-
Notifications
You must be signed in to change notification settings - Fork 0
Server configuration
Amanda Anganes edited this page Jul 12, 2013
·
5 revisions
The MITREid Connect server can function as an OpenID Connect Identity Provider (IdP) and an OAuth 2.0 Authorization Server (AS) simultaneously. The server is a Spring application and its configuration files are found in openid-connect-server/src/main/webapp/WEB-INF/ and end in .xml. The configuration has been split into multiple .xml files to facilitate overrides and custom configuration. As such, application-context.xml and spring-servlet.xml should never be edited or overridden by a local configuration. Rather, each of the remaining files contains aspects that can be configured independently:
-
user-context.xml: Defines how users user information is stored and accessed within the system, which users map to administrators, and how the site's default access controls will work. -
server-config.xml: Defines the server's ConfigurationPropertiesBean class which defines the server'sIssuerURL, from which all other URLs in the system are based. This also defines the display title and titlebar icon. -
data-context.xml: Data connection information used by the JPA storage layers. The beans defined here will include database connection credentials and any other components that need to be defined for storage. -
crypto-config.xml: Cryptographic configuration, defines the server's signing and validation service. this requires parameters such as location of the server's private key file and the server's default signing key and algorithm. -
task-config.xml: Defines scheduled tasks that should be run repeatedly with a fixed-delay. In our master branch, we have 2 tasks defined: clear out expired tokens, and clear out expired ApprovedSite definitions. -
local-config.xml: Any remaining new bean definitions that don't fit existing categories but need to be added to the configuration. This is loaded last.