source: branches/TaskRewrite/src/plugins/acegi-0.5.1/grails-app/conf/DefaultSecurityConfig.groovy @ 58

Last change on this file since 58 was 58, checked in by gav, 15 years ago

Configure BootStrap? with latest concepts.
Install and setup Acegi plugin with custom views.
Test Fixture plugin in a test app but couldn't get it to work with Acegi encodePassword() so gave up.
File size: 5.7 KB
Line 
1security {
2
3        /** enable Spring Security or not */
4        active = false
5
6        /** login user class fields (default user class = Person)*/
7        loginUserDomainClass = 'Person'
8        userName = 'username'
9        password = 'passwd'
10        enabled = 'enabled'
11        relationalAuthorities = 'authorities'
12        //you can specify method for to retrieve the roles. (you need to set relationalAuthorities=null)
13        getAuthoritiesMethod = null // 'getMoreAuthorities'
14
15        /**
16         * Authority domain class authority field name
17         * authorityFieldInList
18         */
19        authorityDomainClass = 'Authority'
20        authorityField = 'authority'
21
22        /** authenticationProcessingFilter */
23        authenticationFailureUrl = '/login/authfail?login_error=1'
24        ajaxAuthenticationFailureUrl = '/login/authfail?ajax=true'
25        defaultTargetUrl = '/'
26        alwaysUseDefaultTargetUrl = false
27        filterProcessesUrl = '/j_spring_security_check'
28
29        /** anonymousProcessingFilter */
30        key = 'foo'
31        userAttribute = 'anonymousUser,ROLE_ANONYMOUS'
32
33        /** authenticationEntryPoint */
34        loginFormUrl = '/login/auth'
35        forceHttps = 'false'
36        ajaxLoginFormUrl = '/login/authAjax'
37
38        /** logoutFilter */
39        afterLogoutUrl = '/'
40
41        /** accessDeniedHandler
42         *  set errorPage to null, if you want to get error code 403 (FORBIDDEN).
43         */
44        errorPage = '/login/denied'
45        ajaxErrorPage = '/login/deniedAjax'
46        ajaxHeader = 'X-Requested-With'
47
48        /** passwordEncoder */
49        //The digest algorithm to use.
50        //Supports the named Message Digest Algorithms in the Java environment.
51        //http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#AppA
52        algorithm = 'SHA' // Ex. MD5 SHA
53        //use Base64 text ( true or false )
54        encodeHashAsBase64 = false
55
56        /** rememberMeServices */
57        cookieName = 'grails_remember_me'
58        alwaysRemember = false
59        tokenValiditySeconds = 1209600 //14 days
60        parameter = '_spring_security_remember_me'
61        rememberMeKey = 'grailsRocks'
62
63        /** LoggerListener
64         * ( add 'log4j.logger.org.springframework.security=info,stdout'
65         * to log4j.*.properties to see logs )
66         */
67        useLogger = false
68
69        /** use RequestMap from DomainClass */
70        useRequestMapDomainClass = true
71
72        /** Requestmap domain class (if useRequestMapDomainClass = true) */
73        requestMapClass = 'Requestmap'
74        requestMapPathField = 'url'
75        requestMapConfigAttributeField = 'configAttribute'
76
77        /** use annotations from Controllers to define security rules */
78        useControllerAnnotations = false
79        controllerAnnotationsMatcher = 'ant' // or 'regex'
80        controllerAnnotationsMatchesLowercase = true
81        controllerAnnotationStaticRules = [:]
82        controllerAnnotationsRejectIfNoRule = false
83
84        /**
85         * if useRequestMapDomainClass is false, set request map pattern in string
86         * see example below
87         */
88        requestMapString = """
89                CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
90                PATTERN_TYPE_APACHE_ANT
91
92                /login/**=IS_AUTHENTICATED_ANONYMOUSLY
93                /admin/**=ROLE_USER
94                /book/test/**=IS_AUTHENTICATED_FULLY
95                /book/**=ROLE_SUPERVISOR
96                /**=IS_AUTHENTICATED_ANONYMOUSLY
97        """
98
99        // basic auth
100        realmName = 'Grails Realm'
101
102        /** use basicProcessingFilter */
103        basicProcessingFilter = false
104        /** use switchUserProcessingFilter */
105        switchUserProcessingFilter = false
106        swswitchUserUrl = '/j_spring_security_switch_user'
107        swexitUserUrl = '/j_spring_security_exit_user'
108        swtargetUrl = '/'
109
110        /**use email notification while registration*/
111        useMail = false
112        mailHost = 'localhost'
113        mailUsername = 'user@localhost'
114        mailPassword = 'sungod'
115        mailProtocol = 'smtp'
116        mailFrom = 'user@localhost'
117        mailPort = 25
118
119        /** default user's role for user registration */
120        defaultRole = 'ROLE_USER'
121
122        // OpenId
123        useOpenId = false
124        openIdNonceMaxSeconds = 300 // max time between auth start and end
125
126        // LDAP/ActiveDirectory
127        useLdap = false
128        ldapRetrieveGroupRoles = true
129        ldapRetrieveDatabaseRoles = false
130        ldapSearchSubtree = true
131        ldapGroupRoleAttribute = 'cn'
132        ldapPasswordAttributeName = 'userPassword'
133        ldapServer = 'ldap://localhost:389' // 'ldap://ad.example.com', 'ldap://monkeymachine:389/dc=acegisecurity,dc=org'
134        ldapManagerDn = 'cn=admin,dc=example,dc=com'
135        ldapManagerPassword = 'secret'
136        ldapSearchBase = 'dc=example,dc=com' // 'ou=users,dc=example,dc=com'
137        ldapSearchFilter = '(uid={0})' //, '(mailNickname={0})'
138        ldapGroupSearchBase = 'ou=groups,dc=example,dc=com'
139        ldapGroupSearchFilter = 'uniquemember={0}'
140        ldapUsePassword = true
141
142        // Kerberos
143        useKerberos = false
144        kerberosLoginConfigFile = 'WEB-INF/jaas.conf'
145        kerberosRealm = 'KERBEROS.REALM'
146        kerberosKdc = 'krbserver.domain.lan'
147        kerberosRetrieveDatabaseRoles = true
148
149        // HttpSessionEventPublisher
150        useHttpSessionEventPublisher = false
151
152        // user caching
153        cacheUsers = true
154
155        // CAS
156        useCAS = false
157        cas.casServer = 'localhost'
158        cas.casServerPort = '443'
159        cas.casServerSecure = true
160        cas.localhostSecure = true
161        cas.failureURL = '/denied.jsp'
162        cas.defaultTargetURL = '/'
163        cas.fullLoginURL = 'https://localhost:443/cas/login'
164        cas.fullServiceURL = 'https://localhost:443/cas'
165        cas.authenticationProviderKey = 'cas_key_changeme'
166        cas.userDetailsService = 'userDetailsService'
167        cas.sendRenew = false
168        cas.proxyReceptorUrl = '/secure/receptor'
169        cas.filterProcessesUrl = '/j_spring_cas_security_check'
170
171        // NTLM
172        useNtlm = false
173        ntlm.stripDomain = true
174        ntlm.retryOnAuthFailure = true
175        ntlm.forceIdentification = false
176        ntlm.defaultDomain = null // set in SecurityConfig.groovy
177        ntlm.netbiosWINS = null // set in SecurityConfig.groovy
178
179        // port mappings
180        httpPort = 8080
181        httpsPort = 8443
182
183        // secure channel filter (http/https)
184        secureChannelDefinitionSource = ''
185        channelConfig = [secure: [], insecure: []]
186
187        // ip restriction filter
188        ipRestrictions = [:]
189
190        // Facebook Connect
191        useFacebook = false
192        facebook.filterProcessesUrl = '/j_spring_facebook_security_check'
193        facebook.authenticationUrlRoot = 'http://www.facebook.com/login.php?v=1.0&api_key='
194        facebook.apiKey = '' // set in SecurityConfig
195        facebook.secretKey = '' // set in SecurityConfig
196}
Note: See TracBrowser for help on using the repository browser.