Configuration

oxTrust Configuration

This page explains the JSON Configuration under the Configuration Tab in the Configuration menu.

image

oxtrust.properties

image

The following fields are available for edit in the menu.

  • idpBindDn: the admin user of the ldap server
  • baseDN: the base doaim name of oxtrust. The default is o=gluu
  • orgIname:
  • orgSupportEmail: the support email address of the Gluu Server installation

image

  • applianceInum: the INUM of the appliance
  • applianceUrl: the URI of the appliance
  • baseEndpoint:
  • schemaAddObjectClassWithAttributeTypesDefinition: the schema to add various attribute types
  • schemaAddObjectClassWithoutAttributeTypesDefinition: the schema to add various attribute types

personObjectClassTypes

This class holds the relation between the person entry and it's relative object class.

image

  • item 1: inetOrgPerson
  • item 2: gluuPerson

image

  • personCustomObjectClass:

personObjectClassDisplayNames

This class holds the relation betwee the display name of the person and the relative object class.

image

  • item 1: inetOrgPerson
  • item 2: gluuPerson

image

  • schemaAddAttributeDefenition:

contactObjectClassDisplayNames

Items can be added under this class by clicking on the + item button.

image

  • photoRepositoryRootDir: the path to the root directory of photographs
  • photoRepositoryThumbWidth: the thumb with of a photo
  • photoRepositoryThumbheight: sets the thumb height of a photo
  • photoRepositoryCountLevels: the count level per photo repository
  • photoRepositoryCountFoldersPerLevel: he number of folders per level

image

  • authMode: set this tag to basic to use basic authentication or leave it blank to use oxAuth
  • ldifStore: the path to the LDIF store

image

  • shibboleth2IdpRootDir: the root directory for the shibboleth plugin
  • shibboleth2SpConfDir: the configuration directory for the shibboleth plugin

image

  • pokenApplicationSecret:
  • updateAplicanceStatus: the update appliance state for the site. Use true to allow, and false to forbid (default value)
  • svnConfigurationStoreRoot: he root of the SVN configuration store
  • svnConfigurationStorePassword: the password of the SVN configuration store

image

  • keystorePath: the path to the keystore
  • keystorePassword: the password to the keystore
  • allowPersonModification: enables or disables the allowance to modify a person entry. Use true to allow (default value), and false otherwise

image

  • idpUrl: the uri of the OpenID provider that is in use
  • velocityLog: the velocity log filename with path
  • _spMetadataPath:_the path to the Gluu Server metadata
  • logoLocation: the directory name for the images and logos that are used

image

  • idpSecurityKey: the security key of the OpenID provider
  • idpSecurityKeyPassowrd: the security password of the OpenID provider
  • idpSecurityCert: the security certificate of the machine

gluuSpAttributes

Items can be added here by clicking on the + item button.

image

  • configGeneration: this entry controls the automatic generation of the configuration files. Use enable to allow and disable otherwise
  • idpLdapProtocol: the protocol used by the [LDAP][ldap] server
  • idpLdapServer: hostname of the [LDAP][ldap] server with port

image

  • orgInum: the INUM of the organization
  • idpBindDn: the domain name of the OpenID provider
  • idpBindPassowrd: the password for the OpenID provider
  • idpUserFields:
  • gluuSpCert: the certificate name and location of the Gluu Server

image

  • mysqlUrl: the MySql connector as URI
  • mysqlUser: the username for the MySql server
  • mysqlPassword: passowrd for the MySql server
  • shibboleth2FederationRootDir: the root directory for the Shobboleth federation plugin

image

  • cacheRefreshEnabled: the value of the cache refresh mechanism. Use true to enable and false otherwise
  • cacheRefreshIntervalMinutes: the time in minutes counting down to next cache-refresh event
  • caCertsLocation: the keystore to use for downloaded SSL certificates
  • caCertsPassphrase: the password for the caCerts keystore
  • tempCertDir: the temporary location for certificates while certificate update procedure
  • certDir: the locaiton of certificates used in configuration files

image

  • servicesRestartTrigger: the location of the file which will restart the applicance server if deleted
  • persistSVN: the state of persistence in SVN. Use true to enable or false otherwise

image

  • oxAuthAuthorizeUrl: the authorization URI for oxAuth
  • oxAuthTokenUrl: the token URI for oxAuth
  • oxAuthValidateTokenUrl: the URI for oxAuth token validation
  • oxAuthEndSessionUrl: the URI for oxAuth session termination
  • oxAuthLogoutUrl: the URI for logging out of oxAuth
  • oxAuthTokenValidationUrl: the URI for oxAuth token validation

image

  • oxAuthUserInfo: the URI for oxAuth user information
  • oxAuthSectorIdentifierUrl: the URI for oxAuth sector identifier
  • _oxAuthClientId:_the identification number for oxAuth client
  • oxAuthClientPassowrd: the password for oxAuth client
  • oxAuthClientScope: the scope of the oxAuth client
  • loginRedirectUrl: the redirect URI for oxAuth
  • logoutRedirectUrl: the URI for oxAuth

clusteredInums

Items can be added here by clicking on the + item button.

image

  • clientAssociationAttribute: the attribute which identifies the OpenID client
  • oxAuthIssuers: the URI of the issuer authorization server
  • ignoreValidation: the control to check/ignore token validation. Use true to validate or false otherwise

image

  • umaIssuer: the URI of the issuer authorization server
  • umaClientId: the identification of the UMA client
  • umaClientKeyId:
  • umaResourceId:
  • umaScope: the scopes available for this resource

image

  • recaptchaSiteKey:
  • recaptchaSecretKey:
  • cssLocation: the path to the CSS files
  • jsLocation: the path to the JS files
  • repactchUrl: the type for the recaptcha URI attribute