This repository has been archived by the owner on Jul 16, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
application.yml
76 lines (67 loc) · 4.86 KB
/
application.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
# The logging configuration. On a real server this will be a file url. e.g. file://{{ idensys_dir }}/logback.xml
logging:
config: classpath:logback.xml
level:
ps: DEBUG
org.springframework.security: DEBUG
server:
# The port to where this Spring Boot application listens to. e.g. http://localhost:{{ springapp_tcpport }}
port: 8080
# The context path of the server. You can skip this value in the overriding application.yml on the classpath
contextPath:
session:
cookie:
secure: false
# Identity Provider. The metadata_url can (and should) be a https resource
idp:
metadata_url: classpath:saml/idensys.metadata.saml.xml
verify_host_name: true
# metadata_url: https://eherkenning.digidentity-accept.eu/hm/eh19/metadata
# SAML MetaData feed with all allowed SPs. Can (and should) be a https resource
serviceproviders:
# feed: https://engine.test2.surfconext.nl/authentication/sp/metadata
feed: classpath:saml/eb.sp.metadata.xml
allow_unknown: false
# idensys
proxy:
# base url
base_url: http://localhost:8080
# Entity ID of the SP
entity_id: https://idensys.localhost.surfconext.nl
# Private key used to sign the SAML response
private_key: MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7zmyB3sTqGGTwuokkh75pQFVTqBYoYFsXPVqPl0299OqhNYpErfKnYYypyo3AMCxJJxZKLGwdF0JjeegyC9BbwTeXkwSOhRc39QRyIHuDsUkrq6imcKRQjMqn90JRXm6o1PMHz807CHL2zCCzgfvtgcBpeUDZ4+ba9q5/RAwsAl/KL3STdgbWyT16TIxOBzFStEt9QpAOfPiLwj39225WP7m/v/BJHV8MHwHGBg1WYX+H/ah5NSWJMSj/0XSoG+lriS9HObPpFP/BrfwTemvrxqbz7lvHozcVT6bJx+alz4IWYYU0ptMZEG2LCQjDK1rnkcY7EbiUqKQhe+l4S7TnAgMBAAECggEARHUlRl2+p5pGyR0luoQkm1cRA1KE6Sjea2U46ph7hR+Omz7Z7Nj/V5YOYSHtc73blrrBvD3fFueQkpQwWHXH+HpA2maDxbOr2ADfIv7GJyXrhximfC0ZKCd6A6n0qZZjffVJtXJA3CDjTyTvUp+yBkxCp+/D/Oi/ENfUmZ1jVnLS71pGPNemptRZWTkz/q6rm2bv8tQvCiRqGzta4iBVyCxo26j5cCzKKUd6qLCrsl3mcL+4JulKq5CRs9hTZN+obwOygnC6WBz557tbg6xafq7SEqlFu7w2KUd+dAcHXvPcYwgYKlYjPmaKu0ERzmCJYpxvzeTB4c53nt3Bq72XcQKBgQDpab6ZLjdEbIyHHGsCdl0zq/T2L8GaI/XpyOlJ916CuAmKq/bxtMxr8ChfPCI9vNS9Qmqli0hnR+dMLvQM25iRHYhnwN5AQluK8lW9JkU2seGVSGxAUQfK5lB192FoerIijzHELe5r+9x1YxEICSNqGj/l716jJuVnlG73ucxdiQKBgQDN+uGCqfK2Nvs+uX+1KJ416Skm9+Exmh5r9sX7+LyY4h5MDaAGdwP+KCxNbbPiQaCjuTuZqDi/Rk0Yk2ruoNrGfhMb951Q5nYNDvxPAuYezrJtPuVCpEp+pzGaS89hB/wFRvLEDehcxyHuumBCqKrD/DSKmC+b017Ebd99tBbS7wKBgH0p1ioADWTkrGqbQ4q7e/kEYcROEYwdcnXd5bNjMcv48izpT++G2wOacZu3/EiM5KtkXRnOWZIAjbhdiUMH0oUmiAnS85sTulEE6BMY3Y6ZznSltF681OfpnwXTFOnYuYMstCwV0T8YfLx51h0wAUyZLOCY/m+QoP1tLCAtAri5AoGAD5UxRk9RG1PhggdKkAv4nB99i4MpODVuo8BRjhRtQCurGxnUx2htlua3I0xvVWidnIVA6wj88guBfaB5cIAezPFwxKbg8ePdfnNpxxhzDFWazgT6FyaStC415HRjxfVyrXuGlipvL8Wo3YSgD6ru8FC+MNX+lA1TmAyv4bSkHWUCgYAGRhj6RjLGKs1nY5DIWe+M0hg90FwHNxiIbDgTkdPJ/gkqHUpgOLSPjzr3FKFxiNilzMTTjlB8KK1Mv2DMYN8DYYXKrxVmYOrJkNaCjK9e/WTJ0BEmWPNm+NmTvL8dhb/G+5gGqOA9y6zy7IdQ5Y9NMQA2col7dyaniW9+lRBKBw==
# Public certificate to verify the signature of the SAML response
certificate: MIIDPjCCAiagAwIBAgIJAKg3FyvbFyryMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNVBAoTE1NVUkZuZXQsIENOPUlkZW5zeXMwHhcNMTYwNjA5MDczODM3WhcNMjYwNjA5MDczODM3WjAeMRwwGgYDVQQKExNTVVJGbmV0LCBDTj1JZGVuc3lzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu85sgd7E6hhk8LqJJIe+aUBVU6gWKGBbFz1aj5dNvfTqoTWKRK3yp2GMqcqNwDAsSScWSixsHRdCY3noMgvQW8E3l5MEjoUXN/UEciB7g7FJK6uopnCkUIzKp/dCUV5uqNTzB8/NOwhy9swgs4H77YHAaXlA2ePm2vauf0QMLAJfyi90k3YG1sk9ekyMTgcxUrRLfUKQDnz4i8I9/dtuVj+5v7/wSR1fDB8BxgYNVmF/h/2oeTUliTEo/9F0qBvpa4kvRzmz6RT/wa38E3pr68am8+5bx6M3FU+mycfmpc+CFmGFNKbTGRBtiwkIwyta55HGOxG4lKikIXvpeEu05wIDAQABo38wfTAdBgNVHQ4EFgQUg62VZtg/0Vnz7x5PM/IIU5oPYfAwTgYDVR0jBEcwRYAUg62VZtg/0Vnz7x5PM/IIU5oPYfChIqQgMB4xHDAaBgNVBAoTE1NVUkZuZXQsIENOPUlkZW5zeXOCCQCoNxcr2xcq8jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCEPnyvxcsOL1ZakINodIPNjMfSSqh9aVEW231Luaz/1ow81YfW8woIMOl2VAT7bp6BEVkYS91qdOxynVV+CKjaLLhR+zNC2mLW8whv4ZDt4arCBUWHjEUXLGhFTqE+0tofaWtUsXAWrJFOPGbq2EvLRIza2o4JSI6cIO97q2f5VrDwyNHO3QiEdTBBBbbCtx526W56IlVlxX1lRFR05q6gzmprMf0lkoX/EBq3ELtpEhd5Z2d5V59GXsgNbe+oW6BVUGSsbwk4yyQcx39338Qfl9k1WpjAXIFnRzT4npy/M5JIfg6p1kN9nygrhpoHBEhQ160h7hLjHQb6Qnbqv5Pw
# Passphrase of the keystore
passphrase: secret
# ACS location
acs_location: http://localhost:8080/saml/SSO
# duration of metadata cache (1 day)
validity_duration_metadata_ms: 86400000
# value of the keyName in the KeyDescriptor
key_name: whatever-configurable
# the resource location of the metadata for the SP
metadata_resource_sp: classpath:saml/idensys.proxy.sp.metadata.xml
# You can skip all the key-value pairs below in the overriding application.yml on the classpath
spring:
mvc:
favicon:
enabled: false
velocity:
check-template-location: False
# 8 hours before we time-out
session-timeout: 28800
# We disable all endpoints except health for the load-balancer and info for git information.
endpoints:
enabled: false
jmx:
enabled: false
health:
enabled: true
info:
enabled: true
# used by the git plugin
info:
build:
artifact: "@project.artifactId@"
version: "@project.version@"