#

# Licensed to Jasig under one or more contributor license

# agreements. See the NOTICE file distributed with this work

# for additional information regarding copyright ownership.

# Jasig licenses this file to you under the Apache License,

# Version 2.0 (the "License"); you may not use this file

# except in compliance with the License.  You may obtain a

# copy of the License at the following location:

#

#   http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing,

# software distributed under the License is distributed on an

# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

# KIND, either express or implied.  See the License for the

# specific language governing permissions and limitations

# under the License.

#

server.name=http://localhost:8080

server.prefix=${server.name}/cas

# IP address or CIDR subnet allowed to access the /status URI of CAS that exposes health check information

cas.securityContext.status.allowedSubnet=127.0.0.1

cas.themeResolver.defaultThemeName=cas-theme-default

cas.viewResolver.basename=default_views

##

# Unique CAS node name

# host.name is used to generate unique Service Ticket IDs and SAMLArtifacts.  This is usually set to the specific

# hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster.

host.name=cas01.example.org

##

# Database flavors for Hibernate

#

# One of these is needed if you are storing Services or Tickets in an RDBMS via JPA.

#

# database.hibernate.dialect=org.hibernate.dialect.OracleDialect

# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect

# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect

##

# CAS Logout Behavior

# WEB-INF/cas-servlet.xml

#

# Specify whether CAS should redirect to the specified service parameter on /logout requests

cas.logout.followServiceRedirects=true

##

# Single Sign-On Session Timeouts

# Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml

#

# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage

# tgt.maxTimeToLiveInSeconds=28800

#

# Idle session timeout -  TGT will expire sooner than maxTimeToLiveInSeconds if no further requests

# for STs occur within timeToKillInSeconds

# tgt.timeToKillInSeconds=7200

##

# Service Ticket Timeout

# Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml

#

# Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s.  You'll want to

# increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools

# st.timeToKillInSeconds=10

##

# Single Logout Out Callbacks

# Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml

#

# To turn off all back channel SLO requests set slo.disabled to true

# slo.callbacks.disabled=false

##

# Service Registry Periodic Reloading Scheduler

# Default sourced from WEB-INF/spring-configuration/applicationContext.xml

#

# Force a startup delay of 2 minutes.

# service.registry.quartz.reloader.startDelay=120000

#

# Reload services every 2 minutes

# service.registry.quartz.reloader.repeatInterval=120000

##

# Log4j

# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml:

#

# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades.

# e.g. log4j.config.location=/etc/cas/log4j.xml

log4j.config.location=/etc/cas/log4j.xml

#

log4j refresh interval in millis

log4j.refresh.interval=60000

##

# Password Policy

#

# Warn all users of expiration date regardless of warningDays value.

password.policy.warnAll=false

# Threshold number of days to begin displaying password expiration warnings.

password.policy.warningDays=30

# URL to which the user will be redirected to change the passsword.

password.policy.url=https://password.example.edu/change