-
Notifications
You must be signed in to change notification settings - Fork 160
/
shiro.ini
126 lines (104 loc) · 5.47 KB
/
shiro.ini
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# =======================
# Shiro INI configuration
# =======================
[main]
# Objects and their properties are defined here,
# Such as the securityManager, Realms and anything
# else needed to build the SecurityManager
#authenticator
authenticator = org.eclipse.kapua.service.authentication.shiro.KapuaAuthenticator
securityManager.authenticator = $authenticator
#
# Auth filters
kapuaAuthcAccessToken = org.eclipse.kapua.app.api.core.auth.KapuaTokenAuthenticationFilter
corsFilter = org.eclipse.kapua.app.api.core.CORSResponseFilter
##########
# Realms #
##########
# Login
kapuaUserPassAuthenticatingRealm = org.eclipse.kapua.service.authentication.shiro.realm.UserPassAuthenticatingRealm
kapuaApiKeyAuthenticatingRealm = org.eclipse.kapua.service.authentication.shiro.realm.ApiKeyAuthenticatingRealm
kapuaJwtAuthenticatingRealm = org.eclipse.kapua.service.authentication.shiro.realm.JwtAuthenticatingRealm
# Session
kapuaAccessTokenAuthenticatingRealm = org.eclipse.kapua.service.authentication.shiro.realm.AccessTokenAuthenticatingRealm
# Authorization
kapuaAuthorizingRealm = org.eclipse.kapua.service.authorization.shiro.KapuaAuthorizingRealm
securityManager.realms = $kapuaAuthorizingRealm, $kapuaAccessTokenAuthenticatingRealm, $kapuaApiKeyAuthenticatingRealm, $kapuaUserPassAuthenticatingRealm, $kapuaJwtAuthenticatingRealm
# 90*24*60*60 seconds = 90 days = 7776000 seconds
securityManager.rememberMeManager.cookie.name = kapua-rememberme
securityManager.rememberMeManager.cookie.maxAge = 0
[users]
# The 'users' section is for simple deployments
# when you only need a small number of statically-defined
# set of User accounts.
[roles]
# The 'roles' section is for simple deployments
# when you only need a small number of statically-defined
# roles.
[urls]
# The 'urls' section is used for url-based security
# in web applications. We'll discuss this section in the
# Web documentation
/v1/test = corsFilter, kapuaAuthcAccessToken
# Authentication
/v1/authentication/info = corsFilter, kapuaAuthcAccessToken
/v1/authentication/logout = corsFilter, kapuaAuthcAccessToken
/v1/*/credentials.json = corsFilter, kapuaAuthcAccessToken
/v1/*/credentials.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/credentials/** = corsFilter, kapuaAuthcAccessToken
# Authorization
/v1/*/accessinfos.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/accessinfos.json = corsFilter, kapuaAuthcAccessToken
/v1/*/accessinfos/** = corsFilter, kapuaAuthcAccessToken
/v1/*/domains.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/domains.json = corsFilter, kapuaAuthcAccessToken
/v1/*/domains/** = corsFilter, kapuaAuthcAccessToken
/v1/*/groups.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/groups.json = corsFilter, kapuaAuthcAccessToken
/v1/*/groups/** = corsFilter, kapuaAuthcAccessToken
/v1/*/roles.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/roles.json = corsFilter, kapuaAuthcAccessToken
/v1/*/roles/** = corsFilter, kapuaAuthcAccessToken
# Account
/v1/*/accounts.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/accounts.json = corsFilter, kapuaAuthcAccessToken
/v1/*/accounts/** = corsFilter, kapuaAuthcAccessToken
# Datastore
/v1/*/data/clients.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/data/clients.json = corsFilter, kapuaAuthcAccessToken
/v1/*/data/clients/** = corsFilter, kapuaAuthcAccessToken
/v1/*/data/channels.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/data/channels.json = corsFilter, kapuaAuthcAccessToken
/v1/*/data/channels/** = corsFilter, kapuaAuthcAccessToken
/v1/*/data/messages.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/data/messages.json = corsFilter, kapuaAuthcAccessToken
/v1/*/data/messages/** = corsFilter, kapuaAuthcAccessToken
/v1/*/data/metrics.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/data/metrics.json = corsFilter, kapuaAuthcAccessToken
/v1/*/data/metrics/** = corsFilter, kapuaAuthcAccessToken
# Device and Device Management
/v1/*/devices.json = corsFilter, kapuaAuthcAccessToken
/v1/*/devices.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/devices/** = corsFilter, kapuaAuthcAccessToken
/v1/*/deviceconnections.json = corsFilter, kapuaAuthcAccessToken
/v1/*/deviceconnections.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/deviceconnections/** = corsFilter, kapuaAuthcAccessToken
# Endpoint
/v1/*/endpointInfos.json = corsFilter, kapuaAuthcAccessToken
/v1/*/endpointInfos.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/endpointInfos/** = corsFilter, kapuaAuthcAccessToken
# Service Configurations
/v1/*/serviceConfigurations = corsFilter, kapuaAuthcAccessToken
/v1/*/serviceConfigurations/** = corsFilter, kapuaAuthcAccessToken
# Streams
/v1/*/streams/** = corsFilter, kapuaAuthcAccessToken
# Tag
/v1/*/tags.json = corsFilter, kapuaAuthcAccessToken
/v1/*/tags.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/tags/** = corsFilter, kapuaAuthcAccessToken
# User
/v1/*/users.json = corsFilter, kapuaAuthcAccessToken
/v1/*/users.xml = corsFilter, kapuaAuthcAccessToken
/v1/*/users/** = corsFilter, kapuaAuthcAccessToken
# All other paths
/v1/** = corsFilter