diff -r 000000000000 -r 1afc9d2ab94d authserver/casserver/simple-cas4-overlay-template/etc/cas.properties --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/authserver/casserver/simple-cas4-overlay-template/etc/cas.properties Wed Apr 01 15:31:12 2015 +0200 @@ -0,0 +1,108 @@ +# +# Licensed to Jasig under one or more contributor license +# agreements. See the NOTICE file distributed with this work +# for additional information regarding copyright ownership. +# Jasig licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a +# copy of the License at the following location: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +server.name=http://localhost:8080 +server.prefix=${server.name}/cas +# IP address or CIDR subnet allowed to access the /status URI of CAS that exposes health check information +cas.securityContext.status.allowedSubnet=127.0.0.1 + + +cas.themeResolver.defaultThemeName=cas-theme-default +cas.viewResolver.basename=default_views + +## +# Unique CAS node name +# host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific +# hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster. +host.name=cas01.example.org + +## +# Database flavors for Hibernate +# +# One of these is needed if you are storing Services or Tickets in an RDBMS via JPA. +# +# database.hibernate.dialect=org.hibernate.dialect.OracleDialect +# database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect +# database.hibernate.dialect=org.hibernate.dialect.HSQLDialect + +## +# CAS Logout Behavior +# WEB-INF/cas-servlet.xml +# +# Specify whether CAS should redirect to the specified service parameter on /logout requests +cas.logout.followServiceRedirects=true + +## +# Single Sign-On Session Timeouts +# Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml +# +# Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage +# tgt.maxTimeToLiveInSeconds=28800 +# +# Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests +# for STs occur within timeToKillInSeconds +# tgt.timeToKillInSeconds=7200 + +## +# Service Ticket Timeout +# Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml +# +# Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to +# increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools +# st.timeToKillInSeconds=10 + +## +# Single Logout Out Callbacks +# Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml +# +# To turn off all back channel SLO requests set slo.disabled to true +# slo.callbacks.disabled=false + +## +# Service Registry Periodic Reloading Scheduler +# Default sourced from WEB-INF/spring-configuration/applicationContext.xml +# +# Force a startup delay of 2 minutes. +# service.registry.quartz.reloader.startDelay=120000 +# +# Reload services every 2 minutes +# service.registry.quartz.reloader.repeatInterval=120000 + +## +# Log4j +# Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml: +# +# It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades. +# e.g. log4j.config.location=/etc/cas/log4j.xml +log4j.config.location=/etc/cas/log4j.xml +# +log4j refresh interval in millis +log4j.refresh.interval=60000 + +## +# Password Policy +# +# Warn all users of expiration date regardless of warningDays value. +password.policy.warnAll=false + +# Threshold number of days to begin displaying password expiration warnings. +password.policy.warningDays=30 + +# URL to which the user will be redirected to change the passsword. +password.policy.url=https://password.example.edu/change