forked from community/device-mgt-core
parent
532a310025
commit
082c60e973
3
components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticatorFrameworkDataHolder.java → components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
3
components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/AuthenticatorFrameworkDataHolder.java → components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/AuthenticatorFrameworkDataHolder.java
@ -0,0 +1,50 @@
|
||||
package org.wso2.carbon.webapp.authenticator.framework;
|
||||
|
||||
import org.testng.annotations.BeforeSuite;
|
||||
import org.wso2.carbon.CarbonConstants;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.device.mgt.core.internal.DeviceManagementDataHolder;
|
||||
import org.wso2.carbon.device.mgt.core.permission.mgt.PermissionUtils;
|
||||
import org.wso2.carbon.registry.core.exceptions.RegistryException;
|
||||
import org.wso2.carbon.registry.core.jdbc.realm.InMemoryRealmService;
|
||||
import org.wso2.carbon.user.api.Permission;
|
||||
import org.wso2.carbon.user.api.UserStoreException;
|
||||
import org.wso2.carbon.user.api.UserStoreManager;
|
||||
import org.wso2.carbon.user.core.service.RealmService;
|
||||
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.internal.AuthenticatorFrameworkDataHolder;
|
||||
|
||||
import java.io.File;
|
||||
import java.net.URL;
|
||||
|
||||
import static org.wso2.carbon.security.SecurityConstants.ADMIN_USER;
|
||||
import static org.wso2.carbon.utils.ServerConstants.ADMIN_ROLE;
|
||||
|
||||
/**
|
||||
* This is the base class for starting up the relevant services
|
||||
*/
|
||||
public class BaseWebAppAuthenticatorFrameworkTest {
|
||||
public final static String AUTHORIZATION_HEADER = "Authorization";
|
||||
|
||||
@BeforeSuite
|
||||
public void init() throws RegistryException, UserStoreException {
|
||||
ClassLoader classLoader = getClass().getClassLoader();
|
||||
URL resourceUrl = classLoader.getResource("carbon-home");
|
||||
if (resourceUrl != null) {
|
||||
File carbonHome = new File(resourceUrl.getFile());
|
||||
System.setProperty("carbon.home", carbonHome.getAbsolutePath());
|
||||
}
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext()
|
||||
.setTenantDomain(org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext()
|
||||
.setTenantId(org.wso2.carbon.base.MultitenantConstants.SUPER_TENANT_ID);
|
||||
RealmService realmService = new InMemoryRealmService();
|
||||
AuthenticatorFrameworkDataHolder.getInstance().setRealmService(realmService);
|
||||
UserStoreManager userStoreManager = AuthenticatorFrameworkDataHolder.getInstance().getRealmService()
|
||||
.getTenantUserRealm(MultitenantConstants.SUPER_TENANT_ID).getUserStoreManager();
|
||||
Permission adminPermission = new Permission(PermissionUtils.ADMIN_PERMISSION_REGISTRY_PATH,
|
||||
CarbonConstants.UI_PERMISSION_ACTION);
|
||||
userStoreManager.addRole(ADMIN_ROLE + "t", new String[] { ADMIN_USER }, new Permission[] { adminPermission });
|
||||
|
||||
}
|
||||
}
|
@ -0,0 +1,92 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
|
||||
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeTest;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.authenticator.oauth.OAuth2TokenValidator;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* This is a test class for {@link BSTAuthenticator}.
|
||||
*/
|
||||
public class BSTAuthenticatorTest {
|
||||
private BSTAuthenticator bstAuthenticator;
|
||||
private Properties properties;
|
||||
|
||||
@BeforeTest
|
||||
public void init() {
|
||||
bstAuthenticator = new BSTAuthenticator();
|
||||
properties = new Properties();
|
||||
}
|
||||
|
||||
@Test(description = "This test case is used to test the behaviour of BST Authenticator when the properties are "
|
||||
+ "null", expectedExceptions = {IllegalArgumentException.class},
|
||||
expectedExceptionsMessageRegExp = "Required properties needed to initialize OAuthAuthenticator are "
|
||||
+ "not provided")
|
||||
public void testInitWithoutProperties() {
|
||||
bstAuthenticator.init();
|
||||
}
|
||||
|
||||
@Test(description = "This test case is used to test the behaviour of BST Authenticator when the token validation "
|
||||
+ "urlproperty is not set ", expectedExceptions = {IllegalArgumentException.class},
|
||||
expectedExceptionsMessageRegExp = "OAuth token validation endpoint url is not provided",
|
||||
dependsOnMethods = {"testInitWithoutProperties"})
|
||||
public void testInitWithoutTokenValidationUrl() {
|
||||
bstAuthenticator.setProperties(properties);
|
||||
bstAuthenticator.init();
|
||||
}
|
||||
|
||||
@Test(description = "This test case is used to test the behaviour of BST Authenticator when the user "
|
||||
+ "name is not set", expectedExceptions = {IllegalArgumentException.class},
|
||||
expectedExceptionsMessageRegExp = "Username to connect to the OAuth token validation "
|
||||
+ "endpoint is not provided", dependsOnMethods = {"testInitWithoutTokenValidationUrl"})
|
||||
public void testInitWithoutUserName() {
|
||||
properties.setProperty("TokenValidationEndpointUrl", "test");
|
||||
bstAuthenticator.setProperties(properties);
|
||||
bstAuthenticator.init();
|
||||
}
|
||||
|
||||
@Test(description = "This test case is used to test the behaviour of BST Authenticator when the password "
|
||||
+ "name is not set", expectedExceptions = {IllegalArgumentException.class},
|
||||
expectedExceptionsMessageRegExp = "Password to connect to the OAuth token validation endpoint is "
|
||||
+ "not provided", dependsOnMethods = {"testInitWithoutUserName"})
|
||||
public void testInitWithoutPassword() {
|
||||
properties.setProperty("Username", "admin");
|
||||
bstAuthenticator.setProperties(properties);
|
||||
bstAuthenticator.init();
|
||||
}
|
||||
|
||||
@Test(description = "This test case is used to test the behaviour of BST Authenticator when all the required "
|
||||
+ "properties are set correctly", dependsOnMethods = {"testInitWithoutPassword"})
|
||||
public void testInitWithRemote() throws NoSuchFieldException, IllegalAccessException {
|
||||
properties.setProperty("Password", "admin");
|
||||
bstAuthenticator.setProperties(properties);
|
||||
bstAuthenticator.init();
|
||||
Field tokenValidator = BSTAuthenticator.class.getDeclaredField("tokenValidator");
|
||||
tokenValidator.setAccessible(true);
|
||||
OAuth2TokenValidator oAuth2TokenValidator = (OAuth2TokenValidator) tokenValidator.get(bstAuthenticator);
|
||||
Assert.assertNotNull(oAuth2TokenValidator, "Token validation creation failed even with the required "
|
||||
+ "parameters.");
|
||||
}
|
||||
}
|
@ -1,41 +1,154 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.webapp.authenticator.framework.authenticator;
|
||||
|
||||
import org.apache.catalina.Context;
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.catalina.core.StandardContext;
|
||||
import org.apache.commons.codec.EncoderException;
|
||||
import org.apache.tomcat.util.buf.MessageBytes;
|
||||
import org.apache.tomcat.util.http.MimeHeaders;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeTest;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.AuthenticationInfo;
|
||||
import org.wso2.carbon.webapp.authenticator.framework.BaseWebAppAuthenticatorFrameworkTest;
|
||||
|
||||
import java.lang.reflect.Constructor;
|
||||
import java.lang.reflect.Field;
|
||||
import java.lang.reflect.InvocationTargetException;
|
||||
import java.util.Base64;
|
||||
|
||||
import static org.wso2.carbon.security.SecurityConstants.ADMIN_USER;
|
||||
|
||||
/**
|
||||
* This is a test case for {@link BasicAuthAuthenticator}.
|
||||
*/
|
||||
public class BasicAuthAuthenticatorTest {
|
||||
@Test
|
||||
public void testCanHandle()
|
||||
private BasicAuthAuthenticator basicAuthAuthenticator;
|
||||
private Field headersField;
|
||||
private Context context;
|
||||
private Request request;
|
||||
private MimeHeaders mimeHeaders;
|
||||
private org.apache.coyote.Request coyoteRequest;
|
||||
private MessageBytes bytes;
|
||||
|
||||
@BeforeTest
|
||||
public void init() throws NoSuchFieldException {
|
||||
basicAuthAuthenticator = new BasicAuthAuthenticator();
|
||||
headersField = org.apache.coyote.Request.class.getDeclaredField("headers");
|
||||
headersField.setAccessible(true);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the behaviour of canHandle method when different wrong values given for a "
|
||||
+ "request")
|
||||
public void testCanHandleWithoutRequireParameters()
|
||||
throws NoSuchFieldException, IllegalAccessException, ClassNotFoundException, NoSuchMethodException,
|
||||
InvocationTargetException, InstantiationException {
|
||||
Request request = new Request();
|
||||
Context context = new StandardContext();
|
||||
request = new Request();
|
||||
context = new StandardContext();
|
||||
request.setContext(context);
|
||||
Assert.assertFalse(basicAuthAuthenticator.canHandle(request),
|
||||
"Without proper headers and parameters, the request can be handled by BasicAuthAuthenticator.");
|
||||
context.addParameter("basicAuth", "true");
|
||||
request.setContext(context);
|
||||
org.apache.coyote.Request coyoteRequest = new org.apache.coyote.Request();
|
||||
Field headers = org.apache.coyote.Request.class.getDeclaredField("headers");
|
||||
headers.setAccessible(true);
|
||||
Assert.assertFalse(basicAuthAuthenticator.canHandle(request),
|
||||
"Without proper Authentication headers request can be handled by BasicAuthAuthenticator.");
|
||||
coyoteRequest = new org.apache.coyote.Request();
|
||||
mimeHeaders = new MimeHeaders();
|
||||
bytes = mimeHeaders.addValue("Authorization");
|
||||
bytes.setString("test");
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
Assert.assertFalse(basicAuthAuthenticator.canHandle(request),
|
||||
"With a different authorization header Basic Authenticator can handle the request");
|
||||
|
||||
Field mimeHeaderField = MimeHeaders.class.getDeclaredField("headers");
|
||||
mimeHeaderField.setAccessible(true);
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the canHandle method when all the required parameters are given with the "
|
||||
+ "request", dependsOnMethods = {"testCanHandleWithoutRequireParameters"})
|
||||
public void testCanHandleWithRequireParameters() throws IllegalAccessException {
|
||||
request = new Request();
|
||||
context = new StandardContext();
|
||||
context.addParameter("basicAuth", "true");
|
||||
request.setContext(context);
|
||||
mimeHeaders = new MimeHeaders();
|
||||
bytes = mimeHeaders.addValue("Authorization");
|
||||
bytes.setString("basic ");
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
Assert.assertTrue(basicAuthAuthenticator.canHandle(request),
|
||||
"Basic Authenticator cannot handle a request with all the required headers and parameters.");
|
||||
}
|
||||
|
||||
MimeHeaders mimeHeaders = new MimeHeaders();
|
||||
MessageBytes bytes = mimeHeaders.addValue("Authorization");
|
||||
bytes.setString("test");
|
||||
// mimeHeaders.setValue()
|
||||
headers.set(coyoteRequest, mimeHeaders);
|
||||
@Test(description = "This method tests the behaviour of the authenticate method in BasicAuthenticator with valid "
|
||||
+ "credentials", dependsOnMethods = "testCanHandleWithRequireParameters")
|
||||
public void testAuthenticateWithValidCredentials() throws EncoderException, IllegalAccessException {
|
||||
String encodedString = new String(Base64.getEncoder().encode((ADMIN_USER + ":" + ADMIN_USER).getBytes()));
|
||||
request = new Request();
|
||||
context = new StandardContext();
|
||||
context.addParameter("basicAuth", "true");
|
||||
request.setContext(context);
|
||||
mimeHeaders = new MimeHeaders();
|
||||
bytes = mimeHeaders.addValue(BaseWebAppAuthenticatorFrameworkTest.AUTHORIZATION_HEADER);
|
||||
bytes.setString("basic " + encodedString);
|
||||
coyoteRequest = new org.apache.coyote.Request();
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
AuthenticationInfo authenticationInfo = basicAuthAuthenticator.authenticate(request, null);
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.CONTINUE,
|
||||
"For a valid user authentication failed.");
|
||||
Assert.assertEquals(authenticationInfo.getUsername(), ADMIN_USER,
|
||||
"Authenticated username for from BasicAuthenticator is not matching with the original user.");
|
||||
Assert.assertEquals(authenticationInfo.getTenantDomain(), MultitenantConstants.SUPER_TENANT_DOMAIN_NAME,
|
||||
"Authenticated user's tenant domain from BasicAuthenticator is not matching with the "
|
||||
+ "original user's tenant domain");
|
||||
Assert.assertEquals(authenticationInfo.getTenantId(), MultitenantConstants.SUPER_TENANT_ID,
|
||||
"Authenticated user's tenant ID from BasicAuthenticator is not matching with the "
|
||||
+ "original user's tenant ID");
|
||||
}
|
||||
|
||||
@Test(description = "This method tests the behaviour of the authenticate method in BasicAuthenticator with "
|
||||
+ "in-valid credentials", dependsOnMethods = {"testAuthenticateWithValidCredentials"})
|
||||
public void testAuthenticateWithWrongCredentials() throws IllegalAccessException {
|
||||
String encodedString = new String(Base64.getEncoder().encode((ADMIN_USER + ":test" + ADMIN_USER).getBytes()));
|
||||
mimeHeaders = new MimeHeaders();
|
||||
bytes = mimeHeaders.addValue(BaseWebAppAuthenticatorFrameworkTest.AUTHORIZATION_HEADER);
|
||||
bytes.setString("basic " + encodedString);
|
||||
coyoteRequest = new org.apache.coyote.Request();
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
BasicAuthAuthenticator basicAuthAuthenticator = new BasicAuthAuthenticator();
|
||||
basicAuthAuthenticator.canHandle(request);
|
||||
AuthenticationInfo authenticationInfo = basicAuthAuthenticator.authenticate(request, null);
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||
"For a wrong credentials authentication succeeded.");
|
||||
|
||||
encodedString = new String(Base64.getEncoder().encode((ADMIN_USER).getBytes()));
|
||||
mimeHeaders = new MimeHeaders();
|
||||
bytes = mimeHeaders.addValue(BaseWebAppAuthenticatorFrameworkTest.AUTHORIZATION_HEADER);
|
||||
bytes.setString("basic " + encodedString);
|
||||
coyoteRequest = new org.apache.coyote.Request();
|
||||
headersField.set(coyoteRequest, mimeHeaders);
|
||||
request.setCoyoteRequest(coyoteRequest);
|
||||
authenticationInfo = basicAuthAuthenticator.authenticate(request, null);
|
||||
Assert.assertEquals(authenticationInfo.getStatus(), WebappAuthenticator.Status.FAILURE,
|
||||
"For a request with missing password authentication succeeded.");
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,429 @@
|
||||
CREATE TABLE IF NOT EXISTS REG_CLUSTER_LOCK (
|
||||
REG_LOCK_NAME VARCHAR (20),
|
||||
REG_LOCK_STATUS VARCHAR (20),
|
||||
REG_LOCKED_TIME TIMESTAMP,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (REG_LOCK_NAME)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_LOG (
|
||||
REG_LOG_ID INTEGER AUTO_INCREMENT,
|
||||
REG_PATH VARCHAR (2000),
|
||||
REG_USER_ID VARCHAR (31) NOT NULL,
|
||||
REG_LOGGED_TIME TIMESTAMP NOT NULL,
|
||||
REG_ACTION INTEGER NOT NULL,
|
||||
REG_ACTION_DATA VARCHAR (500),
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (REG_LOG_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE INDEX IF NOT EXISTS REG_LOG_IND_BY_REG_LOGTIME ON REG_LOG(REG_LOGGED_TIME, REG_TENANT_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_PATH(
|
||||
REG_PATH_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_PATH_VALUE VARCHAR(2000) NOT NULL,
|
||||
REG_PATH_PARENT_ID INT,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_PATH PRIMARY KEY(REG_PATH_ID, REG_TENANT_ID)
|
||||
);
|
||||
CREATE INDEX IF NOT EXISTS REG_PATH_IND_BY_NAME ON REG_PATH(REG_PATH_VALUE, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_PATH_IND_BY_PARENT_ID ON REG_PATH(REG_PATH_PARENT_ID, REG_TENANT_ID);
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_CONTENT (
|
||||
REG_CONTENT_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_CONTENT_DATA LONGBLOB,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_CONTENT PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_CONTENT_HISTORY (
|
||||
REG_CONTENT_ID INTEGER NOT NULL,
|
||||
REG_CONTENT_DATA LONGBLOB,
|
||||
REG_DELETED SMALLINT,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_CONTENT_HISTORY PRIMARY KEY(REG_CONTENT_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RESOURCE (
|
||||
REG_PATH_ID INTEGER NOT NULL,
|
||||
REG_NAME VARCHAR(256),
|
||||
REG_VERSION INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_MEDIA_TYPE VARCHAR(500),
|
||||
REG_CREATOR VARCHAR(31) NOT NULL,
|
||||
REG_CREATED_TIME TIMESTAMP NOT NULL,
|
||||
REG_LAST_UPDATOR VARCHAR(31),
|
||||
REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL,
|
||||
REG_DESCRIPTION VARCHAR(1000),
|
||||
REG_CONTENT_ID INTEGER,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
REG_UUID VARCHAR(100) NOT NULL,
|
||||
CONSTRAINT PK_REG_RESOURCE PRIMARY KEY(REG_VERSION, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
ALTER TABLE REG_RESOURCE ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
ALTER TABLE REG_RESOURCE ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT (REG_CONTENT_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_NAME ON REG_RESOURCE(REG_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_PATH_ID_NAME ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_UUID ON REG_RESOURCE(REG_UUID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_TENANT ON REG_RESOURCE(REG_TENANT_ID, REG_UUID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_IND_BY_TYPE ON REG_RESOURCE(REG_TENANT_ID, REG_MEDIA_TYPE);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RESOURCE_HISTORY (
|
||||
REG_PATH_ID INTEGER NOT NULL,
|
||||
REG_NAME VARCHAR(256),
|
||||
REG_VERSION INTEGER NOT NULL,
|
||||
REG_MEDIA_TYPE VARCHAR(500),
|
||||
REG_CREATOR VARCHAR(31) NOT NULL,
|
||||
REG_CREATED_TIME TIMESTAMP NOT NULL,
|
||||
REG_LAST_UPDATOR VARCHAR(31),
|
||||
REG_LAST_UPDATED_TIME TIMESTAMP NOT NULL,
|
||||
REG_DESCRIPTION VARCHAR(1000),
|
||||
REG_CONTENT_ID INTEGER,
|
||||
REG_DELETED SMALLINT,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
REG_UUID VARCHAR(100) NOT NULL,
|
||||
CONSTRAINT PK_REG_RESOURCE_HISTORY PRIMARY KEY(REG_VERSION, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_HIST_FK_BY_PATHID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
ALTER TABLE REG_RESOURCE_HISTORY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_HIST_FK_BY_CONTENT_ID FOREIGN KEY (REG_CONTENT_ID, REG_TENANT_ID) REFERENCES REG_CONTENT_HISTORY (REG_CONTENT_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_HISTORY_IND_BY_NAME ON REG_RESOURCE_HISTORY(REG_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_HISTORY_IND_BY_PATH_ID_NAME ON REG_RESOURCE(REG_PATH_ID, REG_NAME, REG_TENANT_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_COMMENT (
|
||||
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_COMMENT_TEXT VARCHAR(500) NOT NULL,
|
||||
REG_USER_ID VARCHAR(31) NOT NULL,
|
||||
REG_COMMENTED_TIME TIMESTAMP NOT NULL,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_COMMENT PRIMARY KEY(REG_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RESOURCE_COMMENT (
|
||||
REG_COMMENT_ID INTEGER NOT NULL,
|
||||
REG_VERSION INTEGER,
|
||||
REG_PATH_ID INTEGER,
|
||||
REG_RESOURCE_NAME VARCHAR(256),
|
||||
REG_TENANT_ID INTEGER DEFAULT 0
|
||||
);
|
||||
|
||||
ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_COMMENT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
ALTER TABLE REG_RESOURCE_COMMENT ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_COMMENT_FK_BY_COMMENT_ID FOREIGN KEY (REG_COMMENT_ID, REG_TENANT_ID) REFERENCES REG_COMMENT (REG_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_COMMENT_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_COMMENT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_COMMENT_IND_BY_VERSION ON REG_RESOURCE_COMMENT(REG_VERSION, REG_TENANT_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RATING (
|
||||
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_RATING INTEGER NOT NULL,
|
||||
REG_USER_ID VARCHAR(31) NOT NULL,
|
||||
REG_RATED_TIME TIMESTAMP NOT NULL,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_RATING PRIMARY KEY(REG_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RESOURCE_RATING (
|
||||
REG_RATING_ID INTEGER NOT NULL,
|
||||
REG_VERSION INTEGER,
|
||||
REG_PATH_ID INTEGER,
|
||||
REG_RESOURCE_NAME VARCHAR(256),
|
||||
REG_TENANT_ID INTEGER DEFAULT 0
|
||||
);
|
||||
|
||||
ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_RATING_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
ALTER TABLE REG_RESOURCE_RATING ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_RATING_FK_BY_RATING_ID FOREIGN KEY (REG_RATING_ID, REG_TENANT_ID) REFERENCES REG_RATING (REG_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_RATING_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_RATING(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_RATING_IND_BY_VERSION ON REG_RESOURCE_RATING(REG_VERSION, REG_TENANT_ID);
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_TAG (
|
||||
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_TAG_NAME VARCHAR(500) NOT NULL,
|
||||
REG_USER_ID VARCHAR(31) NOT NULL,
|
||||
REG_TAGGED_TIME TIMESTAMP NOT NULL,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_TAG PRIMARY KEY(REG_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RESOURCE_TAG (
|
||||
REG_TAG_ID INTEGER NOT NULL,
|
||||
REG_VERSION INTEGER,
|
||||
REG_PATH_ID INTEGER,
|
||||
REG_RESOURCE_NAME VARCHAR(256),
|
||||
REG_TENANT_ID INTEGER DEFAULT 0
|
||||
);
|
||||
|
||||
ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_TAG_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
ALTER TABLE REG_RESOURCE_TAG ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_TAG_FK_BY_TAG_ID FOREIGN KEY (REG_TAG_ID, REG_TENANT_ID) REFERENCES REG_TAG (REG_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_TAG_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_TAG(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_TAG_IND_BY_VERSION ON REG_RESOURCE_TAG(REG_VERSION, REG_TENANT_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_PROPERTY (
|
||||
REG_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_NAME VARCHAR(100) NOT NULL,
|
||||
REG_VALUE VARCHAR(1000),
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_PROPERTY PRIMARY KEY(REG_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_RESOURCE_PROPERTY (
|
||||
REG_PROPERTY_ID INTEGER NOT NULL,
|
||||
REG_VERSION INTEGER,
|
||||
REG_PATH_ID INTEGER,
|
||||
REG_RESOURCE_NAME VARCHAR(256),
|
||||
REG_TENANT_ID INTEGER DEFAULT 0
|
||||
);
|
||||
|
||||
ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_PROPERTY_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
ALTER TABLE REG_RESOURCE_PROPERTY ADD CONSTRAINT IF NOT EXISTS REG_RESOURCE_PROPERTY_FK_BY_TAG_ID FOREIGN KEY (REG_PROPERTY_ID, REG_TENANT_ID) REFERENCES REG_PROPERTY (REG_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_PROPERTY_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_RESOURCE_PROPERTY(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_RESOURCE_PROPERTY_IND_BY_VERSION ON REG_RESOURCE_PROPERTY(REG_VERSION, REG_TENANT_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_ASSOCIATION (
|
||||
REG_ASSOCIATION_ID INTEGER AUTO_INCREMENT,
|
||||
REG_SOURCEPATH VARCHAR (2000) NOT NULL,
|
||||
REG_TARGETPATH VARCHAR (2000) NOT NULL,
|
||||
REG_ASSOCIATION_TYPE VARCHAR (2000) NOT NULL,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (REG_ASSOCIATION_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS REG_SNAPSHOT (
|
||||
REG_SNAPSHOT_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
REG_PATH_ID INTEGER NOT NULL,
|
||||
REG_RESOURCE_NAME VARCHAR (256),
|
||||
REG_RESOURCE_VIDS LONGBLOB NOT NULL,
|
||||
REG_TENANT_ID INTEGER DEFAULT 0,
|
||||
CONSTRAINT PK_REG_SNAPSHOT PRIMARY KEY(REG_SNAPSHOT_ID, REG_TENANT_ID)
|
||||
);
|
||||
|
||||
ALTER TABLE REG_SNAPSHOT ADD CONSTRAINT IF NOT EXISTS REG_SNAPSHOT_FK_BY_PATH_ID FOREIGN KEY (REG_PATH_ID, REG_TENANT_ID) REFERENCES REG_PATH (REG_PATH_ID, REG_TENANT_ID);
|
||||
CREATE INDEX IF NOT EXISTS REG_SNAPSHOT_IND_BY_PATH_ID_AND_RESOURCE_NAME ON REG_SNAPSHOT(REG_PATH_ID, REG_RESOURCE_NAME, REG_TENANT_ID);
|
||||
|
||||
-- ################################
|
||||
-- USER MANAGER TABLES
|
||||
-- ################################
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_TENANT (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_DOMAIN_NAME VARCHAR(255) NOT NULL,
|
||||
UM_EMAIL VARCHAR(255),
|
||||
UM_ACTIVE BOOLEAN DEFAULT FALSE,
|
||||
UM_CREATED_DATE TIMESTAMP NOT NULL,
|
||||
UM_USER_CONFIG LONGBLOB NOT NULL,
|
||||
PRIMARY KEY (UM_ID),
|
||||
UNIQUE(UM_DOMAIN_NAME));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_DOMAIN(
|
||||
UM_DOMAIN_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_DOMAIN_NAME VARCHAR(255),
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_DOMAIN_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE INDEX IF NOT EXISTS INDEX_UM_TENANT_UM_DOMAIN_NAME ON UM_TENANT (UM_DOMAIN_NAME);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_USER (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_USER_NAME VARCHAR(255) NOT NULL,
|
||||
UM_USER_PASSWORD VARCHAR(255) NOT NULL,
|
||||
UM_SALT_VALUE VARCHAR(31),
|
||||
UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE,
|
||||
UM_CHANGED_TIME TIMESTAMP NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID),
|
||||
UNIQUE(UM_USER_NAME, UM_TENANT_ID));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_SYSTEM_USER (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_USER_NAME VARCHAR(255) NOT NULL,
|
||||
UM_USER_PASSWORD VARCHAR(255) NOT NULL,
|
||||
UM_SALT_VALUE VARCHAR(31),
|
||||
UM_REQUIRE_CHANGE BOOLEAN DEFAULT FALSE,
|
||||
UM_CHANGED_TIME TIMESTAMP NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID),
|
||||
UNIQUE(UM_USER_NAME, UM_TENANT_ID));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_USER_ATTRIBUTE (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_ATTR_NAME VARCHAR(255) NOT NULL,
|
||||
UM_ATTR_VALUE VARCHAR(1024),
|
||||
UM_PROFILE_ID VARCHAR(255),
|
||||
UM_USER_ID INTEGER,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID),
|
||||
FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID));
|
||||
|
||||
CREATE INDEX IF NOT EXISTS UM_USER_ID_INDEX ON UM_USER_ATTRIBUTE(UM_USER_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_ROLE (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_ROLE_NAME VARCHAR(255) NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UM_SHARED_ROLE BOOLEAN DEFAULT FALSE,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID),
|
||||
UNIQUE(UM_ROLE_NAME, UM_TENANT_ID));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_MODULE(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_MODULE_NAME VARCHAR(100),
|
||||
UNIQUE(UM_MODULE_NAME),
|
||||
PRIMARY KEY(UM_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_MODULE_ACTIONS(
|
||||
UM_ACTION VARCHAR(255) NOT NULL,
|
||||
UM_MODULE_ID INTEGER NOT NULL,
|
||||
PRIMARY KEY(UM_ACTION, UM_MODULE_ID),
|
||||
FOREIGN KEY (UM_MODULE_ID) REFERENCES UM_MODULE(UM_ID) ON DELETE CASCADE
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_PERMISSION (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_RESOURCE_ID VARCHAR(255) NOT NULL,
|
||||
UM_ACTION VARCHAR(255) NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UM_MODULE_ID INTEGER DEFAULT 0,
|
||||
UNIQUE(UM_RESOURCE_ID,UM_ACTION, UM_TENANT_ID),
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID));
|
||||
|
||||
CREATE INDEX IF NOT EXISTS INDEX_UM_PERMISSION_UM_RESOURCE_ID_UM_ACTION ON UM_PERMISSION (UM_RESOURCE_ID, UM_ACTION, UM_TENANT_ID);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_ROLE_PERMISSION (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_PERMISSION_ID INTEGER NOT NULL,
|
||||
UM_ROLE_NAME VARCHAR(255) NOT NULL,
|
||||
UM_IS_ALLOWED SMALLINT NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UM_DOMAIN_ID INTEGER,
|
||||
FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE,
|
||||
FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_USER_PERMISSION (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_PERMISSION_ID INTEGER NOT NULL,
|
||||
UM_USER_NAME VARCHAR(255) NOT NULL,
|
||||
UM_IS_ALLOWED SMALLINT NOT NULL,
|
||||
UNIQUE (UM_PERMISSION_ID, UM_USER_NAME, UM_TENANT_ID),
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
FOREIGN KEY (UM_PERMISSION_ID, UM_TENANT_ID) REFERENCES UM_PERMISSION(UM_ID, UM_TENANT_ID) ON DELETE CASCADE,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID));
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_USER_ROLE (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_ROLE_ID INTEGER NOT NULL,
|
||||
UM_USER_ID INTEGER NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UNIQUE (UM_USER_ID, UM_ROLE_ID, UM_TENANT_ID),
|
||||
FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_ROLE(UM_ID, UM_TENANT_ID),
|
||||
FOREIGN KEY (UM_USER_ID, UM_TENANT_ID) REFERENCES UM_USER(UM_ID, UM_TENANT_ID),
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID));
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_SHARED_USER_ROLE(
|
||||
UM_ROLE_ID INTEGER NOT NULL,
|
||||
UM_USER_ID INTEGER NOT NULL,
|
||||
UM_USER_TENANT_ID INTEGER NOT NULL,
|
||||
UM_ROLE_TENANT_ID INTEGER NOT NULL,
|
||||
UNIQUE(UM_USER_ID,UM_ROLE_ID,UM_USER_TENANT_ID, UM_ROLE_TENANT_ID),
|
||||
FOREIGN KEY(UM_ROLE_ID,UM_ROLE_TENANT_ID) REFERENCES UM_ROLE(UM_ID,UM_TENANT_ID) ON DELETE CASCADE ,
|
||||
FOREIGN KEY(UM_USER_ID,UM_USER_TENANT_ID) REFERENCES UM_USER(UM_ID,UM_TENANT_ID) ON DELETE CASCADE
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_ACCOUNT_MAPPING(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_USER_NAME VARCHAR(255) NOT NULL,
|
||||
UM_TENANT_ID INTEGER NOT NULL,
|
||||
UM_USER_STORE_DOMAIN VARCHAR(100),
|
||||
UM_ACC_LINK_ID INTEGER NOT NULL,
|
||||
UNIQUE(UM_USER_NAME, UM_TENANT_ID, UM_USER_STORE_DOMAIN, UM_ACC_LINK_ID),
|
||||
FOREIGN KEY (UM_TENANT_ID) REFERENCES UM_TENANT(UM_ID) ON DELETE CASCADE,
|
||||
PRIMARY KEY (UM_ID)
|
||||
);
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_DIALECT(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_DIALECT_URI VARCHAR(255) NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UNIQUE(UM_DIALECT_URI, UM_TENANT_ID),
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_CLAIM(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_DIALECT_ID INTEGER NOT NULL,
|
||||
UM_CLAIM_URI VARCHAR(255) NOT NULL,
|
||||
UM_DISPLAY_TAG VARCHAR(255),
|
||||
UM_DESCRIPTION VARCHAR(255),
|
||||
UM_MAPPED_ATTRIBUTE_DOMAIN VARCHAR(255),
|
||||
UM_MAPPED_ATTRIBUTE VARCHAR(255),
|
||||
UM_REG_EX VARCHAR(255),
|
||||
UM_SUPPORTED SMALLINT,
|
||||
UM_REQUIRED SMALLINT,
|
||||
UM_DISPLAY_ORDER INTEGER,
|
||||
UM_CHECKED_ATTRIBUTE SMALLINT,
|
||||
UM_READ_ONLY SMALLINT,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UNIQUE(UM_DIALECT_ID, UM_CLAIM_URI,UM_MAPPED_ATTRIBUTE_DOMAIN, UM_TENANT_ID),
|
||||
FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID),
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_PROFILE_CONFIG(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_DIALECT_ID INTEGER,
|
||||
UM_PROFILE_NAME VARCHAR(255),
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
FOREIGN KEY(UM_DIALECT_ID, UM_TENANT_ID) REFERENCES UM_DIALECT(UM_ID, UM_TENANT_ID),
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_HYBRID_ROLE(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_ROLE_NAME VARCHAR(255),
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_HYBRID_USER_ROLE(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_USER_NAME VARCHAR(255),
|
||||
UM_ROLE_ID INTEGER NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UM_DOMAIN_ID INTEGER,
|
||||
UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID,UM_DOMAIN_ID),
|
||||
FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_HYBRID_ROLE(UM_ID, UM_TENANT_ID) ON DELETE CASCADE,
|
||||
FOREIGN KEY (UM_DOMAIN_ID, UM_TENANT_ID) REFERENCES UM_DOMAIN(UM_DOMAIN_ID, UM_TENANT_ID) ON DELETE CASCADE,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_HYBRID_REMEMBER_ME (
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_USER_NAME VARCHAR(255) NOT NULL,
|
||||
UM_COOKIE_VALUE VARCHAR(1024),
|
||||
UM_CREATED_TIME TIMESTAMP,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_SYSTEM_ROLE(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_ROLE_NAME VARCHAR(255),
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS UM_SYSTEM_USER_ROLE(
|
||||
UM_ID INTEGER NOT NULL AUTO_INCREMENT,
|
||||
UM_USER_NAME VARCHAR(255),
|
||||
UM_ROLE_ID INTEGER NOT NULL,
|
||||
UM_TENANT_ID INTEGER DEFAULT 0,
|
||||
UNIQUE (UM_USER_NAME, UM_ROLE_ID, UM_TENANT_ID),
|
||||
FOREIGN KEY (UM_ROLE_ID, UM_TENANT_ID) REFERENCES UM_SYSTEM_ROLE(UM_ID, UM_TENANT_ID),
|
||||
PRIMARY KEY (UM_ID, UM_TENANT_ID)
|
||||
);
|
@ -0,0 +1,656 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
|
||||
<!--
|
||||
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<!--
|
||||
This is the main server configuration file
|
||||
|
||||
${carbon.home} represents the carbon.home system property.
|
||||
Other system properties can be specified in a similar manner.
|
||||
-->
|
||||
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
|
||||
|
||||
<!--
|
||||
Product Name
|
||||
-->
|
||||
<Name>${product.name}</Name>
|
||||
|
||||
<!--
|
||||
machine readable unique key to identify each product
|
||||
-->
|
||||
<ServerKey>${product.key}</ServerKey>
|
||||
|
||||
<!--
|
||||
Product Version
|
||||
-->
|
||||
<Version>${product.version}</Version>
|
||||
|
||||
<!--
|
||||
Host name or IP address of the machine hosting this server
|
||||
e.g. www.wso2.org, 192.168.1.10
|
||||
This is will become part of the End Point Reference of the
|
||||
services deployed on this server instance.
|
||||
-->
|
||||
<!--HostName>www.wso2.org</HostName-->
|
||||
|
||||
<!--
|
||||
Host name to be used for the Carbon management console
|
||||
-->
|
||||
<!--MgtHostName>mgt.wso2.org</MgtHostName-->
|
||||
|
||||
<!--
|
||||
The URL of the back end server. This is where the admin services are hosted and
|
||||
will be used by the clients in the front end server.
|
||||
This is required only for the Front-end server. This is used when seperating BE server from FE server
|
||||
-->
|
||||
<ServerURL>local:/${carbon.context}/services/</ServerURL>
|
||||
<!--
|
||||
<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
|
||||
-->
|
||||
<!--
|
||||
The URL of the index page. This is where the user will be redirected after signing in to the
|
||||
carbon server.
|
||||
-->
|
||||
<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
|
||||
|
||||
<!--
|
||||
For cApp deployment, we have to identify the roles that can be acted by the current server.
|
||||
The following property is used for that purpose. Any number of roles can be defined here.
|
||||
Regular expressions can be used in the role.
|
||||
Ex : <Role>.*</Role> means this server can act any role
|
||||
-->
|
||||
<ServerRoles>
|
||||
<Role>${default.server.role}</Role>
|
||||
</ServerRoles>
|
||||
|
||||
<!-- uncommnet this line to subscribe to a bam instance automatically -->
|
||||
<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
|
||||
|
||||
<!--
|
||||
The fully qualified name of the server
|
||||
-->
|
||||
<Package>org.wso2.carbon</Package>
|
||||
|
||||
<!--
|
||||
Webapp context root of WSO2 Carbon management console.
|
||||
-->
|
||||
<WebContextRoot>/</WebContextRoot>
|
||||
|
||||
<!--
|
||||
Proxy context path is a useful parameter to add a proxy path when a Carbon server is fronted by reverse proxy. In addtion
|
||||
to the proxy host and proxy port this parameter allows you add a path component to external URLs. e.g.
|
||||
URL of the Carbon server -> https://10.100.1.1:9443/carbon
|
||||
URL of the reverse proxy -> https://prod.abc.com/appserver/carbon
|
||||
|
||||
appserver - proxy context path. This specially required whenever you are generating URLs to displace in
|
||||
Carbon UI components.
|
||||
-->
|
||||
<!--
|
||||
<MgtProxyContextPath></MgtProxyContextPath>
|
||||
<ProxyContextPath></ProxyContextPath>
|
||||
-->
|
||||
|
||||
<!-- In-order to get the registry http Port from the back-end when the default http transport is not the same-->
|
||||
<!--RegistryHttpPort>9763</RegistryHttpPort-->
|
||||
|
||||
<!--
|
||||
Number of items to be displayed on a management console page. This is used at the
|
||||
backend server for pagination of various items.
|
||||
-->
|
||||
<ItemsPerPage>15</ItemsPerPage>
|
||||
|
||||
<!-- The endpoint URL of the cloud instance management Web service -->
|
||||
<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
|
||||
|
||||
<!--
|
||||
Ports used by this server
|
||||
-->
|
||||
<Ports>
|
||||
|
||||
<!-- Ports offset. This entry will set the value of the ports defined below to
|
||||
the define value + Offset.
|
||||
e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
|
||||
-->
|
||||
<Offset>0</Offset>
|
||||
|
||||
<!-- The JMX Ports -->
|
||||
<JMX>
|
||||
<!--The port RMI registry is exposed-->
|
||||
<RMIRegistryPort>9999</RMIRegistryPort>
|
||||
<!--The port RMI server should be exposed-->
|
||||
<RMIServerPort>11111</RMIServerPort>
|
||||
</JMX>
|
||||
|
||||
<!-- Embedded LDAP server specific ports -->
|
||||
<EmbeddedLDAP>
|
||||
<!-- Port which embedded LDAP server runs -->
|
||||
<LDAPServerPort>10389</LDAPServerPort>
|
||||
<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
|
||||
<KDCServerPort>8000</KDCServerPort>
|
||||
</EmbeddedLDAP>
|
||||
|
||||
<!--
|
||||
Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
|
||||
-->
|
||||
<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
|
||||
<!--Override receive port of thrift based entitlement service.-->
|
||||
<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
|
||||
|
||||
</Ports>
|
||||
|
||||
<!--
|
||||
JNDI Configuration
|
||||
-->
|
||||
<JNDI>
|
||||
<!--
|
||||
The fully qualified name of the default initial context factory
|
||||
-->
|
||||
<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
|
||||
<!--
|
||||
The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
|
||||
-->
|
||||
<Restrictions>
|
||||
<!--
|
||||
Contexts that will be available only to the super-tenant
|
||||
-->
|
||||
<!-- <SuperTenantOnly>
|
||||
<UrlContexts>
|
||||
<UrlContext>
|
||||
<Scheme>foo</Scheme>
|
||||
</UrlContext>
|
||||
<UrlContext>
|
||||
<Scheme>bar</Scheme>
|
||||
</UrlContext>
|
||||
</UrlContexts>
|
||||
</SuperTenantOnly> -->
|
||||
<!--
|
||||
Contexts that are common to all tenants
|
||||
-->
|
||||
<AllTenants>
|
||||
<UrlContexts>
|
||||
<UrlContext>
|
||||
<Scheme>java</Scheme>
|
||||
</UrlContext>
|
||||
<!-- <UrlContext>
|
||||
<Scheme>foo</Scheme>
|
||||
</UrlContext> -->
|
||||
</UrlContexts>
|
||||
</AllTenants>
|
||||
<!--
|
||||
All other contexts not mentioned above will be available on a per-tenant basis
|
||||
(i.e. will not be shared among tenants)
|
||||
-->
|
||||
</Restrictions>
|
||||
</JNDI>
|
||||
|
||||
<!--
|
||||
Property to determine if the server is running an a cloud deployment environment.
|
||||
This property should only be used to determine deployment specific details that are
|
||||
applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
|
||||
-->
|
||||
<IsCloudDeployment>false</IsCloudDeployment>
|
||||
|
||||
<!--
|
||||
Property to determine whether usage data should be collected for metering purposes
|
||||
-->
|
||||
<EnableMetering>false</EnableMetering>
|
||||
|
||||
<!-- The Max time a thread should take for execution in seconds -->
|
||||
<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
|
||||
|
||||
<!--
|
||||
A flag to enable or disable Ghost Deployer. By default this is set to false. That is
|
||||
because the Ghost Deployer works only with the HTTP/S transports. If you are using
|
||||
other transports, don't enable Ghost Deployer.
|
||||
-->
|
||||
<GhostDeployment>
|
||||
<Enabled>false</Enabled>
|
||||
</GhostDeployment>
|
||||
|
||||
|
||||
<!--
|
||||
Eager loading or lazy loading is a design pattern commonly used in computer programming which
|
||||
will initialize an object upon creation or load on-demand. In carbon, lazy loading is used to
|
||||
load tenant when a request is received only. Similarly Eager loading is used to enable load
|
||||
existing tenants after carbon server starts up. Using this feature, you will be able to include
|
||||
or exclude tenants which are to be loaded when server startup.
|
||||
|
||||
We can enable only one LoadingPolicy at a given time.
|
||||
|
||||
1. Tenant Lazy Loading
|
||||
This is the default behaviour and enabled by default. With this policy, tenants are not loaded at
|
||||
server startup, but loaded based on-demand (i.e when a request is received for a tenant).
|
||||
The default tenant idle time is 30 minutes.
|
||||
|
||||
2. Tenant Eager Loading
|
||||
This is by default not enabled. It can be be enabled by un-commenting the <EagerLoading> section.
|
||||
The eager loading configurations supported are as below. These configurations can be given as the
|
||||
value for <Include> element with eager loading.
|
||||
(i)Load all tenants when server startup - *
|
||||
(ii)Load all tenants except foo.com & bar.com - *,!foo.com,!bar.com
|
||||
(iii)Load only foo.com & bar.com to be included - foo.com,bar.com
|
||||
-->
|
||||
<Tenant>
|
||||
<LoadingPolicy>
|
||||
<LazyLoading>
|
||||
<IdleTime>30</IdleTime>
|
||||
</LazyLoading>
|
||||
<!-- <EagerLoading>
|
||||
<Include>*,!foo.com,!bar.com</Include>
|
||||
</EagerLoading>-->
|
||||
</LoadingPolicy>
|
||||
</Tenant>
|
||||
|
||||
<!--
|
||||
Caching related configurations
|
||||
-->
|
||||
<Cache>
|
||||
<!-- Default cache timeout in minutes -->
|
||||
<DefaultCacheTimeout>15</DefaultCacheTimeout>
|
||||
</Cache>
|
||||
|
||||
<!--
|
||||
Axis2 related configurations
|
||||
-->
|
||||
<Axis2Config>
|
||||
<!--
|
||||
Location of the Axis2 Services & Modules repository
|
||||
|
||||
This can be a directory in the local file system, or a URL.
|
||||
|
||||
e.g.
|
||||
1. /home/wso2wsas/repository/ - An absolute path
|
||||
2. repository - In this case, the path is relative to CARBON_HOME
|
||||
3. file:///home/wso2wsas/repository/
|
||||
4. http://wso2wsas/repository/
|
||||
-->
|
||||
<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
|
||||
|
||||
<!--
|
||||
Deployment update interval in seconds. This is the interval between repository listener
|
||||
executions.
|
||||
-->
|
||||
<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
|
||||
|
||||
<!--
|
||||
Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
|
||||
|
||||
This can be a file on the local file system, or a URL
|
||||
|
||||
e.g.
|
||||
1. /home/repository/axis2.xml - An absolute path
|
||||
2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
|
||||
3. file:///home/carbon/repository/axis2.xml
|
||||
4. http://repository/conf/axis2.xml
|
||||
-->
|
||||
<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
|
||||
|
||||
<!--
|
||||
ServiceGroupContextIdleTime, which will be set in ConfigurationContex
|
||||
for multiple clients which are going to access the same ServiceGroupContext
|
||||
Default Value is 30 Sec.
|
||||
-->
|
||||
<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
|
||||
|
||||
<!--
|
||||
This repository location is used to crete the client side configuration
|
||||
context used by the server when calling admin services.
|
||||
-->
|
||||
<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
|
||||
<!-- This axis2 xml is used in createing the configuration context by the FE server
|
||||
calling to BE server -->
|
||||
<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
|
||||
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
|
||||
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
|
||||
|
||||
<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
|
||||
With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
|
||||
Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
|
||||
<!--HttpAdminServices>*</HttpAdminServices-->
|
||||
|
||||
</Axis2Config>
|
||||
|
||||
<!--
|
||||
The default user roles which will be created when the server
|
||||
is started up for the first time.
|
||||
-->
|
||||
<ServiceUserRoles>
|
||||
<Role>
|
||||
<Name>admin</Name>
|
||||
<Description>Default Administrator Role</Description>
|
||||
</Role>
|
||||
<Role>
|
||||
<Name>user</Name>
|
||||
<Description>Default User Role</Description>
|
||||
</Role>
|
||||
</ServiceUserRoles>
|
||||
|
||||
<!--
|
||||
Enable following config to allow Emails as usernames.
|
||||
-->
|
||||
<!--EnableEmailUserName>true</EnableEmailUserName-->
|
||||
|
||||
<!--
|
||||
Security configurations
|
||||
-->
|
||||
<Security>
|
||||
<!--
|
||||
KeyStore which will be used for encrypting/decrypting passwords
|
||||
and other sensitive information.
|
||||
-->
|
||||
<KeyStore>
|
||||
<!-- Keystore file location-->
|
||||
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
|
||||
<!-- Keystore type (JKS/PKCS12 etc.)-->
|
||||
<Type>JKS</Type>
|
||||
<!-- Keystore password-->
|
||||
<Password>wso2carbon</Password>
|
||||
<!-- Private Key alias-->
|
||||
<KeyAlias>wso2carbon</KeyAlias>
|
||||
<!-- Private Key password-->
|
||||
<KeyPassword>wso2carbon</KeyPassword>
|
||||
</KeyStore>
|
||||
|
||||
<!--
|
||||
System wide trust-store which is used to maintain the certificates of all
|
||||
the trusted parties.
|
||||
-->
|
||||
<TrustStore>
|
||||
<!-- trust-store file location -->
|
||||
<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
|
||||
<!-- trust-store type (JKS/PKCS12 etc.) -->
|
||||
<Type>JKS</Type>
|
||||
<!-- trust-store password -->
|
||||
<Password>wso2carbon</Password>
|
||||
</TrustStore>
|
||||
|
||||
<!--
|
||||
The Authenticator configuration to be used at the JVM level. We extend the
|
||||
java.net.Authenticator to make it possible to authenticate to given servers and
|
||||
proxies.
|
||||
-->
|
||||
<NetworkAuthenticatorConfig>
|
||||
<!--
|
||||
Below is a sample configuration for a single authenticator. Please note that
|
||||
all child elements are mandatory. Not having some child elements would lead to
|
||||
exceptions at runtime.
|
||||
-->
|
||||
<!-- <Credential> -->
|
||||
<!--
|
||||
the pattern that would match a subset of URLs for which this authenticator
|
||||
would be used
|
||||
-->
|
||||
<!-- <Pattern>regularExpression</Pattern> -->
|
||||
<!--
|
||||
the type of this authenticator. Allowed values are:
|
||||
1. server
|
||||
2. proxy
|
||||
-->
|
||||
<!-- <Type>proxy</Type> -->
|
||||
<!-- the username used to log in to server/proxy -->
|
||||
<!-- <Username>username</Username> -->
|
||||
<!-- the password used to log in to server/proxy -->
|
||||
<!-- <Password>password</Password> -->
|
||||
<!-- </Credential> -->
|
||||
</NetworkAuthenticatorConfig>
|
||||
|
||||
<!--
|
||||
The Tomcat realm to be used for hosted Web applications. Allowed values are;
|
||||
1. UserManager
|
||||
2. Memory
|
||||
|
||||
If this is set to 'UserManager', the realm will pick users & roles from the system's
|
||||
WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
|
||||
CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
|
||||
-->
|
||||
<TomcatRealm>UserManager</TomcatRealm>
|
||||
|
||||
<!--Option to disable storing of tokens issued by STS-->
|
||||
<DisableTokenStore>false</DisableTokenStore>
|
||||
|
||||
<!--
|
||||
Security token store class name. If this is not set, default class will be
|
||||
org.wso2.carbon.security.util.SecurityTokenStore
|
||||
-->
|
||||
<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
|
||||
</Security>
|
||||
|
||||
<!--
|
||||
The temporary work directory
|
||||
-->
|
||||
<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
|
||||
|
||||
<!--
|
||||
House-keeping configuration
|
||||
-->
|
||||
<HouseKeeping>
|
||||
|
||||
<!--
|
||||
true - Start House-keeping thread on server startup
|
||||
false - Do not start House-keeping thread on server startup.
|
||||
The user will run it manually as and when he wishes.
|
||||
-->
|
||||
<AutoStart>true</AutoStart>
|
||||
|
||||
<!--
|
||||
The interval in *minutes*, between house-keeping runs
|
||||
-->
|
||||
<Interval>10</Interval>
|
||||
|
||||
<!--
|
||||
The maximum time in *minutes*, temp files are allowed to live
|
||||
in the system. Files/directories which were modified more than
|
||||
"MaxTempFileLifetime" minutes ago will be removed by the
|
||||
house-keeping task
|
||||
-->
|
||||
<MaxTempFileLifetime>30</MaxTempFileLifetime>
|
||||
</HouseKeeping>
|
||||
|
||||
<!--
|
||||
Configuration for handling different types of file upload & other file uploading related
|
||||
config parameters.
|
||||
To map all actions to a particular FileUploadExecutor, use
|
||||
<Action>*</Action>
|
||||
-->
|
||||
<FileUploadConfig>
|
||||
<!--
|
||||
The total file upload size limit in MB
|
||||
-->
|
||||
<TotalFileSizeLimit>100</TotalFileSizeLimit>
|
||||
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>keystore</Action>
|
||||
<Action>certificate</Action>
|
||||
<Action>*</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>jarZip</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
|
||||
</Mapping>
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>dbs</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>tools</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>toolsAny</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
</FileUploadConfig>
|
||||
|
||||
<!--
|
||||
Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
|
||||
|
||||
In order to plug in a processor to handle a special request, simply add an entry to this
|
||||
section.
|
||||
|
||||
The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
|
||||
which needs special processing
|
||||
|
||||
The value of the Class element is a class which implements
|
||||
org.wso2.carbon.transport.HttpGetRequestProcessor
|
||||
-->
|
||||
<HttpGetRequestProcessors>
|
||||
<Processor>
|
||||
<Item>info</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
|
||||
</Processor>
|
||||
<Processor>
|
||||
<Item>wsdl</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
|
||||
</Processor>
|
||||
<Processor>
|
||||
<Item>wsdl2</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
|
||||
</Processor>
|
||||
<Processor>
|
||||
<Item>xsd</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
|
||||
</Processor>
|
||||
</HttpGetRequestProcessors>
|
||||
|
||||
<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
|
||||
In master nodes you need to set both AutoCommit and AutoCheckout to true
|
||||
and in worker nodes set only AutoCheckout to true.
|
||||
-->
|
||||
<DeploymentSynchronizer>
|
||||
<Enabled>false</Enabled>
|
||||
<AutoCommit>false</AutoCommit>
|
||||
<AutoCheckout>true</AutoCheckout>
|
||||
<RepositoryType>svn</RepositoryType>
|
||||
<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
|
||||
<SvnUser>username</SvnUser>
|
||||
<SvnPassword>password</SvnPassword>
|
||||
<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
|
||||
</DeploymentSynchronizer>
|
||||
|
||||
<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
|
||||
In master nodes you need to set both AutoCommit and AutoCheckout to true
|
||||
and in worker nodes set only AutoCheckout to true.
|
||||
-->
|
||||
<!--<DeploymentSynchronizer>
|
||||
<Enabled>true</Enabled>
|
||||
<AutoCommit>false</AutoCommit>
|
||||
<AutoCheckout>true</AutoCheckout>
|
||||
</DeploymentSynchronizer>-->
|
||||
|
||||
<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
|
||||
<!--<MediationConfig>
|
||||
<LoadFromRegistry>false</LoadFromRegistry>
|
||||
<SaveToFile>false</SaveToFile>
|
||||
<Persistence>enabled</Persistence>
|
||||
<RegistryPersistence>enabled</RegistryPersistence>
|
||||
</MediationConfig>-->
|
||||
|
||||
<!--
|
||||
Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
|
||||
This code will be run when the Carbon server is initialized
|
||||
-->
|
||||
<ServerInitializers>
|
||||
<!--<Initializer></Initializer>-->
|
||||
</ServerInitializers>
|
||||
|
||||
<!--
|
||||
Indicates whether the Carbon Servlet is required by the system, and whether it should be
|
||||
registered
|
||||
-->
|
||||
<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
|
||||
|
||||
<!--
|
||||
Carbon H2 OSGI Configuration
|
||||
By default non of the servers start.
|
||||
name="web" - Start the web server with the H2 Console
|
||||
name="webPort" - The port (default: 8082)
|
||||
name="webAllowOthers" - Allow other computers to connect
|
||||
name="webSSL" - Use encrypted (HTTPS) connections
|
||||
name="tcp" - Start the TCP server
|
||||
name="tcpPort" - The port (default: 9092)
|
||||
name="tcpAllowOthers" - Allow other computers to connect
|
||||
name="tcpSSL" - Use encrypted (SSL) connections
|
||||
name="pg" - Start the PG server
|
||||
name="pgPort" - The port (default: 5435)
|
||||
name="pgAllowOthers" - Allow other computers to connect
|
||||
name="trace" - Print additional trace information; for all servers
|
||||
name="baseDir" - The base directory for H2 databases; for all servers
|
||||
-->
|
||||
<!--H2DatabaseConfiguration>
|
||||
<property name="web" />
|
||||
<property name="webPort">8082</property>
|
||||
<property name="webAllowOthers" />
|
||||
<property name="webSSL" />
|
||||
<property name="tcp" />
|
||||
<property name="tcpPort">9092</property>
|
||||
<property name="tcpAllowOthers" />
|
||||
<property name="tcpSSL" />
|
||||
<property name="pg" />
|
||||
<property name="pgPort">5435</property>
|
||||
<property name="pgAllowOthers" />
|
||||
<property name="trace" />
|
||||
<property name="baseDir">${carbon.home}</property>
|
||||
</H2DatabaseConfiguration-->
|
||||
<!--Disabling statistics reporter by default-->
|
||||
<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
|
||||
|
||||
<!-- Enable accessing Admin Console via HTTP -->
|
||||
<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
|
||||
|
||||
<!--
|
||||
Default Feature Repository of WSO2 Carbon.
|
||||
-->
|
||||
<FeatureRepository>
|
||||
<RepositoryName>default repository</RepositoryName>
|
||||
<RepositoryURL>${p2.repo.url}</RepositoryURL>
|
||||
</FeatureRepository>
|
||||
|
||||
<!--
|
||||
Configure API Management
|
||||
-->
|
||||
<APIManagement>
|
||||
|
||||
<!--Uses the embedded API Manager by default. If you want to use an external
|
||||
API Manager instance to manage APIs, configure below externalAPIManager-->
|
||||
|
||||
<Enabled>true</Enabled>
|
||||
|
||||
<!--Uncomment and configure API Gateway and
|
||||
Publisher URLs to use external API Manager instance-->
|
||||
|
||||
<!--ExternalAPIManager>
|
||||
|
||||
<APIGatewayURL>http://localhost:8281</APIGatewayURL>
|
||||
<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
|
||||
|
||||
</ExternalAPIManager-->
|
||||
|
||||
<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
|
||||
</APIManagement>
|
||||
</Server>
|
@ -0,0 +1,28 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<PlatformConfiguration>
|
||||
<type>sample</type>
|
||||
<configuration>
|
||||
<name>test</name>
|
||||
<contentType>String</contentType>
|
||||
<value>test</value>
|
||||
</configuration>
|
||||
</PlatformConfiguration>
|
@ -0,0 +1,23 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<PlatformConfiguration>
|
||||
</configuration
|
||||
</PlatformConfiguration>
|
@ -0,0 +1,25 @@
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<License>
|
||||
<Language>en_US</Language>
|
||||
<Version>1.0.0</Version>
|
||||
<Text>This is a file based license</Text>
|
||||
</License>
|
@ -0,0 +1,50 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
|
||||
<!--
|
||||
~ Copyright 2017 WSO2 Inc. (http://wso2.com)
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
<wso2registry>
|
||||
|
||||
<!--
|
||||
For details on configuring different config & governance registries see;
|
||||
http://wso2.org/library/tutorials/2010/04/sharing-registry-space-across-multiple-product-instances
|
||||
-->
|
||||
|
||||
<currentDBConfig>wso2registry</currentDBConfig>
|
||||
<readOnly>false</readOnly>
|
||||
<enableCache>true</enableCache>
|
||||
<registryRoot>/</registryRoot>
|
||||
|
||||
<dbConfig name="wso2registry">
|
||||
<url>jdbc:h2:./target/databasetest/CARBON_TEST</url>
|
||||
<!--userName>sa</userName>
|
||||
<password>sa</password-->
|
||||
<driverName>org.h2.Driver</driverName>
|
||||
<maxActive>80</maxActive>
|
||||
<maxWait>60000</maxWait>
|
||||
<minIdle>5</minIdle>
|
||||
</dbConfig>
|
||||
|
||||
<versionResourcesOnChange>false</versionResourcesOnChange>
|
||||
|
||||
<!-- NOTE: You can edit the options under "StaticConfiguration" only before the
|
||||
startup. -->
|
||||
<staticConfiguration>
|
||||
<versioningProperties>true</versioningProperties>
|
||||
<versioningComments>true</versioningComments>
|
||||
<versioningTags>true</versioningTags>
|
||||
<versioningRatings>true</versioningRatings>
|
||||
</staticConfiguration>
|
||||
</wso2registry>
|
@ -0,0 +1,80 @@
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<UserManager>
|
||||
<Realm>
|
||||
<Configuration>
|
||||
<AddAdmin>true</AddAdmin>
|
||||
<AdminRole>admin</AdminRole>
|
||||
<AdminUser>
|
||||
<UserName>admin</UserName>
|
||||
<Password>admin</Password>
|
||||
</AdminUser>
|
||||
<EveryOneRoleName>everyone</EveryOneRoleName>
|
||||
<ReadOnly>false</ReadOnly>
|
||||
<MaxUserNameListLength>500</MaxUserNameListLength>
|
||||
<Property name="url">jdbc:h2:target/databasetest/CARBON_TEST</Property>
|
||||
<Property name="driverName">org.h2.Driver</Property>
|
||||
<Property name="maxActive">50</Property>
|
||||
<Property name="maxWait">60000</Property>
|
||||
<Property name="minIdle">5</Property>
|
||||
</Configuration>
|
||||
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
|
||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property>
|
||||
<Property name="ReadOnly">false</Property>
|
||||
<Property name="MaxUserNameListLength">100</Property>
|
||||
<Property name="IsEmailUserName">false</Property>
|
||||
<Property name="DomainCalculation">default</Property>
|
||||
<Property name="PasswordDigest">SHA-256</Property>
|
||||
<Property name="StoreSaltedPassword">true</Property>
|
||||
<Property name="ReadGroups">true</Property>
|
||||
<Property name="WriteGroups">true</Property>
|
||||
<Property name="UserNameUniqueAcrossTenants">false</Property>
|
||||
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
|
||||
<Property name="PasswordJavaRegExViolationErrorMsg">Password length should be between 5 to 30 characters
|
||||
</Property>
|
||||
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
|
||||
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
||||
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
||||
<Property name="RolenameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
|
||||
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
||||
<Property name="UserRolesCacheEnabled">true</Property>
|
||||
<Property name="MaxRoleNameListLength">100</Property>
|
||||
<Property name="MaxUserNameListLength">100</Property>
|
||||
<Property name="SharedGroupEnabled">false</Property>
|
||||
<Property name="SCIMEnabled">false</Property>
|
||||
<Property name="CaseSensitiveUsername">true</Property>
|
||||
<Property name="MultiAttributeSeparator">,</Property>
|
||||
<Property name="BulkImportSupported">true</Property>
|
||||
</UserStoreManager>
|
||||
<AuthorizationManager
|
||||
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
|
||||
<Property name="AuthorizationCacheEnabled">true</Property>
|
||||
</AuthorizationManager>
|
||||
</Realm>
|
||||
<SystemPermission>
|
||||
<Permission>login</Permission>
|
||||
<Permission>manage-configuration</Permission>
|
||||
<Permission>manage-security</Permission>
|
||||
<Permission>upload-services</Permission>
|
||||
<Permission>manage-services</Permission>
|
||||
<Permission>manage-lc-configuration</Permission>
|
||||
<Permission>manage-mediation</Permission>
|
||||
<Permission>monitor-system</Permission>
|
||||
<Permission>delegate-identity</Permission>
|
||||
</SystemPermission>
|
||||
</UserManager>
|
Loading…
Reference in new issue