dariahsp.yml 2.59 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
saml.local.userfile: classpath:dariahsp_localusers.json


saml.keystore.path: /data/_srv/schereg/key/dfa-de-dariah-eu.jks

# Uncomment if keystore is protected by password
#saml.keystore.pass     : somepass

saml.keystore.alias: dfa.de.dariah.eu

# Alias pass is required, leave empty if no alias password is set in keystore
saml.keystore.aliaspass: '' 


saml.metadata.url: https://www.aai.dfn.de/fileadmin/metadata/dfn-aai-test-metadata.xml
#saml.metadata.url      : https://www.aai.dfn.de/fileadmin/metadata/dfn-aai-basic-metadata.xml

saml.sp.baseUrl: https://schereg.de.dariah.eu/schereg
saml.sp.entityId: https://schereg.de.dariah.eu

saml.sp.local: true
saml.sp.alias: schereg
#saml.sp.securityProfile  : metaiop
#saml.sp.sslSecurityProfile : pkix

#saml.sp.requireArtifactResolveSigned : false
#saml.sp.requireLogoutRequestSigned : false
#saml.sp.requireLogoutResponseSigned : false

saml.sp.signMetadata    : true
#saml.sp.signingAlgorithm : http://www.w3.org/2001/04/xmldsig-more#rsa-sha256

saml.sp.discovery: true
saml.sp.discovery.url: https://wayf.aai.dfn.de/DFN-AAI-Test/wayf
#saml.sp.discovery.url    : https://auth.dariah.eu/CDS/WAYF
saml.sp.discovery.return: https://schereg.de.dariah.eu/schereg/saml/login/alias/schereg?disco:true
saml.sp.ecpEnabled: true

#saml.sp.allowedNameIds   : EMAIL, PERSISTENT, X509_SUBJECT
#saml.sp.allowedNameIds    : EMAIL, TRANSIENT, PERSISTENT, UNSPECIFIED, X509_SUBJECT

saml.sp.signingKey: dfa.de.dariah.eu
saml.sp.encryptionKey: dfa.de.dariah.eu
saml.sp.tlsKey: dfa.de.dariah.eu


auth:
 local: 
   users:  
     - username: 'tobias'
       password: 'fuzzl'
     - username: 'kathrin'
       password: 'hanswurst'
   huttut:
    - affa: 'uffu0'
      kaka: 
       - pupu: lala0
       - lulu: lolo0
       - test: ['fupp0', 'fopp0']
    - affa: 'uffu1'
      kaka: 
       - pupu: lala1
       - lulu: lolo1
       - test: ['fupp1', 'fopp1']
   test: ['fupp', 'fopp'] 

#saml.sp.attr.names      : urn:oid:1.3.6.1.4.1.5923.1.1.1.6, urn:oid:0.9.2342.19200300.100.1.3, urn:oid:1.3.6.1.4.1.5923.1.1.1.7, urn:oid:1.3.6.1.4.1.5923.1.1.1.9, urn:oid:2.16.840.1.113730.3.1.241 
#saml.sp.attr.nameFormats  : urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri, urn:oasis:names:tc:SAML:2.0:attrname-format:uri
#saml.sp.attr.friendlyNames  : eduPersonPrincipalName, mail, eduPersonEntitlement, eduPersonScopedAffiliation, displayName
#saml.sp.attr.required     : true, true, false, false, false

#saml.sp.externalMetadata : /home/tobias/Downloads/spring_saml_metadata.xml