Required properties
For hibernate (database). The database dialect and the default behaviour (values: validate (checks if the database schema is correct), update (update the schema based on Java entity classes), create (creates on every start a new database and drop the old one)). The recommended setting here is “update” for development and validate for production. With validate in production the fastlane will throw an error if the database is not correct. If you want to set up a new database, you can set this flag on update/create, but you should set it to validate after.
#Hibernate Configuration:
hibernate.dialect=org.hibernate.dialect.H2Dialect
hibernate.hbm2ddl.auto=update
You cant use the old XMLConfiguration. So you have to define the passwordPolicy in the properties file.
The following values are the default values, so if you want to use this values, you dont have to specify them.
#define the hashfunctiontype. If null bcrypt is used.
passwordPolicy.hashFunctionType=bcrypt
#The following properties are self-explaining
passwordPolicy.minLength=8
passwordPolicy.maxLength=16
passwordPolicy.whitespaceAllowed=false
passwordPolicy.nrOfReqDigits=1
passwordPolicy.nrOfReqLowerCase=1
passwordPolicy.nrOfReqUpperCase=1
passwordPolicy.nrOfReqNoAlphabetic=1
passwordPolicy.nrOfRegCharacteristics=3
passwordPolicy.nrOfOldForbiddenPasswords=5
passwordPolicy.alphabeticalSequenceAllowed=false
passwordPolicy.maxAlphabeticalSequence=3
passwordPolicy.numericalSequenceAllowed=false
passwordPolicy.maxNumericalSequence=3
passwordPolicy.quertySequenceAllowed=false
passwordPolicy.useDictionary=true
passwordPolicy.maxDictionaryWordLength=6
passwordPolicy.dictionaryPath=src/main/resources/dictionary/mlang/german.txt
passwordPolicy.doesPasswordExpire=true
passwordPolicy.passwordExpirationPeriod=1 6 0
passwordPolicy.areFailedLoginTriesLimited=false
passwordPolicy.maxFailedLoginTries=0
passwordPolicy.useSalt=false
#default null so wrong passwords wont be validated again, with another hash-Algorithm
passwordPolicy.updateOldHashes=
#if true, the password will be validated again, with some legacy hash algorithms
passwordPolicy.allowLegacyHash=false
#if useSalt is true and saltlength is less than 32, 32 will be used as saltlength
passwordPolicy.saltLength=0
#only used if usesalt is true.
passwordPolicy.saveSaltWithDelimiter=true
#only used if usesalt is true.
passwordPolicy.saveHashAlgorithmToPassword=true
Specific properties
SAML
If you want to use SAML, you have to specify the following properties.
samlServiceProvider.startPageUrl=http://localhost:39000/nli/indexDemo1.6.html#/dashboard/
samlServiceProvider.logoutPageUrl=http://localhost:39000/nli/indexDemo1.6.html#/loginRegistration/
samlServiceProvider.idpMetafileLocation=config/saml/saml-idp-metadata.xml
samlServiceProvider.spMetafileLocation=config/saml/saml-sp-metadata.xml
samlServiceProvider.spKeystorePath=config/saml/keystore.jks
samlServiceProvider.spKeystorePass=testStorePW
samlServiceProvider.spLogoutRequestNamedFormat=
samlServiceProvider.spCredentialPass=testPW
samlServiceProvider.spCredentialAlias=samlclient
#if true, the query params request, SigAlg ang Signature will be set
#if false only the request param will be put into the query params
samlServiceProvider.useSignatureQueryParam:true
LDAP as userstorage
In addition to some settings in the applicationContext.xml, you have to define the attribute names, which will be mapped later to the default User-Object.
You have to define the ou-Value too.
ldap.ouValue=scientists
ldap.attributeName.username=uid
ldap.attributeName.password=password
ldap.attributeName.firstName=firstname
ldap.attributeName.lastName=sn
ldap.attributeName.email=mail
ldap.attributeName.organization=organization
ldap.attributeName.state=state
ldap.attributeName.passwordExpires=passwordexpires
ldap.attributeName.passwordExpirationDate=passwordexpirationdate
ldap.attributeName.lastSuccessLogin=lastsuccesslogin
ldap.attributeName.lastTriedLogin=lasttriedlogin
ldap.attributeName.numberOfFailedLogin=numberoffailedlogin
ldap.attributeName.userType=user-type