You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
277 lines
8.5 KiB
277 lines
8.5 KiB
[server]
|
|
hostname = "localhost"
|
|
#offset=0
|
|
base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}"
|
|
#discard_empty_caches = false
|
|
server_role = "default"
|
|
|
|
[database_configuration]
|
|
enable_h2_console = "true"
|
|
|
|
[super_admin]
|
|
username = "admin"
|
|
password = "admin"
|
|
create_admin_account = true
|
|
|
|
[user_store]
|
|
type = "database_unique_id"
|
|
|
|
[database.apim_db]
|
|
type = "h2"
|
|
url = "jdbc:h2:./repository/database/WSO2AM_DB;AUTO_SERVER=TRUE;DB_CLOSE_ON_EXIT=FALSE"
|
|
username = "wso2carbon"
|
|
password = "wso2carbon"
|
|
|
|
[database.shared_db]
|
|
type = "h2"
|
|
url = "jdbc:h2:./repository/database/WSO2SHARED_DB;DB_CLOSE_ON_EXIT=FALSE"
|
|
username = "wso2carbon"
|
|
password = "wso2carbon"
|
|
|
|
[keystore.tls]
|
|
file_name = "wso2carbon.jks"
|
|
type = "JKS"
|
|
password = "wso2carbon"
|
|
alias = "wso2carbon"
|
|
key_password = "wso2carbon"
|
|
|
|
#[keystore.primary]
|
|
#file_name = "wso2carbon.jks"
|
|
#type = "JKS"
|
|
#password = "wso2carbon"
|
|
#alias = "wso2carbon"
|
|
#key_password = "wso2carbon"
|
|
|
|
#[keystore.internal]
|
|
#file_name = "wso2carbon.jks"
|
|
#type = "JKS"
|
|
#password = "wso2carbon"
|
|
#alias = "wso2carbon"
|
|
#key_password = "wso2carbon"
|
|
|
|
[[apim.gateway.environment]]
|
|
name = "Default"
|
|
type = "hybrid"
|
|
display_in_api_console = true
|
|
description = "This is a hybrid gateway that handles both production and sandbox token traffic."
|
|
show_as_token_endpoint_url = true
|
|
service_url = "https://localhost:${mgt.transport.https.port}/services/"
|
|
username= "${admin.username}"
|
|
password= "${admin.password}"
|
|
ws_endpoint = "ws://localhost:9099"
|
|
wss_endpoint = "wss://localhost:8099"
|
|
http_endpoint = "http://localhost:${http.nio.port}"
|
|
https_endpoint = "https://localhost:${https.nio.port}"
|
|
websub_event_receiver_http_endpoint = "http://localhost:9021"
|
|
websub_event_receiver_https_endpoint = "https://localhost:8021"
|
|
|
|
[apim.sync_runtime_artifacts.gateway]
|
|
gateway_labels =["Default"]
|
|
|
|
#[apim.cache.gateway_token]
|
|
#enable = true
|
|
#expiry_time = "900s"
|
|
|
|
#[apim.cache.resource]
|
|
#enable = true
|
|
#expiry_time = "900s"
|
|
|
|
#[apim.cache.km_token]
|
|
#enable = false
|
|
#expiry_time = "15m"
|
|
|
|
#[apim.cache.recent_apis]
|
|
#enable = false
|
|
|
|
#[apim.cache.scopes]
|
|
#enable = true
|
|
|
|
#[apim.cache.publisher_roles]
|
|
#enable = true
|
|
|
|
#[apim.cache.jwt_claim]
|
|
#enable = true
|
|
#expiry_time = "15m"
|
|
|
|
#[apim.cache.tags]
|
|
#expiry_time = "2m"
|
|
|
|
[apim.analytics]
|
|
enable = false
|
|
config_endpoint = "https://localhost:8080/auth/v1"
|
|
auth_token = ""
|
|
|
|
#[apim.key_manager]
|
|
#service_url = "https://localhost:${mgt.transport.https.port}/services/"
|
|
#username = "$ref{super_admin.username}"
|
|
#password = "$ref{super_admin.password}"
|
|
#pool.init_idle_capacity = 50
|
|
#pool.max_idle = 100
|
|
#key_validation_handler_type = "default"
|
|
#key_validation_handler_type = "custom"
|
|
#key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler"
|
|
|
|
#[apim.idp]
|
|
#server_url = "https://localhost:${mgt.transport.https.port}"
|
|
#authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize"
|
|
#oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout"
|
|
#oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession"
|
|
|
|
#[apim.jwt]
|
|
#enable = true
|
|
#encoding = "base64" # base64,base64url
|
|
#generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator"
|
|
#claim_dialect = "http://wso2.org/claims"
|
|
#convert_dialect = false
|
|
#header = "X-JWT-Assertion"
|
|
#signing_algorithm = "SHA256withRSA"
|
|
#enable_user_claims = true
|
|
#claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever"
|
|
|
|
[apim.oauth_config]
|
|
# ------------------Enabled for IOT/EMM ---------------------------
|
|
enable_outbound_auth_header = true
|
|
#auth_header = "Authorization"
|
|
#revoke_endpoint = "https://localhost:${https.nio.port}/revoke"
|
|
#enable_token_encryption = false
|
|
#enable_token_hashing = false
|
|
|
|
#[apim.devportal]
|
|
#url = "https://localhost:${mgt.transport.https.port}/devportal"
|
|
#enable_application_sharing = false
|
|
#if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl
|
|
#application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api
|
|
#application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl"
|
|
#display_multiple_versions = false
|
|
#display_deprecated_apis = false
|
|
#enable_comments = true
|
|
#enable_ratings = true
|
|
#enable_forum = true
|
|
#enable_anonymous_mode=true
|
|
#enable_cross_tenant_subscriptions = true
|
|
#default_reserved_username = "apim_reserved_user"
|
|
|
|
[apim.cors]
|
|
allow_origins = "*"
|
|
allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"]
|
|
allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"]
|
|
allow_credentials = false
|
|
|
|
#[apim.throttling]
|
|
#enable_data_publishing = true
|
|
#enable_policy_deploy = true
|
|
#enable_blacklist_condition = true
|
|
#enable_persistence = true
|
|
#throttle_decision_endpoints = ["tcp://localhost:5672","tcp://localhost:5672"]
|
|
|
|
#[apim.throttling.blacklist_condition]
|
|
#start_delay = "5m"
|
|
#period = "1h"
|
|
|
|
#[apim.throttling.jms]
|
|
#start_delay = "5m"
|
|
|
|
#[apim.throttling.event_sync]
|
|
#hostName = "0.0.0.0"
|
|
#port = 11224
|
|
|
|
#[apim.throttling.event_management]
|
|
#hostName = "0.0.0.0"
|
|
#port = 10005
|
|
|
|
#[[apim.throttling.url_group]]
|
|
#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
|
|
#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
|
|
#type = "loadbalance"
|
|
|
|
#[[apim.throttling.url_group]]
|
|
#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"]
|
|
#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"]
|
|
#type = "failover"
|
|
|
|
#[apim.workflow]
|
|
#enable = false
|
|
#service_url = "https://localhost:9445/bpmn"
|
|
#username = "$ref{super_admin.username}"
|
|
#password = "$ref{super_admin.password}"
|
|
#callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status"
|
|
#token_endpoint = "https://localhost:${https.nio.port}/token"
|
|
#client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register"
|
|
#client_registration_username = "$ref{super_admin.username}"
|
|
#client_registration_password = "$ref{super_admin.password}"
|
|
|
|
#data bridge config
|
|
#[transport.receiver]
|
|
#type = "binary"
|
|
#worker_threads = 10
|
|
#session_timeout = "30m"
|
|
#keystore.file_name = "$ref{keystore.tls.file_name}"
|
|
#keystore.password = "$ref{keystore.tls.password}"
|
|
#tcp_port = 9611
|
|
#ssl_port = 9711
|
|
#ssl_receiver_thread_pool_size = 100
|
|
#tcp_receiver_thread_pool_size = 100
|
|
#ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"]
|
|
#ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"]
|
|
|
|
#[apim.notification]
|
|
#from_address = "APIM.com"
|
|
#username = "APIM"
|
|
#password = "APIM+123"
|
|
#hostname = "localhost"
|
|
#port = 3025
|
|
#enable_start_tls = false
|
|
#enable_authentication = true
|
|
|
|
#[apim.token.revocation]
|
|
#notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl"
|
|
#enable_realtime_notifier = true
|
|
#realtime_notifier.ttl = 5000
|
|
#enable_persistent_notifier = true
|
|
#persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/"
|
|
#persistent_notifier.ttl = 5000
|
|
#persistent_notifier.username = "root"
|
|
#persistent_notifier.password = "root"
|
|
|
|
[[event_handler]]
|
|
name="userPostSelfRegistration"
|
|
subscriptions=["POST_ADD_USER"]
|
|
|
|
[service_provider]
|
|
sp_name_regex = "^[\\sa-zA-Z0-9._-]*$"
|
|
|
|
[database.local]
|
|
url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE"
|
|
|
|
[[event_listener]]
|
|
id = "token_revocation"
|
|
type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler"
|
|
name = "org.wso2.is.notification.ApimOauthEventInterceptor"
|
|
order = 1
|
|
[event_listener.properties]
|
|
notification_endpoint = "https://localhost:${mgt.transport.https.port}/internal/data/v1/notify"
|
|
username = "${admin.username}"
|
|
password = "${admin.password}"
|
|
'header.X-WSO2-KEY-MANAGER' = "default"
|
|
|
|
[apim.sync_runtime_artifacts.gateway.skip_list]
|
|
apis = ["_TokenAPI_.xml", "_API_Application_Registration_.xml", "admin--Android-Mutual-SSL-Configuration-Management.xml", "admin--Android-Mutual-SSL-Device-Management.xml", "admin--Android-Mutual-SSL-Event-Receiver.xml"]
|
|
sequences = ["_api_registration_fault_.xml"]
|
|
|
|
[transport.https.properties]
|
|
maxHttpHeaderSize="16384"
|
|
|
|
[transport.http.properties]
|
|
maxHttpHeaderSize="16384"
|
|
|
|
[oauth.grant_type.jwt_bearer]
|
|
grant_handler="org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.ExtendedJWTGrantHandler"
|
|
|
|
[[oauth.custom_grant_type]]
|
|
name="access_token"
|
|
grant_handler="org.wso2.carbon.device.mgt.oauth.extensions.handlers.grant.AccessTokenGrantHandler"
|
|
grant_validator="org.wso2.carbon.device.mgt.oauth.extensions.validators.AccessTokenGrantValidator"
|
|
|
|
[oauth.token_renewal]
|
|
renew_refresh_token=false
|