forked from community/device-mgt-core
parent
4417db47c9
commit
219968bbfc
@ -1,625 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
~ Copyright 2005-2011 WSO2, Inc. (http://wso2.com)
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
This is the main server configuration file
|
|
||||||
|
|
||||||
${carbon.home} represents the carbon.home system property.
|
|
||||||
Other system properties can be specified in a similar manner.
|
|
||||||
-->
|
|
||||||
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Product Name
|
|
||||||
-->
|
|
||||||
<Name>WSO2 Enterprise Mobile Platform</Name>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
machine readable unique key to identify each product
|
|
||||||
-->
|
|
||||||
<ServerKey>EMM</ServerKey>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Product Version
|
|
||||||
-->
|
|
||||||
<Version>1.1.0</Version>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Host name or IP address of the machine hosting this server
|
|
||||||
e.g. www.wso2.org, 192.168.1.10
|
|
||||||
This is will become part of the End Point Reference of the
|
|
||||||
services deployed on this server instance.
|
|
||||||
-->
|
|
||||||
<!--HostName>www.wso2.org</HostName-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Host name to be used for the Carbon management console
|
|
||||||
-->
|
|
||||||
<!--MgtHostName>mgt.wso2.org</MgtHostName-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The URL of the back end server. This is where the admin services are hosted and
|
|
||||||
will be used by the clients in the front end server.
|
|
||||||
This is required only for the Front-end server. This is used when seperating BE server from FE server
|
|
||||||
-->
|
|
||||||
<ServerURL>local:/${carbon.context}/services/</ServerURL>
|
|
||||||
<!--
|
|
||||||
<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
|
|
||||||
-->
|
|
||||||
<!--
|
|
||||||
The URL of the index page. This is where the user will be redirected after signing in to the
|
|
||||||
carbon server.
|
|
||||||
-->
|
|
||||||
<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
For cApp deployment, we have to identify the roles that can be acted by the current server.
|
|
||||||
The following property is used for that purpose. Any number of roles can be defined here.
|
|
||||||
Regular expressions can be used in the role.
|
|
||||||
Ex : <Role>.*</Role> means this server can act any role
|
|
||||||
-->
|
|
||||||
<ServerRoles>
|
|
||||||
<Role>MobilePlatform</Role>
|
|
||||||
</ServerRoles>
|
|
||||||
|
|
||||||
<!-- uncommnet this line to subscribe to a bam instance automatically -->
|
|
||||||
<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The fully qualified name of the server
|
|
||||||
-->
|
|
||||||
<Package>org.wso2.carbon</Package>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Webapp context root of WSO2 Carbon.
|
|
||||||
-->
|
|
||||||
<WebContextRoot>/</WebContextRoot>
|
|
||||||
|
|
||||||
<!-- In-order to get the registry http Port from the back-end when the default http transport is not the same-->
|
|
||||||
<!--RegistryHttpPort>9763</RegistryHttpPort-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Number of items to be displayed on a management console page. This is used at the
|
|
||||||
backend server for pagination of various items.
|
|
||||||
-->
|
|
||||||
<ItemsPerPage>15</ItemsPerPage>
|
|
||||||
|
|
||||||
<!-- The endpoint URL of the cloud instance management Web service -->
|
|
||||||
<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Ports used by this server
|
|
||||||
-->
|
|
||||||
<Ports>
|
|
||||||
|
|
||||||
<!-- Ports offset. This entry will set the value of the ports defined below to
|
|
||||||
the define value + Offset.
|
|
||||||
e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
|
|
||||||
-->
|
|
||||||
<Offset>0</Offset>
|
|
||||||
|
|
||||||
<!-- The JMX Ports -->
|
|
||||||
<JMX>
|
|
||||||
<!--The port RMI registry is exposed-->
|
|
||||||
<RMIRegistryPort>9999</RMIRegistryPort>
|
|
||||||
<!--The port RMI server should be exposed-->
|
|
||||||
<RMIServerPort>11111</RMIServerPort>
|
|
||||||
</JMX>
|
|
||||||
|
|
||||||
<!-- Embedded LDAP server specific ports -->
|
|
||||||
<EmbeddedLDAP>
|
|
||||||
<!-- Port which embedded LDAP server runs -->
|
|
||||||
<LDAPServerPort>10389</LDAPServerPort>
|
|
||||||
<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
|
|
||||||
<KDCServerPort>8000</KDCServerPort>
|
|
||||||
</EmbeddedLDAP>
|
|
||||||
|
|
||||||
<!-- Embedded Qpid broker ports -->
|
|
||||||
<EmbeddedQpid>
|
|
||||||
<!-- Broker TCP Port -->
|
|
||||||
<BrokerPort>5672</BrokerPort>
|
|
||||||
<!-- SSL Port -->
|
|
||||||
<BrokerSSLPort>8672</BrokerSSLPort>
|
|
||||||
</EmbeddedQpid>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
|
|
||||||
-->
|
|
||||||
<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
|
|
||||||
<!--Override receive port of thrift based entitlement service.-->
|
|
||||||
<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
|
|
||||||
|
|
||||||
</Ports>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
JNDI Configuration
|
|
||||||
-->
|
|
||||||
<JNDI>
|
|
||||||
<!--
|
|
||||||
The fully qualified name of the default initial context factory
|
|
||||||
-->
|
|
||||||
<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
|
|
||||||
<!--
|
|
||||||
The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
|
|
||||||
-->
|
|
||||||
<Restrictions>
|
|
||||||
<!--
|
|
||||||
Contexts that will be available only to the super-tenant
|
|
||||||
-->
|
|
||||||
<!-- <SuperTenantOnly>
|
|
||||||
<UrlContexts>
|
|
||||||
<UrlContext>
|
|
||||||
<Scheme>foo</Scheme>
|
|
||||||
</UrlContext>
|
|
||||||
<UrlContext>
|
|
||||||
<Scheme>bar</Scheme>
|
|
||||||
</UrlContext>
|
|
||||||
</UrlContexts>
|
|
||||||
</SuperTenantOnly> -->
|
|
||||||
<!--
|
|
||||||
Contexts that are common to all tenants
|
|
||||||
-->
|
|
||||||
<AllTenants>
|
|
||||||
<UrlContexts>
|
|
||||||
<UrlContext>
|
|
||||||
<Scheme>java</Scheme>
|
|
||||||
</UrlContext>
|
|
||||||
<!-- <UrlContext>
|
|
||||||
<Scheme>foo</Scheme>
|
|
||||||
</UrlContext> -->
|
|
||||||
</UrlContexts>
|
|
||||||
</AllTenants>
|
|
||||||
<!--
|
|
||||||
All other contexts not mentioned above will be available on a per-tenant basis
|
|
||||||
(i.e. will not be shared among tenants)
|
|
||||||
-->
|
|
||||||
</Restrictions>
|
|
||||||
</JNDI>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Property to determine if the server is running an a cloud deployment environment.
|
|
||||||
This property should only be used to determine deployment specific details that are
|
|
||||||
applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
|
|
||||||
-->
|
|
||||||
<IsCloudDeployment>false</IsCloudDeployment>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Property to determine whether usage data should be collected for metering purposes
|
|
||||||
-->
|
|
||||||
<EnableMetering>false</EnableMetering>
|
|
||||||
|
|
||||||
<!-- The Max time a thread should take for execution in seconds -->
|
|
||||||
<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
A flag to enable or disable Ghost Deployer. By default this is set to false. That is
|
|
||||||
because the Ghost Deployer works only with the HTTP/S transports. If you are using
|
|
||||||
other transports, don't enable Ghost Deployer.
|
|
||||||
-->
|
|
||||||
<GhostDeployment>
|
|
||||||
<Enabled>false</Enabled>
|
|
||||||
<PartialUpdate>false</PartialUpdate>
|
|
||||||
</GhostDeployment>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Axis2 related configurations
|
|
||||||
-->
|
|
||||||
<Axis2Config>
|
|
||||||
<!--
|
|
||||||
Location of the Axis2 Services & Modules repository
|
|
||||||
|
|
||||||
This can be a directory in the local file system, or a URL.
|
|
||||||
|
|
||||||
e.g.
|
|
||||||
1. /home/wso2wsas/repository/ - An absolute path
|
|
||||||
2. repository - In this case, the path is relative to CARBON_HOME
|
|
||||||
3. file:///home/wso2wsas/repository/
|
|
||||||
4. http://wso2wsas/repository/
|
|
||||||
-->
|
|
||||||
<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Deployment update interval in seconds. This is the interval between repository listener
|
|
||||||
executions.
|
|
||||||
-->
|
|
||||||
<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
|
|
||||||
|
|
||||||
This can be a file on the local file system, or a URL
|
|
||||||
|
|
||||||
e.g.
|
|
||||||
1. /home/repository/axis2.xml - An absolute path
|
|
||||||
2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
|
|
||||||
3. file:///home/carbon/repository/axis2.xml
|
|
||||||
4. http://repository/conf/axis2.xml
|
|
||||||
-->
|
|
||||||
<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
ServiceGroupContextIdleTime, which will be set in ConfigurationContex
|
|
||||||
for multiple clients which are going to access the same ServiceGroupContext
|
|
||||||
Default Value is 30 Sec.
|
|
||||||
-->
|
|
||||||
<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
This repository location is used to crete the client side configuration
|
|
||||||
context used by the server when calling admin services.
|
|
||||||
-->
|
|
||||||
<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
|
|
||||||
<!-- This axis2 xml is used in createing the configuration context by the FE server
|
|
||||||
calling to BE server -->
|
|
||||||
<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
|
|
||||||
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
|
|
||||||
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
|
|
||||||
|
|
||||||
<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
|
|
||||||
With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
|
|
||||||
Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
|
|
||||||
<!--HttpAdminServices>*</HttpAdminServices-->
|
|
||||||
|
|
||||||
</Axis2Config>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The default user roles which will be created when the server
|
|
||||||
is started up for the first time.
|
|
||||||
-->
|
|
||||||
<ServiceUserRoles>
|
|
||||||
<Role>
|
|
||||||
<Name>admin</Name>
|
|
||||||
<Description>Default Administrator Role</Description>
|
|
||||||
</Role>
|
|
||||||
<Role>
|
|
||||||
<Name>user</Name>
|
|
||||||
<Description>Default User Role</Description>
|
|
||||||
</Role>
|
|
||||||
</ServiceUserRoles>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Enable following config to allow Emails as usernames.
|
|
||||||
-->
|
|
||||||
<EnableEmailUserName>false</EnableEmailUserName>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Security configurations
|
|
||||||
-->
|
|
||||||
<Security>
|
|
||||||
<!--
|
|
||||||
KeyStore which will be used for encrypting/decrypting passwords
|
|
||||||
and other sensitive information.
|
|
||||||
-->
|
|
||||||
<KeyStore>
|
|
||||||
<!-- Keystore file location-->
|
|
||||||
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
|
|
||||||
<!-- Keystore type (JKS/PKCS12 etc.)-->
|
|
||||||
<Type>JKS</Type>
|
|
||||||
<!-- Keystore password-->
|
|
||||||
<Password>wso2carbon</Password>
|
|
||||||
<!-- Private Key alias-->
|
|
||||||
<KeyAlias>wso2carbon</KeyAlias>
|
|
||||||
<!-- Private Key password-->
|
|
||||||
<KeyPassword>wso2carbon</KeyPassword>
|
|
||||||
</KeyStore>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Encrypt Decrypt Store will be used for encrypting and decrypting
|
|
||||||
-->
|
|
||||||
<RegistryKeyStore>
|
|
||||||
<!-- Keystore file location-->
|
|
||||||
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
|
|
||||||
<!-- Keystore type (JKS/PKCS12 etc.)-->
|
|
||||||
<Type>JKS</Type>
|
|
||||||
<!-- Keystore password-->
|
|
||||||
<Password>wso2carbon</Password>
|
|
||||||
<!-- Private Key alias-->
|
|
||||||
<KeyAlias>wso2carbon</KeyAlias>
|
|
||||||
<!-- Private Key password-->
|
|
||||||
<KeyPassword>wso2carbon</KeyPassword>
|
|
||||||
</RegistryKeyStore>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
System wide trust-store which is used to maintain the certificates of all
|
|
||||||
the trusted parties.
|
|
||||||
-->
|
|
||||||
<TrustStore>
|
|
||||||
<!-- trust-store file location -->
|
|
||||||
<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
|
|
||||||
<!-- trust-store type (JKS/PKCS12 etc.) -->
|
|
||||||
<Type>JKS</Type>
|
|
||||||
<!-- trust-store password -->
|
|
||||||
<Password>wso2carbon</Password>
|
|
||||||
</TrustStore>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The Authenticator configuration to be used at the JVM level. We extend the
|
|
||||||
java.net.Authenticator to make it possible to authenticate to given servers and
|
|
||||||
proxies.
|
|
||||||
-->
|
|
||||||
<NetworkAuthenticatorConfig>
|
|
||||||
<!--
|
|
||||||
Below is a sample configuration for a single authenticator. Please note that
|
|
||||||
all child elements are mandatory. Not having some child elements would lead to
|
|
||||||
exceptions at runtime.
|
|
||||||
-->
|
|
||||||
<!-- <Credential> -->
|
|
||||||
<!--
|
|
||||||
the pattern that would match a subset of URLs for which this authenticator
|
|
||||||
would be used
|
|
||||||
-->
|
|
||||||
<!-- <Pattern>regularExpression</Pattern> -->
|
|
||||||
<!--
|
|
||||||
the type of this authenticator. Allowed values are:
|
|
||||||
1. server
|
|
||||||
2. proxy
|
|
||||||
-->
|
|
||||||
<!-- <Type>proxy</Type> -->
|
|
||||||
<!-- the username used to log in to server/proxy -->
|
|
||||||
<!-- <Username>username</Username> -->
|
|
||||||
<!-- the password used to log in to server/proxy -->
|
|
||||||
<!-- <Password>password</Password> -->
|
|
||||||
<!-- </Credential> -->
|
|
||||||
</NetworkAuthenticatorConfig>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The Tomcat realm to be used for hosted Web applications. Allowed values are;
|
|
||||||
1. UserManager
|
|
||||||
2. Memory
|
|
||||||
|
|
||||||
If this is set to 'UserManager', the realm will pick users & roles from the system's
|
|
||||||
WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
|
|
||||||
CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
|
|
||||||
-->
|
|
||||||
<TomcatRealm>UserManager</TomcatRealm>
|
|
||||||
|
|
||||||
<!--Option to disable storing of tokens issued by STS-->
|
|
||||||
<DisableTokenStore>false</DisableTokenStore>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Security token store class name. If this is not set, default class will be
|
|
||||||
org.wso2.carbon.security.util.SecurityTokenStore
|
|
||||||
-->
|
|
||||||
<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
|
|
||||||
</Security>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The temporary work directory
|
|
||||||
-->
|
|
||||||
<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
House-keeping configuration
|
|
||||||
-->
|
|
||||||
<HouseKeeping>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
true - Start House-keeping thread on server startup
|
|
||||||
false - Do not start House-keeping thread on server startup.
|
|
||||||
The user will run it manually as and when he wishes.
|
|
||||||
-->
|
|
||||||
<AutoStart>true</AutoStart>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The interval in *minutes*, between house-keeping runs
|
|
||||||
-->
|
|
||||||
<Interval>10</Interval>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
The maximum time in *minutes*, temp files are allowed to live
|
|
||||||
in the system. Files/directories which were modified more than
|
|
||||||
"MaxTempFileLifetime" minutes ago will be removed by the
|
|
||||||
house-keeping task
|
|
||||||
-->
|
|
||||||
<MaxTempFileLifetime>30</MaxTempFileLifetime>
|
|
||||||
</HouseKeeping>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Configuration for handling different types of file upload & other file uploading related
|
|
||||||
config parameters.
|
|
||||||
To map all actions to a particular FileUploadExecutor, use
|
|
||||||
<Action>*</Action>
|
|
||||||
-->
|
|
||||||
<FileUploadConfig>
|
|
||||||
<!--
|
|
||||||
The total file upload size limit in MB
|
|
||||||
-->
|
|
||||||
<TotalFileSizeLimit>100</TotalFileSizeLimit>
|
|
||||||
|
|
||||||
<Mapping>
|
|
||||||
<Actions>
|
|
||||||
<Action>keystore</Action>
|
|
||||||
<Action>certificate</Action>
|
|
||||||
<Action>*</Action>
|
|
||||||
</Actions>
|
|
||||||
<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
|
|
||||||
</Mapping>
|
|
||||||
|
|
||||||
<Mapping>
|
|
||||||
<Actions>
|
|
||||||
<Action>jarZip</Action>
|
|
||||||
</Actions>
|
|
||||||
<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
|
|
||||||
</Mapping>
|
|
||||||
<Mapping>
|
|
||||||
<Actions>
|
|
||||||
<Action>dbs</Action>
|
|
||||||
</Actions>
|
|
||||||
<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
|
|
||||||
</Mapping>
|
|
||||||
<Mapping>
|
|
||||||
<Actions>
|
|
||||||
<Action>tools</Action>
|
|
||||||
</Actions>
|
|
||||||
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
|
|
||||||
</Mapping>
|
|
||||||
<Mapping>
|
|
||||||
<Actions>
|
|
||||||
<Action>toolsAny</Action>
|
|
||||||
</Actions>
|
|
||||||
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
|
|
||||||
</Mapping>
|
|
||||||
</FileUploadConfig>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
|
|
||||||
|
|
||||||
In order to plug in a processor to handle a special request, simply add an entry to this
|
|
||||||
section.
|
|
||||||
|
|
||||||
The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
|
|
||||||
which needs special processing
|
|
||||||
|
|
||||||
The value of the Class element is a class which implements
|
|
||||||
org.wso2.carbon.transport.HttpGetRequestProcessor
|
|
||||||
-->
|
|
||||||
<HttpGetRequestProcessors>
|
|
||||||
<Processor>
|
|
||||||
<Item>info</Item>
|
|
||||||
<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
|
|
||||||
</Processor>
|
|
||||||
<Processor>
|
|
||||||
<Item>wsdl</Item>
|
|
||||||
<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
|
|
||||||
</Processor>
|
|
||||||
<Processor>
|
|
||||||
<Item>wsdl2</Item>
|
|
||||||
<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
|
|
||||||
</Processor>
|
|
||||||
<Processor>
|
|
||||||
<Item>xsd</Item>
|
|
||||||
<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
|
|
||||||
</Processor>
|
|
||||||
</HttpGetRequestProcessors>
|
|
||||||
|
|
||||||
<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
|
|
||||||
In master nodes you need to set both AutoCommit and AutoCheckout to true
|
|
||||||
and in worker nodes set only AutoCheckout to true.
|
|
||||||
-->
|
|
||||||
<DeploymentSynchronizer>
|
|
||||||
<Enabled>false</Enabled>
|
|
||||||
<AutoCommit>false</AutoCommit>
|
|
||||||
<AutoCheckout>true</AutoCheckout>
|
|
||||||
<RepositoryType>svn</RepositoryType>
|
|
||||||
<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
|
|
||||||
<SvnUser>username</SvnUser>
|
|
||||||
<SvnPassword>password</SvnPassword>
|
|
||||||
<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
|
|
||||||
</DeploymentSynchronizer>
|
|
||||||
|
|
||||||
<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
|
|
||||||
In master nodes you need to set both AutoCommit and AutoCheckout to true
|
|
||||||
and in worker nodes set only AutoCheckout to true.
|
|
||||||
-->
|
|
||||||
<!--<DeploymentSynchronizer>
|
|
||||||
<Enabled>true</Enabled>
|
|
||||||
<AutoCommit>false</AutoCommit>
|
|
||||||
<AutoCheckout>true</AutoCheckout>
|
|
||||||
</DeploymentSynchronizer>-->
|
|
||||||
|
|
||||||
<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
|
|
||||||
<!--<MediationConfig>
|
|
||||||
<LoadFromRegistry>false</LoadFromRegistry>
|
|
||||||
<SaveToFile>false</SaveToFile>
|
|
||||||
<Persistence>enabled</Persistence>
|
|
||||||
<RegistryPersistence>enabled</RegistryPersistence>
|
|
||||||
</MediationConfig>-->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
|
|
||||||
This code will be run when the Carbon server is initialized
|
|
||||||
-->
|
|
||||||
<ServerInitializers>
|
|
||||||
<!--<Initializer></Initializer>-->
|
|
||||||
</ServerInitializers>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Indicates whether the Carbon Servlet is required by the system, and whether it should be
|
|
||||||
registered
|
|
||||||
-->
|
|
||||||
<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Carbon H2 OSGI Configuration
|
|
||||||
By default non of the servers start.
|
|
||||||
name="web" - Start the web server with the H2 Console
|
|
||||||
name="webPort" - The port (default: 8082)
|
|
||||||
name="webAllowOthers" - Allow other computers to connect
|
|
||||||
name="webSSL" - Use encrypted (HTTPS) connections
|
|
||||||
name="tcp" - Start the TCP server
|
|
||||||
name="tcpPort" - The port (default: 9092)
|
|
||||||
name="tcpAllowOthers" - Allow other computers to connect
|
|
||||||
name="tcpSSL" - Use encrypted (SSL) connections
|
|
||||||
name="pg" - Start the PG server
|
|
||||||
name="pgPort" - The port (default: 5435)
|
|
||||||
name="pgAllowOthers" - Allow other computers to connect
|
|
||||||
name="trace" - Print additional trace information; for all servers
|
|
||||||
name="baseDir" - The base directory for H2 databases; for all servers
|
|
||||||
-->
|
|
||||||
<!--H2DatabaseConfiguration>
|
|
||||||
<property name="web" />
|
|
||||||
<property name="webPort">8082</property>
|
|
||||||
<property name="webAllowOthers" />
|
|
||||||
<property name="webSSL" />
|
|
||||||
<property name="tcp" />
|
|
||||||
<property name="tcpPort">9092</property>
|
|
||||||
<property name="tcpAllowOthers" />
|
|
||||||
<property name="tcpSSL" />
|
|
||||||
<property name="pg" />
|
|
||||||
<property name="pgPort">5435</property>
|
|
||||||
<property name="pgAllowOthers" />
|
|
||||||
<property name="trace" />
|
|
||||||
<property name="baseDir">${carbon.home}</property>
|
|
||||||
</H2DatabaseConfiguration-->
|
|
||||||
<!--Disabling statistics reporter by default-->
|
|
||||||
<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
|
|
||||||
|
|
||||||
<!-- Enable accessing Admin Console via HTTP -->
|
|
||||||
<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Default Feature Repository of WSO2 Carbon.
|
|
||||||
-->
|
|
||||||
<FeatureRepository>
|
|
||||||
<RepositoryName>default repository</RepositoryName>
|
|
||||||
<RepositoryURL>http://dist.wso2.org/p2/carbon/releases/4.2.0</RepositoryURL>
|
|
||||||
</FeatureRepository>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
Configure API Management
|
|
||||||
-->
|
|
||||||
<APIManagement>
|
|
||||||
|
|
||||||
<!--Uses the embedded API Manager by default. If you want to use an external
|
|
||||||
API Manager instance to manage APIs, configure below externalAPIManager-->
|
|
||||||
|
|
||||||
<Enabled>true</Enabled>
|
|
||||||
|
|
||||||
<!--Uncomment and configure API Gateway and
|
|
||||||
Publisher URLs to use external API Manager instance-->
|
|
||||||
|
|
||||||
<!--ExternalAPIManager>
|
|
||||||
|
|
||||||
<APIGatewayURL>http://localhost:8281</APIGatewayURL>
|
|
||||||
<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
|
|
||||||
|
|
||||||
</ExternalAPIManager-->
|
|
||||||
|
|
||||||
<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
|
|
||||||
</APIManagement>
|
|
||||||
</Server>
|
|
@ -1,164 +0,0 @@
|
|||||||
#
|
|
||||||
# Copyright 2009 WSO2, Inc. (http://wso2.com)
|
|
||||||
#
|
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
# you may not use this file except in compliance with the License.
|
|
||||||
# You may obtain a copy of the License at
|
|
||||||
#
|
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
#
|
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
# See the License for the specific language governing permissions and
|
|
||||||
# limitations under the License.
|
|
||||||
#
|
|
||||||
|
|
||||||
#
|
|
||||||
# This is the log4j configuration file used by WSO2 Carbon
|
|
||||||
#
|
|
||||||
# IMPORTANT : Please do not remove or change the names of any
|
|
||||||
# of the Appenders defined here. The layout pattern & log file
|
|
||||||
# can be changed using the WSO2 Carbon Management Console, and those
|
|
||||||
# settings will override the settings in this file.
|
|
||||||
#
|
|
||||||
|
|
||||||
log4j.rootLogger=INFO, CARBON_CONSOLE, CARBON_LOGFILE, CARBON_MEMORY, CARBON_SYS_LOG
|
|
||||||
|
|
||||||
log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE
|
|
||||||
log4j.logger.org.apache.axis2.wsdl.codegen.writer.PrettyPrinter=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.axis2.clustering=INFO, CARBON_CONSOLE, CARBON_LOGFILE
|
|
||||||
log4j.logger.org.apache=INFO, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.catalina=WARN
|
|
||||||
log4j.logger.org.apache.tomcat=WARN
|
|
||||||
log4j.logger.org.wso2.carbon.apacheds=WARN
|
|
||||||
log4j.logger.org.apache.directory.server.ldap=WARN
|
|
||||||
log4j.logger.org.apache.directory.server.core.event=WARN
|
|
||||||
log4j.logger.com.atomikos=INFO,ATOMIKOS
|
|
||||||
log4j.logger.org.quartz=WARN
|
|
||||||
log4j.logger.org.apache.jackrabbit.webdav=WARN
|
|
||||||
log4j.logger.org.apache.juddi=ERROR
|
|
||||||
log4j.logger.org.apache.commons.digester.Digester=WARN
|
|
||||||
log4j.logger.org.apache.jasper.compiler.TldLocationsCache=WARN
|
|
||||||
log4j.logger.org.apache.qpid=WARN
|
|
||||||
log4j.logger.org.apache.qpid.server.Main=INFO
|
|
||||||
log4j.logger.qpid.message=WARN
|
|
||||||
log4j.logger.qpid.message.broker.listening=INFO
|
|
||||||
log4j.logger.org.apache.tiles=WARN
|
|
||||||
log4j.logger.org.apache.commons.httpclient=ERROR
|
|
||||||
log4j.logger.org.apache.coyote=WARN
|
|
||||||
log4j.logger.org.apache.solr=ERROR
|
|
||||||
log4j.logger.org.infinispan=WARN
|
|
||||||
log4j.logger.org.jgroups=ERROR
|
|
||||||
log4j.logger.me.prettyprint.cassandra.hector.TimingLogger=ERROR
|
|
||||||
log4j.logger.org.wso2=INFO
|
|
||||||
log4j.logger.org.apache.axis2.enterprise=FATAL, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.opensaml.xml=WARN, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.directory.shared.ldap=WARN, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.directory.server.ldap.handlers=WARN, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
#Following are to remove false error messages from startup (IS)
|
|
||||||
log4j.logger.org.apache.directory.shared.ldap.entry.DefaultServerAttribute=FATAL, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.directory.server.core.DefaultDirectoryService=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.directory.shared.ldap.ldif.LdifReader=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
log4j.logger.org.apache.directory.server.core=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
|
||||||
#Hive Related Log configurations
|
|
||||||
log4j.logger.DataNucleus=ERROR
|
|
||||||
log4j.logger.Datastore=ERROR
|
|
||||||
log4j.logger.Datastore.Schema=ERROR
|
|
||||||
log4j.logger.JPOX.Datastore=ERROR
|
|
||||||
log4j.logger.JPOX.Plugin=ERROR
|
|
||||||
log4j.logger.JPOX.MetaData=ERROR
|
|
||||||
log4j.logger.JPOX.Query=ERROR
|
|
||||||
log4j.logger.JPOX.General=ERROR
|
|
||||||
log4j.logger.JPOX.Enhancer=ERROR
|
|
||||||
log4j.logger.org.apache.hadoop.hive=WARN
|
|
||||||
log4j.logger.hive=WARN
|
|
||||||
log4j.logger.ExecMapper=WARN
|
|
||||||
log4j.logger.ExecReducer=WARN
|
|
||||||
log4j.logger.net.sf.ehcache=ERROR
|
|
||||||
|
|
||||||
log4j.logger.trace.messages=TRACE,CARBON_TRACE_LOGFILE
|
|
||||||
|
|
||||||
log4j.additivity.org.apache.axis2.clustering=false
|
|
||||||
log4j.additivity.com.atomikos=false
|
|
||||||
|
|
||||||
# CARBON_CONSOLE is set to be a ConsoleAppender using a PatternLayout.
|
|
||||||
log4j.appender.CARBON_CONSOLE=org.apache.log4j.ConsoleAppender
|
|
||||||
log4j.appender.CARBON_CONSOLE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
|
||||||
# ConversionPattern will be overridden by the configuration setting in the DB
|
|
||||||
log4j.appender.CARBON_CONSOLE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m%n
|
|
||||||
log4j.appender.CARBON_CONSOLE.layout.TenantPattern=%U%@%D[%T]
|
|
||||||
log4j.appender.CARBON_CONSOLE.threshold=DEBUG
|
|
||||||
|
|
||||||
# CARBON_MEMORY is set to be a MemoryAppender using a PatternLayout.
|
|
||||||
log4j.appender.CARBON_MEMORY=org.wso2.carbon.logging.appenders.MemoryAppender
|
|
||||||
log4j.appender.CARBON_MEMORY.layout=org.apache.log4j.PatternLayout
|
|
||||||
log4j.appender.CARBON_MEMORY.bufferSize=200
|
|
||||||
# ConversionPattern will be overridden by the configuration setting in the DB
|
|
||||||
#log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p - %x %m {%c}%n
|
|
||||||
log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p {%c} - %x %m%n
|
|
||||||
log4j.appender.CARBON_MEMORY.threshold=DEBUG
|
|
||||||
|
|
||||||
|
|
||||||
# CARBON_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout.
|
|
||||||
log4j.appender.CARBON_LOGFILE=org.apache.log4j.DailyRollingFileAppender
|
|
||||||
# Log file will be overridden by the configuration setting in the DB
|
|
||||||
# This path should be relative to WSO2 Carbon Home
|
|
||||||
log4j.appender.CARBON_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon${instance.log}.log
|
|
||||||
log4j.appender.CARBON_LOGFILE.Append=true
|
|
||||||
log4j.appender.CARBON_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
|
||||||
# ConversionPattern will be overridden by the configuration setting in the DB
|
|
||||||
log4j.appender.CARBON_LOGFILE.layout.ConversionPattern=TID: [%T] [%S] [%d] %P%5p {%c} - %x %m {%c}%n
|
|
||||||
log4j.appender.CARBON_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
|
|
||||||
log4j.appender.CARBON_LOGFILE.threshold=DEBUG
|
|
||||||
|
|
||||||
log4j.appender.CARBON_SYS_LOG = org.apache.log4j.net.SyslogAppender
|
|
||||||
log4j.appender.CARBON_SYS_LOG.layout=org.apache.log4j.PatternLayout
|
|
||||||
log4j.appender.CARBON_SYS_LOG.layout.ConversionPattern=[%d] %5p {%c} - %x %m {%c}%n
|
|
||||||
log4j.appender.CARBON_SYS_LOG.SyslogHost=localhost
|
|
||||||
log4j.appender.CARBON_SYS_LOG.Facility=USER
|
|
||||||
log4j.appender.CARBON_SYS_LOG.threshold=DEBUG
|
|
||||||
|
|
||||||
# LOGEVENT is set to be a LogEventAppender using a PatternLayout to send logs to LOGEVENT
|
|
||||||
log4j.appender.LOGEVENT=org.wso2.carbon.logging.appender.LogEventAppender
|
|
||||||
log4j.appender.LOGEVENT.url=tcp://10.100.3.103:7611
|
|
||||||
log4j.appender.LOGEVENT.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
|
||||||
log4j.appender.LOGEVENT.columnList=%T,%S,%A,%d,%c,%p,%m,%H,%I,%Stacktrace
|
|
||||||
log4j.appender.LOGEVENT.userName=admin
|
|
||||||
log4j.appender.LOGEVENT.password=admin
|
|
||||||
|
|
||||||
# Appender config to CARBON_TRACE_LOGFILE
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE=org.apache.log4j.DailyRollingFileAppender
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon-trace-messages${instance.log}.log
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE.Append=true
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m {%c}%n
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
|
|
||||||
log4j.appender.CARBON_TRACE_LOGFILE.threshold=TRACE
|
|
||||||
log4j.additivity.trace.messages=false
|
|
||||||
|
|
||||||
# Appender config to AUDIT_LOGFILE
|
|
||||||
log4j.appender.AUDIT_LOGFILE=org.apache.log4j.DailyRollingFileAppender
|
|
||||||
log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log
|
|
||||||
log4j.appender.AUDIT_LOGFILE.Append=true
|
|
||||||
log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
|
||||||
log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p - %x %m %n
|
|
||||||
log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
|
|
||||||
log4j.appender.AUDIT_LOGFILE.threshold=INFO
|
|
||||||
log4j.additivity.AUDIT_LOG=false
|
|
||||||
|
|
||||||
# Appender config to send Atomikos transaction logs to new log file tm.out.
|
|
||||||
log4j.appender.ATOMIKOS = org.apache.log4j.RollingFileAppender
|
|
||||||
log4j.appender.ATOMIKOS.File = repository/logs/tm.out
|
|
||||||
log4j.appender.ATOMIKOS.Append = true
|
|
||||||
log4j.appender.ATOMIKOS.layout = org.apache.log4j.PatternLayout
|
|
||||||
log4j.appender.ATOMIKOS.layout.ConversionPattern=%p %t %c - %m%n
|
|
||||||
|
|
||||||
# This file is used to override the default logger settings, and is used to remove unwanted logs from Shindig appearing on the console.
|
|
||||||
|
|
||||||
# Specification of Handler used by Console Logger
|
|
||||||
handlers=java.util.logging.ConsoleHandler
|
|
||||||
|
|
||||||
# Replacing default INFO level with SEVERE
|
|
||||||
java.util.logging.ConsoleHandler.level=SEVERE
|
|
@ -1,195 +0,0 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
~ Copyright 2005-2011 WSO2, Inc. (http://wso2.com)
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
<wso2registry>
|
|
||||||
|
|
||||||
<!--
|
|
||||||
For details on configuring different config & governance registries see;
|
|
||||||
http://wso2.org/library/tutorials/2010/04/sharing-registry-space-across-multiple-product-instances
|
|
||||||
-->
|
|
||||||
|
|
||||||
<currentDBConfig>wso2registry</currentDBConfig>
|
|
||||||
<readOnly>false</readOnly>
|
|
||||||
<enableCache>true</enableCache>
|
|
||||||
<registryRoot>/</registryRoot>
|
|
||||||
|
|
||||||
<dbConfig name="wso2registry">
|
|
||||||
<dataSource>jdbc/WSO2CarbonDB</dataSource>
|
|
||||||
</dbConfig>
|
|
||||||
|
|
||||||
<!--aspect name="SecondLifeCycle" class="org.wso2.carbon.governance.registry.extensions.aspects.DefaultLifeCycle">
|
|
||||||
<configuration type="literal">
|
|
||||||
<lifecycle>
|
|
||||||
<scxml xmlns="http://www.w3.org/2005/07/scxml"
|
|
||||||
version="1.0"
|
|
||||||
initialstate="Development">
|
|
||||||
<state id="Development">
|
|
||||||
<datamodel>
|
|
||||||
<data name="checkItems">
|
|
||||||
<item name="Code Completed" forEvent="">
|
|
||||||
</item>
|
|
||||||
<item name="WSDL, Schema Created" forEvent="">
|
|
||||||
</item>
|
|
||||||
<item name="QoS Created" forEvent="">
|
|
||||||
</item>
|
|
||||||
</data>
|
|
||||||
</datamodel>
|
|
||||||
<transition event="Promote" target="Tested"/>
|
|
||||||
</state>
|
|
||||||
<state id="Published">
|
|
||||||
<datamodel>
|
|
||||||
<data name="checkItems">
|
|
||||||
<item name="Effective Inspection Completed" forEvent="">
|
|
||||||
</item>
|
|
||||||
<item name="Test Cases Passed" forEvent="">
|
|
||||||
</item>
|
|
||||||
<item name="Smoke Test Passed" forEvent="">
|
|
||||||
</item>
|
|
||||||
</data>
|
|
||||||
</datamodel>
|
|
||||||
<transition event="Promote" target="Production"/>
|
|
||||||
<transition event="Demote" target="Development"/>
|
|
||||||
</state>
|
|
||||||
<state id="Deprecated">
|
|
||||||
<transition event="Demote" target="Tested"/>
|
|
||||||
</state>
|
|
||||||
</scxml>
|
|
||||||
</lifecycle>
|
|
||||||
</configuration>
|
|
||||||
</aspect-->
|
|
||||||
|
|
||||||
<handler class="org.wso2.jaggery.scxml.registry.handlers.JaggeryExecutorHandler" methods="PUT">
|
|
||||||
<filter class="org.wso2.jaggery.scxml.registry.filters.JaggeryExecutorFilter">
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
<handler class="org.wso2.carbon.identity.entitlement.policy.finder.registry.RegistryPolicyHandler">
|
|
||||||
<filter class="org.wso2.carbon.identity.entitlement.policy.finder.registry.RegistryPolicyMediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/xacml-policy+xml</property>
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
|
|
||||||
<!--<aspect name="SampleLifeCycle" class="org.wso2.carbon.governance.registry.extensions.aspects.ChecklistLifeCycle">
|
|
||||||
<configuration type="literal">
|
|
||||||
<lifecycle>
|
|
||||||
<state name="Created" id="Created" location="/environment/created">
|
|
||||||
<checkitem>Condition 1</checkitem>
|
|
||||||
<checkitem>Condition 2</checkitem>
|
|
||||||
</state>
|
|
||||||
<state name="Deprecated" id="Deprecated" location="/environment/deprecated">
|
|
||||||
</state>
|
|
||||||
</lifecycle>
|
|
||||||
</configuration>
|
|
||||||
</aspect>-->
|
|
||||||
|
|
||||||
<!--<handler class="org.wso2.carbon.registry.extensions.handlers.SynapseRepositoryHandler">
|
|
||||||
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/vnd.apache.synapse</property>
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
|
|
||||||
<handler class="org.wso2.carbon.registry.extensions.handlers.SynapseRepositoryHandler">
|
|
||||||
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/vnd.apache.esb</property>
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
|
|
||||||
<handler class="org.wso2.carbon.registry.extensions.handlers.Axis2RepositoryHandler">
|
|
||||||
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/vnd.apache.axis2</property>
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
|
|
||||||
<handler class="org.wso2.carbon.registry.extensions.handlers.Axis2RepositoryHandler">
|
|
||||||
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/vnd.apache.wsas</property>
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
|
|
||||||
<handler class="org.wso2.carbon.registry.extensions.handlers.WSDLMediaTypeHandler">
|
|
||||||
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/wsdl+xml</property>
|
|
||||||
</filter>
|
|
||||||
</handler>
|
|
||||||
|
|
||||||
<handler class="org.wso2.carbon.registry.extensions.handlers.XSDMediaTypeHandler">
|
|
||||||
<filter class="org.wso2.carbon.registry.core.jdbc.handlers.filters.MediaTypeMatcher">
|
|
||||||
<property name="mediaType">application/x-xsd+xml</property>
|
|
||||||
</filter>
|
|
||||||
</handler> -->
|
|
||||||
|
|
||||||
<!--remoteInstance url="https://localhost:9443/registry">
|
|
||||||
<id>instanceid</id>
|
|
||||||
<username>username</username>
|
|
||||||
<password>password</password>
|
|
||||||
</remoteInstance-->
|
|
||||||
|
|
||||||
<!--remoteInstance url="https://localhost:9443/registry">
|
|
||||||
<id>instanceid</id>
|
|
||||||
<dbConfig>wso2registry</dbConfig>
|
|
||||||
<readOnly>false</readOnly>
|
|
||||||
<enableCache>true</enableCache>
|
|
||||||
<registryRoot>/</registryRoot>
|
|
||||||
</remoteInstance-->
|
|
||||||
|
|
||||||
<!--mount path="/_system/config" overwrite="true|false|virtual">
|
|
||||||
<instanceId>instanceid</instanceId>
|
|
||||||
<targetPath>/_system/nodes</targetPath>
|
|
||||||
</mount-->
|
|
||||||
|
|
||||||
<!-- This defines index cofiguration which is used in meta data search feature of the registry -->
|
|
||||||
<indexingConfiguration>
|
|
||||||
<startingDelayInSeconds>30</startingDelayInSeconds>
|
|
||||||
<indexingFrequencyInSeconds>5</indexingFrequencyInSeconds>
|
|
||||||
<!--number of resources submit for given indexing thread -->
|
|
||||||
<batchSize>50</batchSize>
|
|
||||||
<!--number of worker threads for indexing -->
|
|
||||||
<indexerPoolSize>50</indexerPoolSize>
|
|
||||||
<!-- location storing the time the indexing took place-->
|
|
||||||
<lastAccessTimeLocation>/_system/local/repository/components/org.wso2.carbon.registry/indexing/lastaccesstime</lastAccessTimeLocation>
|
|
||||||
<!-- the indexers that implement the indexer interface for a relevant media type/(s) -->
|
|
||||||
<indexers>
|
|
||||||
<!--indexer class="org.wso2.carbon.registry.indexing.indexer.MSExcelIndexer" mediaTypeRegEx="application/vnd.ms-excel"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.MSPowerpointIndexer" mediaTypeRegEx="application/vnd.ms-powerpoint"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.MSWordIndexer" mediaTypeRegEx="application/msword"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.PDFIndexer" mediaTypeRegEx="application/pdf"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.XMLIndexer" mediaTypeRegEx="application/xml"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.XMLIndexer" mediaTypeRegEx="application/(.)+\+xml"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.PlainTextIndexer" mediaTypeRegEx="text/(.)+"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.PlainTextIndexer" mediaTypeRegEx="application/x-javascript"/>
|
|
||||||
<indexer class="org.wso2.carbon.registry.indexing.indexer.PlainTextIndexer" mediaTypeRegEx="application/json"/>
|
|
||||||
<indexer class="org.wso2.carbon.governance.registry.extensions.indexers.RXTIndexer" mediaTypeRegEx="application/vnd.wso2-ebook\+xml" profiles ="default"/>
|
|
||||||
<indexer class="org.wso2.carbon.governance.registry.extensions.indexers.RXTIndexer" mediaTypeRegEx="application/vnd.wso2-gadget\+xml" profiles ="default"/>
|
|
||||||
<indexer class="org.wso2.carbon.governance.registry.extensions.indexers.RXTIndexer" mediaTypeRegEx="application/vnd.wso2-site\+xml" profiles ="default"/-->
|
|
||||||
<indexer class="org.wso2.carbon.governance.registry.extensions.indexers.RXTIndexer" mediaTypeRegEx="application/vnd.(.)+\+xml" profiles ="default"/>
|
|
||||||
|
|
||||||
</indexers>
|
|
||||||
<exclusions>
|
|
||||||
<exclusion pathRegEx="/_system/config/repository/dashboards/gadgets/swfobject1-5/.*[.]html"/>
|
|
||||||
<exclusion pathRegEx="/_system/local/repository/components/org[.]wso2[.]carbon[.]registry/mount/.*"/>
|
|
||||||
</exclusions>
|
|
||||||
</indexingConfiguration>
|
|
||||||
<versionResourcesOnChange>true</versionResourcesOnChange>
|
|
||||||
|
|
||||||
<!-- NOTE: You can edit the options under "StaticConfiguration" only before the
|
|
||||||
startup. -->
|
|
||||||
<staticConfiguration>
|
|
||||||
<versioningProperties>true</versioningProperties>
|
|
||||||
<versioningComments>true</versioningComments>
|
|
||||||
<versioningTags>true</versioningTags>
|
|
||||||
<versioningRatings>true</versioningRatings>
|
|
||||||
</staticConfiguration>
|
|
||||||
</wso2registry>
|
|
@ -1,343 +0,0 @@
|
|||||||
<!--
|
|
||||||
~ Copyright WSO2, Inc. (http://wso2.com)
|
|
||||||
~
|
|
||||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
~ you may not use this file except in compliance with the License.
|
|
||||||
~ You may obtain a copy of the License at
|
|
||||||
~
|
|
||||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
~
|
|
||||||
~ Unless required by applicable law or agreed to in writing, software
|
|
||||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
~ See the License for the specific language governing permissions and
|
|
||||||
~ limitations under the License.
|
|
||||||
-->
|
|
||||||
|
|
||||||
<UserManager>
|
|
||||||
<Realm>
|
|
||||||
<Configuration>
|
|
||||||
<AddAdmin>true</AddAdmin>
|
|
||||||
<AdminRole>admin</AdminRole>
|
|
||||||
<AdminUser>
|
|
||||||
<UserName>admin@admin.com</UserName>
|
|
||||||
<Password>admin</Password>
|
|
||||||
</AdminUser>
|
|
||||||
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
|
|
||||||
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
|
|
||||||
</Configuration>
|
|
||||||
<!-- Following is the default user store manager. This user store manager is based on embedded-apacheds LDAP. It reads/writes users and roles into the default apacheds LDAP user store. Descriptions about each of the following properties can be found in user management documentation of the respective product. In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
|
|
||||||
Note: Do not comment within UserStoreManager tags. Cause, specific tag names are used as tokens when building configurations for products. -->
|
|
||||||
<!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
|
|
||||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
|
|
||||||
<Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
|
|
||||||
<Property name="ConnectionName">uid=admin,ou=system</Property>
|
|
||||||
<Property name="ConnectionPassword">admin</Property>
|
|
||||||
<Property name="Disabled">false</Property>
|
|
||||||
<Property name="passwordHashMethod">SHA</Property>
|
|
||||||
<Property name="UserNameListFilter">(objectClass=person)</Property>
|
|
||||||
<Property name="UserEntryObjectClass">wso2Person</Property>
|
|
||||||
<Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
|
|
||||||
<Property name="UserNameAttribute">uid</Property>
|
|
||||||
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
|
|
||||||
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="ReadGroups">true</Property>
|
|
||||||
<Property name="WriteGroups">true</Property>
|
|
||||||
<Property name="EmptyRolesAllowed">true</Property>
|
|
||||||
<Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="GroupEntryObjectClass">groupOfNames</Property>
|
|
||||||
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="GroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
|
|
||||||
<Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="SharedGroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
|
|
||||||
<Property name="SharedTenantNameAttribute">ou</Property>
|
|
||||||
<Property name="SharedTenantObjectClass">organizationalUnit</Property>
|
|
||||||
<Property name="MembershipAttribute">member</Property>
|
|
||||||
<Property name="UserRolesCacheEnabled">true</Property>
|
|
||||||
<Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="MaxRoleNameListLength">100</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="SCIMEnabled">false</Property>
|
|
||||||
</UserStoreManager-->
|
|
||||||
|
|
||||||
<!-- Following is the configuration for internal JDBC user store. This user store manager is based on JDBC. In case if application needs to manage passwords externally set property <Property name="PasswordsExternallyManaged">true</Property>. In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>. Furthermore properties, IsEmailUserName and DomainCalculation are readonly properties.
|
|
||||||
Note: Do not comment within UserStoreManager tags. Cause, specific tag names are used as tokens when building configurations for products. -->
|
|
||||||
<UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
|
|
||||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property>
|
|
||||||
<Property name="ReadOnly">false</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="IsEmailUserName">false</Property>
|
|
||||||
<Property name="DomainCalculation">default</Property>
|
|
||||||
<Property name="PasswordDigest">SHA-256</Property>
|
|
||||||
<Property name="StoreSaltedPassword">true</Property>
|
|
||||||
<Property name="ReadGroups">true</Property>
|
|
||||||
<Property name="WriteGroups">true</Property>
|
|
||||||
<Property name="UserNameUniqueAcrossTenants">false</Property>
|
|
||||||
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
|
|
||||||
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
|
|
||||||
<Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
|
|
||||||
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="UserRolesCacheEnabled">true</Property>
|
|
||||||
<Property name="MaxRoleNameListLength">100</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="SharedGroupEnabled">false</Property>
|
|
||||||
<Property name="SCIMEnabled">false</Property>
|
|
||||||
</UserStoreManager>
|
|
||||||
|
|
||||||
<!-- If product is using an external LDAP as the user store in READ ONLY mode, use following user manager.
|
|
||||||
In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
|
|
||||||
-->
|
|
||||||
<!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
|
|
||||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
|
|
||||||
<Property name="ReadOnly">true</Property>
|
|
||||||
<Property name="Disabled">false</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="ConnectionURL">ldap://localhost:10389</Property>
|
|
||||||
<Property name="ConnectionName">uid=admin,ou=system</Property>
|
|
||||||
<Property name="ConnectionPassword">admin</Property>
|
|
||||||
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
|
|
||||||
<Property name="UserSearchBase">ou=system</Property>
|
|
||||||
<Property name="UserNameListFilter">(objectClass=person)</Property>
|
|
||||||
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
|
|
||||||
<Property name="UserNameAttribute">uid</Property>
|
|
||||||
<Property name="ReadGroups">true</Property>
|
|
||||||
<Property name="GroupSearchBase">ou=system</Property>
|
|
||||||
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="GroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
|
|
||||||
<Property name="SharedTenantNameAttribute">ou</Property>
|
|
||||||
<Property name="SharedTenantObjectClass">organizationalUnit</Property>
|
|
||||||
<Property name="MembershipAttribute">member</Property>
|
|
||||||
<Property name="UserRolesCacheEnabled">true</Property>
|
|
||||||
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
|
|
||||||
<Property name="MaxRoleNameListLength">100</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="SCIMEnabled">false</Property>
|
|
||||||
</UserStoreManager-->
|
|
||||||
|
|
||||||
<!-- Active directory configuration is as follows.
|
|
||||||
In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
|
|
||||||
There are few special properties for "Active Directory".
|
|
||||||
They are :
|
|
||||||
1.Referral - (comment out this property if this feature is not reuired) This enables LDAP referral support.
|
|
||||||
2.BackLinksEnabled - (Do not comment, set to true or false) In some cases LDAP works with BackLinksEnabled. In which role is stored
|
|
||||||
at user level. Depending on this value we need to change the Search Base within code.
|
|
||||||
3.isADLDSRole - (Do not comment) Set to true if connecting to an AD LDS instance else set to false.
|
|
||||||
-->
|
|
||||||
<!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
|
|
||||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
|
|
||||||
<Property name="defaultRealmName">WSO2.ORG</Property>
|
|
||||||
<Property name="Disabled">false</Property>
|
|
||||||
<Property name="kdcEnabled">false</Property>
|
|
||||||
<Property name="ConnectionURL">ldaps://10.100.1.100:636</Property>
|
|
||||||
<Property name="ConnectionName">CN=admin,CN=Users,DC=WSO2,DC=Com</Property>
|
|
||||||
<Property name="ConnectionPassword">A1b2c3d4</Property>
|
|
||||||
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
|
|
||||||
<Property name="UserSearchBase">CN=Users,DC=WSO2,DC=Com</Property>
|
|
||||||
<Property name="UserEntryObjectClass">user</Property>
|
|
||||||
<Property name="UserNameAttribute">cn</Property>
|
|
||||||
<Property name="isADLDSRole">false</Property>
|
|
||||||
<Property name="userAccountControl">512</Property>
|
|
||||||
<Property name="UserNameListFilter">(objectClass=user)</Property>
|
|
||||||
<Property name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property>
|
|
||||||
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
|
|
||||||
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="ReadGroups">true</Property>
|
|
||||||
<Property name="WriteGroups">true</Property>
|
|
||||||
<Property name="EmptyRolesAllowed">true</Property>
|
|
||||||
<Property name="GroupSearchBase">CN=Users,DC=WSO2,DC=Com</Property>
|
|
||||||
<Property name="GroupEntryObjectClass">group</Property>
|
|
||||||
<Property name="GroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="SharedGroupEntryObjectClass">groups</Property>
|
|
||||||
<Property name="SharedTenantNameListFilter">(object=organizationalUnit)</Property>
|
|
||||||
<Property name="SharedTenantNameAttribute">ou</Property>
|
|
||||||
<Property name="SharedTenantObjectClass">organizationalUnit</Property>
|
|
||||||
<Property name="MembershipAttribute">member</Property>
|
|
||||||
<Property name="GroupNameListFilter">(objectcategory=group)</Property>
|
|
||||||
<Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property>
|
|
||||||
<Property name="UserRolesCacheEnabled">true</Property>
|
|
||||||
<Property name="Referral">follow</Property>
|
|
||||||
<Property name="BackLinksEnabled">true</Property>
|
|
||||||
<Property name="MaxRoleNameListLength">100</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="SCIMEnabled">false</Property>
|
|
||||||
</UserStoreManager-->
|
|
||||||
|
|
||||||
<!-- If product is using an external LDAP as the user store in read/write mode, use following user manager
|
|
||||||
In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
|
|
||||||
-->
|
|
||||||
<!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
|
|
||||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
|
|
||||||
<Property name="ConnectionURL">ldap://localhost:10389</Property>
|
|
||||||
<Property name="Disabled">false</Property>
|
|
||||||
<Property name="ConnectionName">uid=admin,ou=system</Property>
|
|
||||||
<Property name="ConnectionPassword">secret</Property>
|
|
||||||
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
|
|
||||||
<Property name="UserNameListFilter">(objectClass=person)</Property>
|
|
||||||
<Property name="UserEntryObjectClass">inetOrgPerson</Property>
|
|
||||||
<Property name="UserSearchBase">ou=system</Property>
|
|
||||||
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
|
|
||||||
<Property name="UserNameAttribute">uid</Property>
|
|
||||||
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
|
|
||||||
<Property name="ReadGroups">true</Property>
|
|
||||||
<Property name="WriteGroups">true</Property>
|
|
||||||
<Property name="EmptyRolesAllowed">false</Property>
|
|
||||||
<Property name="GroupSearchBase">ou=system</Property>
|
|
||||||
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="GroupEntryObjectClass">groupOfNames</Property>
|
|
||||||
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="GroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
|
|
||||||
<Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="SharedGroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
|
|
||||||
<Property name="SharedTenantNameAttribute">ou</Property>
|
|
||||||
<Property name="SharedTenantObjectClass">organizationalUnit</Property>
|
|
||||||
<Property name="MembershipAttribute">member</Property>
|
|
||||||
<Property name="UserRolesCacheEnabled">true</Property>
|
|
||||||
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
|
|
||||||
<Property name="MaxRoleNameListLength">100</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
<Property name="SCIMEnabled">false</Property>
|
|
||||||
</UserStoreManager-->
|
|
||||||
|
|
||||||
<!-- Following user manager is used by Identity Server (IS) as its default user manager.
|
|
||||||
IS will do token replacement when building the product. Therefore do not change the syntax.
|
|
||||||
If "kdcEnabled" parameter is true, IS will allow service principle management. Thus "ServicePasswordJavaRegEx", "ServiceNameJavaRegEx"
|
|
||||||
properties control the service name format and service password formats.
|
|
||||||
In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
|
|
||||||
-->
|
|
||||||
<!--ISUserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
|
|
||||||
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
|
|
||||||
<Property name="defaultRealmName">WSO2.ORG</Property>
|
|
||||||
<Property name="kdcEnabled">false</Property>
|
|
||||||
<Property name="Disabled">false</Property>
|
|
||||||
<Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
|
|
||||||
<Property name="ConnectionName">uid=admin,ou=system</Property>
|
|
||||||
<Property name="ConnectionPassword">admin</Property>
|
|
||||||
<Property name="passwordHashMethod">SHA</Property>
|
|
||||||
<Property name="UserNameListFilter">(objectClass=person)</Property>
|
|
||||||
<Property name="UserEntryObjectClass">identityPerson</Property>
|
|
||||||
<Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
|
|
||||||
<Property name="UserNameAttribute">uid</Property>
|
|
||||||
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
|
|
||||||
<Property name="ServicePasswordJavaRegEx">^[\\S]{5,30}$</Property>
|
|
||||||
<Property name="ServiceNameJavaRegEx">^[\\S]{2,30}/[\\S]{2,30}$</Property>
|
|
||||||
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
|
|
||||||
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
|
|
||||||
<Property name="ReadGroups">true</Property>
|
|
||||||
<Property name="WriteGroups">true</Property>
|
|
||||||
<Property name="EmptyRolesAllowed">true</Property>
|
|
||||||
<Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="GroupEntryObjectClass">groupOfNames</Property>
|
|
||||||
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="GroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupNameAttribute">cn</Property>
|
|
||||||
<Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="SharedGroupEntryObjectClass">groupOfNames</Property>
|
|
||||||
<Property name="SharedGroupNameListFilter">(objectClass=groupOfNames)</Property>
|
|
||||||
<Property name="SharedGroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
|
|
||||||
<Property name="SharedTenantNameListFilter">(objectClass=organizationalUnit)</Property>
|
|
||||||
<Property name="SharedTenantNameAttribute">ou</Property>
|
|
||||||
<Property name="SharedTenantObjectClass">organizationalUnit</Property>
|
|
||||||
<Property name="MembershipAttribute">member</Property>
|
|
||||||
<Property name="UserRolesCacheEnabled">true</Property>
|
|
||||||
<Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="RoleDNPattern">cn={0},ou=Groups,dc=wso2,dc=org</Property>
|
|
||||||
<Property name="SCIMEnabled">true</Property>
|
|
||||||
<Property name="MaxRoleNameListLength">100</Property>
|
|
||||||
<Property name="MaxUserNameListLength">100</Property>
|
|
||||||
</ISUserStoreManager-->
|
|
||||||
|
|
||||||
<!-- Following configuration is for the CassandraUserStoreManager. The CassandraUserStoreManager is capable of using a Cassandra
|
|
||||||
database as a user store. This user manager supports multiple credentials for authentication. Credential types can be defined
|
|
||||||
and configured in the following configuration. The CassandraUserStoreManager does not ships with the any of the WSO2 Carbon
|
|
||||||
Servers by default, therefor Cassandra user manager component needs to be installed to the Carbon Server befor using.
|
|
||||||
|
|
||||||
And if this CassandraUserStoreManager is used as the primary user store with multi tenants, it should also implement a
|
|
||||||
compatible TenantManager and set property <Property name="TenantManager">FULL_QUALIFIED_TENANT_MANAGER_CLASS_NAME</Property>.
|
|
||||||
-->
|
|
||||||
<!--UserStoreManager class="org.wso2.carbon.user.cassandra.CassandraUserStoreManager">
|
|
||||||
<Property name="Keyspace">User_KS3</Property>
|
|
||||||
<Property name="Host">localhost</Property>
|
|
||||||
<Property name="Port">9160</Property>
|
|
||||||
<Property name="PasswordDigest">SHA-256</Property>
|
|
||||||
<Property name="StoreSaltedPassword">true</Property>
|
|
||||||
<Property name="AuthenticateWithAnyCredential">true</Property>
|
|
||||||
<Property name="DomainName">multipleCredentialUserStoreDomain</Property>
|
|
||||||
<MultipleCredentials>
|
|
||||||
<Credential type="Default">org.wso2.carbon.user.cassandra.credentialtypes.EmailCredential</Credential>
|
|
||||||
<Credential type="Email">org.wso2.carbon.user.cassandra.credentialtypes.EmailCredential</Credential>
|
|
||||||
<Credential type="PhoneNumber">org.wso2.carbon.user.cassandra.credentialtypes.PhoneNumberCredential</Credential>
|
|
||||||
<Credential type="Device">org.wso2.carbon.user.cassandra.credentialtypes.DeviceCredential</Credential>
|
|
||||||
<Credential type="External">org.wso2.carbon.user.cassandra.credentialtypes.ExternalProviderCredential</Credential>
|
|
||||||
</MultipleCredentials>
|
|
||||||
</UserStoreManager-->
|
|
||||||
|
|
||||||
<AuthorizationManager
|
|
||||||
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
|
|
||||||
<Property name="AdminRoleManagementPermissions">/permission</Property>
|
|
||||||
<Property name="AuthorizationCacheEnabled">true</Property>
|
|
||||||
</AuthorizationManager>
|
|
||||||
</Realm>
|
|
||||||
</UserManager>
|
|
||||||
|
|
||||||
<!--*******Description of some of the configuration properties used in user-mgt.xml*********************************
|
|
||||||
|
|
||||||
DomainName - This property must be used by all secondary user store managers in multiple user store configuration.
|
|
||||||
DomainName is a unique identifier given to the user store. Users must provide both the domain name and
|
|
||||||
username at log-in as "DomainName\Username"
|
|
||||||
|
|
||||||
UserRolesCacheEnabled - This is to indicate whether to cache role list of a user. By default it is set to true.
|
|
||||||
You may need to disable it if user-roles are changed by external means and need to reflect
|
|
||||||
those changes in the carbon product immediately.
|
|
||||||
|
|
||||||
ReplaceEscapeCharactersAtUserLogin - This is to configure whether escape characters in user name needs to be replaced at user login.
|
|
||||||
Currently the identified escape characters that needs to be replaced are '\' & '\\'
|
|
||||||
|
|
||||||
UserDNPattern - This property will be used when authenticating users. During authentication we do a bind. But if the user is login with
|
|
||||||
email address or some other property we need to first lookup LDAP and retreive DN for the user. This involves an additional step.
|
|
||||||
If UserDNPattern is specified the DN will be contructed using the pattern specified in this property. Performance of this is much better than looking
|
|
||||||
up DN and binding user.
|
|
||||||
|
|
||||||
RoleDNPattern - This property will be used when checking whether user has been assigned to a given role. Rather than searching the role in search base, by
|
|
||||||
using this property direct search can be done.
|
|
||||||
|
|
||||||
passwordHashMethod - This says how the password should be stored. Allowed values are as follows,
|
|
||||||
SHA - Uses SHA digest method
|
|
||||||
MD5 - Uses MD 5 digest method
|
|
||||||
PLAIN_TEXT - Plain text passwords
|
|
||||||
In addition to above this supports all digest methods supported by http://docs.oracle.com/javase/6/docs/api/java/security/MessageDigest.html.
|
|
||||||
|
|
||||||
DisplayNameAttribute - this is to have a dedicated LDAP attribute to display an entity(User/Role) in UI, in addition to the UserNameAttribute which is used for IS-UserStore interactions.
|
|
||||||
-->
|
|
Loading…
Reference in new issue