# # Licensed to Jasig under one or more contributor license # agreements. See the NOTICE file distributed with this work # for additional information regarding copyright ownership. # Jasig licenses this file to you under the Apache License, # Version 2.0 (the "License"); you may not use this file # except in compliance with the License. You may obtain a # copy of the License at the following location: # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # ## # Services Management Web UI Security server.name=http://localhost:8080 server.prefix=${server.name}/cas cas.securityContext.serviceProperties.service=${server.prefix}/services/j_acegi_cas_security_check # Names of roles allowed to access the CAS service manager cas.securityContext.serviceProperties.adminRoles=ROLE_ADMIN cas.securityContext.casProcessingFilterEntryPoint.loginUrl=${server.prefix}/login cas.securityContext.ticketValidator.casServerUrlPrefix=${server.prefix} # IP address or CIDR subnet allowed to access the /status URI of CAS that exposes health check information cas.securityContext.status.allowedSubnet=127.0.0.1 cas.themeResolver.defaultThemeName=cas-theme-default cas.viewResolver.basename=default_views ## # Unique CAS node name # host.name is used to generate unique Service Ticket IDs and SAMLArtifacts. This is usually set to the specific # hostname of the machine running the CAS node, but it could be any label so long as it is unique in the cluster. host.name=cas01.example.org ## # Database flavors for Hibernate # # One of these is needed if you are storing Services or Tickets in an RDBMS via JPA. # # database.hibernate.dialect=org.hibernate.dialect.OracleDialect # database.hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect # database.hibernate.dialect=org.hibernate.dialect.HSQLDialect ## # CAS Logout Behavior # WEB-INF/cas-servlet.xml # # Specify whether CAS should redirect to the specifyed service parameter on /logout requests # cas.logout.followServiceRedirects=false ## # Single Sign-On Session Timeouts # Defaults sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Maximum session timeout - TGT will expire in maxTimeToLiveInSeconds regardless of usage # tgt.maxTimeToLiveInSeconds=28800 # # Idle session timeout - TGT will expire sooner than maxTimeToLiveInSeconds if no further requests # for STs occur within timeToKillInSeconds # tgt.timeToKillInSeconds=7200 ## # Service Ticket Timeout # Default sourced from WEB-INF/spring-configuration/ticketExpirationPolices.xml # # Service Ticket timeout - typically kept short as a control against replay attacks, default is 10s. You'll want to # increase this timeout if you are manually testing service ticket creation/validation via tamperdata or similar tools # st.timeToKillInSeconds=10 ## # Single Logout Out Callbacks # Default sourced from WEB-INF/spring-configuration/argumentExtractorsConfiguration.xml # # To turn off all back channel SLO requests set slo.disabled to true # slo.callbacks.disabled=false ## # Service Registry Periodic Reloading Scheduler # Default sourced from WEB-INF/spring-configuration/applicationContext.xml # # Force a startup delay of 2 minutes. # service.registry.quartz.reloader.startDelay=120000 # # Reload services every 2 minutes # service.registry.quartz.reloader.repeatInterval=120000 ## # Log4j # Default sourced from WEB-INF/spring-configuration/log4jConfiguration.xml: # # It is often time helpful to externalize log4j.xml to a system path to preserve settings between upgrades. # e.g. log4j.config.location=/etc/cas/log4j.xml # log4j.config.location=classpath:log4j.xml # # log4j refresh interval in millis # log4j.refresh.interval=60000