost:3306/resilient_resilient?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&createDatabaseIfNotExist=true
|
|
username: root
|
|
password: root
|
|
# BROWNSEA Deploy
|
|
# url: jdbc:mariadb://192.168.1.99:3306/resilient_resilient?useUnicode=true&characterEncoding=utf8&useSSL=false&useLegacyDatetimeCode=false&createDatabaseIfNotExist=true
|
|
# username: root
|
|
# password: root%1234
|
|
# REMEMBER to disable liquibase: "liquibase.enabled: false"
|
|
hikari:
|
|
poolName: Hikari
|
|
auto-commit: false
|
|
data-source-properties:
|
|
cachePrepStmts: true
|
|
prepStmtCacheSize: 250
|
|
prepStmtCacheSqlLimit: 2048
|
|
useServerPrepStmts: true
|
|
liquibase:
|
|
# Remove 'faker' if you do not want the sample data to be loaded automatically
|
|
# enabled: false
|
|
contexts: dev
|
|
mail:
|
|
host: localhost
|
|
port: 25
|
|
username:
|
|
password:
|
|
messages:
|
|
cache-duration: PT1S # 1 second, see the ISO 8601 standard
|
|
thymeleaf:
|
|
cache: false
|
|
# security: # SAMLv2 Config Placeholder
|
|
|
|
server:
|
|
port: 8081
|
|
# port: 8443
|
|
# ssl:
|
|
# key-store: classpath:keystore/keystore.p12
|
|
# key-store-password: nova#123
|
|
# key-store-type: PKCS12
|
|
# key-alias: innova-ssl-cert
|
|
|
|
# ===================================================================
|
|
# JHipster specific properties
|
|
#
|
|
# Full reference is available at: https://www.jhipster.tech/common-application-properties/
|
|
# ===================================================================
|
|
|
|
jhipster:
|
|
cache: # Cache configuration
|
|
ehcache: # Ehcache configuration
|
|
time-to-live-seconds: 3600 # By default objects stay 1 hour in the cache
|
|
max-entries: 100 # Number of objects in each cache entry
|
|
# CORS is only enabled by default with the "dev" profile
|
|
cors:
|
|
# Allow Ionic for JHipster by default (* no longer allowed in Spring Boot 2.4+)
|
|
allowed-origins: 'http://innova.oguerreiro.com,https://innova.oguerreiro.com,https://resilient.localhost,http://resilient.localhost,http://localhost:8081,https://localhost:8081,http://localhost:8100,https://localhost:8100,http://localhost:9000,https://localhost:9000,http://localhost:4200,https://localhost:4200'
|
|
# Enable CORS when running in GitHub Codespaces
|
|
allowed-origin-patterns: 'https://*.githubpreview.dev'
|
|
allowed-methods: '*'
|
|
allowed-headers: '*'
|
|
exposed-headers: 'Link,X-Total-Count,X-${jhipster.clientApp.name}-alert,X-${jhipster.clientApp.name}-error,X-${jhipster.clientApp.name}-params'
|
|
allow-credentials: true
|
|
max-age: 1800
|
|
security:
|
|
remember-me:
|
|
# security key (this key should be unique for your application, and kept secret)
|
|
key: 6436150a69ff50bcf383fbb9d974e2e7bd5c4439beaeef76e87a042d920db55f1f161147c30e01db9fd82117e47db521be8f
|
|
mail: # specific JHipster mail property, for standard properties see MailProperties
|
|
base-url: http://127.0.0.1:8081
|
|
logging:
|
|
use-json-format: false # By default, logs are not in Json format
|
|
logstash: # Forward logs to logstash over a socket, used by LoggingConfiguration
|
|
enabled: false
|
|
host: localhost
|
|
port: 5000
|
|
ring-buffer-size: 512
|
|
# ===================================================================
|
|
# Application specific properties
|
|
# Add your own application properties here, see the ApplicationProperties class
|
|
# to have type-safe configuration, like in the JHipsterProperties above
|
|
#
|
|
# More documentation is available at:
|
|
# https://www.jhipster.tech/common-application-properties/
|
|
# ===================================================================
|
|
|
|
# application:
|
|
|
|
# ===================================================================
|
|
# Resilient specific properties
|
|
# server.http
|
|
# enabled: SpringBoot application.yml dosen't allow both http and https,
|
|
# the solution is to provide http with a custom listener.
|
|
# Set this to 'true' to enable it. Defaults to 'false'
|
|
# port: The port number to listen. Defaults to 8081.
|
|
# mock-idp
|
|
# enabled: For DEV and test pourposes a mock-idp server is provided.
|
|
# Set this to 'true' to enable it on SpringBoot startup. Defaults to 'false'
|
|
# Available only with DEV profile.
|
|
# path: The path to idp.js file. Default impl is package in \src\main\mock-idp\idp.js
|
|
# ===================================================================
|
|
|
|
resilient:
|
|
server:
|
|
http:
|
|
enabled: false
|
|
port: 8081
|
|
mock-idp:
|
|
enabled: true
|
|
path: classpath:mock-idp/idp.js
|
|
security:
|
|
basic: # ADDED to config the formLogin (user+password). This allows for the DISABLE of basic authentication
|
|
enabled: true
|
|
saml2: # ADDED to support SAMLv2 authentication to IDP.
|
|
# Metadata endpoint ${base-url}/saml2/service-provider-metadata/mock-idp
|
|
enabled: true
|
|
idp-id: mock-idp # The id of the IDP to use. One from the collection in relyingparty.registration
|
|
base-url: http://resilient.localhost # old: https://localhost:8443
|
|
success-url: http://resilient.localhost/
|
|
failure-url: http://resilient.localhost/login
|
|
relyingparty:
|
|
registration:
|
|
mock-idp:
|
|
assertingparty:
|
|
entity-id: http://mock-idp.localhost/saml/metadata # old: http://localhost:3000/saml/metadata
|
|
single-sign-on:
|
|
url: http://mock-idp.localhost/saml/sso # old: http://localhost:3000/saml/sso
|
|
# OPTIONAL. A list of query parameters to add to single-sign-on.url. This is usefull for mock-idp, to give instructions on how to behave
|
|
query-parameters:
|
|
spUrl: http://resilient.localhost # The callback to Service Provider, after IDP authentication (OK | KO). Appends the encoded url: acs=https%3A%2F%2Fresilient.localhost%2Flogin%2Fsaml2%2Fsso%2Fmock-idp
|
|
issuerUrl: http://mock-idp.localhost/saml/metadata # The IDP entity-id. This is needed for mock-idp to build saml2 response
|
|
single-logout:
|
|
url: http://mock-idp.localhost/saml/slo # old: http://localhost:3000/saml/slo
|
|
attributes: # This is a mapping between the needed attributes, and the names of the attributes in the SAML2 Response
|
|
# Leave BLANK if SAML doesn't provide that attribute'
|
|
name: name # the user display name [OPTIONAL]
|
|
username: urn:mace:dir:attribute-def:mail # the username, typically for authentication. Fallsback to email. [MANDATORY]
|
|
email: email # the user email [MANDATORY]
|
|
organization-code: # organization unit code [OPTIONAL]. Eg. "organization_code"
|
|
security-group-code: # security group code [OPTIONAL]. Eg. "security_group"
|
|
role: # a single role is expected [OPTIONAL]. Eg. "roles"
|
|
defaults: # For some attributes defaults can be given. This will be used if SAML2 response doesn't have them
|
|
organization-code: NOVA # default organization unit code
|
|
security-group-code: GRP_USER # default security group code
|
|
role: ROLE_USER # default role
|
|
verification:
|
|
credentials:
|
|
- certificate-location: classpath:saml/idp-public.cert
|
|
want-authn-signed: false # Validate signature in entire message response (true-validates/false-doesn't validate)
|
|
want-assertion-signed: true # Validate signature in assertions message response (true-validates/false-doesn't validate)
|
|
signing:
|
|
credentials:
|
|
- private-key-location: classpath:saml/private.key
|
|
certificate-location: classpath:saml/public.cert
|
|
unl-idp:
|
|
assertingparty:
|
|
entity-id: http://unl-idp.localhost/saml/metadata
|
|
single-sign-on:
|
|
url: http://unl-idp.localhost/saml/sso
|
|
# OPTIONAL. A list of query parameters to add to single-sign-on.url. This is usefull for mock-idp, to give instructions on how to behave
|
|
query-parameters:
|
|
spUrl: http://resilient.localhost # The callback to Service Provider, after IDP authentication (OK | KO). Appends the encoded url: acs=https%3A%2F%2Fresilient.localhost%2Flogin%2Fsaml2%2Fsso%2Fmock-idp
|
|
issuerUrl: http://unl-idp.localhost/saml/metadata # The IDP entity-id. This is needed for mock-idp to build saml2 response
|
|
single-logout:
|
|
url: http://unl-idp.localhost/saml/slo # old: http://localhost:3000/saml/slo
|
|
attributes: # This is a mapping between the needed attributes, and the names of the attributes in the SAML2 Response
|
|
# Leave BLANK if SAML doesn't provide that attribute'
|
|
name: urn:mace:dir:attribute-def:displayName # the user display name [OPTIONAL]
|
|
username: urn:mace:dir:attribute-def:mail # the username, typically for authentication. Fallsback to email. [MANDATORY]
|
|
email: urn:mace:dir:attribute-def:mail # the user email [MANDATORY]
|
|
organization-code: # organization unit code [OPTIONAL]
|
|
security-group-code: # security group code [OPTIONAL]
|
|
role: # a single role is expected [OPTIONAL]
|
|
defaults: # For some attributes defaults can be given. This will be used if SAML2 response doesn't have them
|
|
organization-code: NOVA # default organization unit code
|
|
security-group-code: GRP_USER # default security group code
|
|
role: ROLE_USER # default role
|
|
verification:
|
|
credentials:
|
|
- certificate-location: classpath:saml/idp-public.cert
|
|
want-authn-signed: false # Validate signature in entire message response (true-validates/false-doesn't validate)
|
|
want-assertion-signed: true # Validate signature in assertions message response (true-validates/false-doesn't validate)
|
|
check-in-response-to: false # The UNL IDP doesn't implement this. Must be false.
|
|
signing:
|
|
credentials:
|
|
- private-key-location: classpath:saml/private.key
|
|
certificate-location: classpath:saml/public.cert |