From 2d9df5b0b39c7789634eceb1f3887f233f7810af Mon Sep 17 00:00:00 2001 From: MaxKey Date: Fri, 26 Mar 2021 11:35:36 +0800 Subject: [PATCH] spring.profiles.active --- .../AuthenticationAutoConfiguration.java | 7 +- .../JwtAuthnAutoConfiguration.java | 9 +- .../password/onetimepwd/impl/SmsOtpAuthn.java | 2 +- .../SocialSignOnAutoConfiguration.java | 26 +- .../ApplicationAutoConfiguration.java | 26 +- .../autoconfigure/MvcAutoConfiguration.java | 3 +- .../configuration/ApplicationConfig.java | 17 +- .../org/maxkey/configuration/LoginConfig.java | 18 +- .../maxkey/constants/ConstantsProperties.java | 13 +- .../autoconfigure/CasAutoConfiguration.java | 14 +- .../Oauth20AutoConfiguration.java | 13 +- .../Saml20AutoConfiguration.java | 41 ++- .../main/java/org/maxkey/MaxKeyMgtConfig.java | 4 +- .../src/main/resources/application.properties | 70 ++++++ .../src/main/resources/maxkey.properties | 69 ----- .../main/java/org/maxkey/MaxKeyConfig.java | 27 +- .../main/java/org/maxkey/MaxKeyMvcConfig.java | 8 +- .../resources/application-http.properties | 237 +++++++++++++++++ .../resources/application-https.properties | 237 +++++++++++++++++ .../src/main/resources/maxkey.properties | 238 ------------------ shellscript/start_maxkey.bat | 2 - shellscript/start_maxkey.sh | 1 - shellscript/start_maxkey_mgt.bat | 2 - shellscript/start_maxkey_mgt.sh | 1 - 24 files changed, 660 insertions(+), 425 deletions(-) delete mode 100644 maxkey-web-maxkey/src/main/resources/maxkey.properties diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java index 03c2ce23..0c203b74 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java @@ -61,7 +61,6 @@ import org.maxkey.persistence.db.LoginHistoryService; @Configuration @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) public class AuthenticationAutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(AuthenticationAutoConfiguration.class); @@ -151,8 +150,8 @@ public class AuthenticationAutoConfiguration implements InitializingBean { */ @Bean(name = "remeberMeService") public AbstractRemeberMeService remeberMeService( - @Value("${config.server.persistence}") int persistence, - @Value("${config.login.remeberme.validity}") int validity, + @Value("${maxkey.server.persistence}") int persistence, + @Value("${maxkey.login.remeberme.validity}") int validity, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { return new RemeberMeServiceFactory().getService(persistence, jdbcTemplate, redisConnFactory); @@ -160,7 +159,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean { @Bean(name = "onlineTicketServices") public OnlineTicketServices onlineTicketServices( - @Value("${config.server.persistence}") int persistence, + @Value("${maxkey.server.persistence}") int persistence, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { return new OnlineTicketServicesFactory().getService(persistence, jdbcTemplate, redisConnFactory); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java index 7eeced17..c14f402b 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java @@ -41,7 +41,6 @@ import org.springframework.core.io.ClassPathResource; @Configuration @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) public class JwtAuthnAutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(JwtAuthnAutoConfiguration.class); @@ -52,13 +51,13 @@ public class JwtAuthnAutoConfiguration implements InitializingBean { */ @Bean(name = "oidcProviderMetadata") public OIDCProviderMetadataDetails OIDCProviderMetadataDetails( - @Value("${config.oidc.metadata.issuer}") + @Value("${maxkey.oidc.metadata.issuer}") String issuer, - @Value("${config.oidc.metadata.authorizationEndpoint}") + @Value("${maxkey.oidc.metadata.authorizationEndpoint}") URI authorizationEndpoint, - @Value("${config.oidc.metadata.tokenEndpoint}") + @Value("${maxkey.oidc.metadata.tokenEndpoint}") URI tokenEndpoint, - @Value("${config.oidc.metadata.userinfoEndpoint}") + @Value("${maxkey.oidc.metadata.userinfoEndpoint}") URI userinfoEndpoint) { _logger.debug("RedisConnectionFactory init ."); OIDCProviderMetadataDetails oidcProviderMetadata = new OIDCProviderMetadataDetails(); diff --git a/maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/SmsOtpAuthn.java b/maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/SmsOtpAuthn.java index efa4db45..890036b8 100644 --- a/maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/SmsOtpAuthn.java +++ b/maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/SmsOtpAuthn.java @@ -51,7 +51,7 @@ public class SmsOtpAuthn extends AbstractOtpAuthn { Resource resource = new ClassPathResource( ConstantsProperties.classPathResource( ConstantsProperties.classPathResource( - ConstantsProperties.maxKeyPropertySource))); + ConstantsProperties.applicationPropertySource))); properties = new Properties(); properties.load(resource.getInputStream()); } diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java index 79326c77..4bbd40b3 100644 --- a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java +++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java @@ -29,6 +29,7 @@ import org.maxkey.constants.ConstantsProperties; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; +import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; @@ -42,27 +43,34 @@ import org.springframework.jdbc.core.JdbcTemplate; @ComponentScan(basePackages = { "org.maxkey.authn.support.socialsignon" }) -@PropertySource(ConstantsProperties.maxKeyPropertySource) +@PropertySource(ConstantsProperties.applicationPropertySource) public class SocialSignOnAutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(SocialSignOnAutoConfiguration.class); @Bean(name = "socialSignOnProviderService") @ConditionalOnClass(SocialSignOnProvider.class) - public SocialSignOnProviderService socialSignOnProviderService() throws IOException { + public SocialSignOnProviderService socialSignOnProviderService( + @Value("${spring.profiles.active}")String profilesActive) throws IOException { SocialSignOnProviderService socialSignOnProviderService = new SocialSignOnProviderService(); + _logger.trace("spring.profiles.active " + profilesActive); + Resource resource = new ClassPathResource( - ConstantsProperties.classPathResource(ConstantsProperties.classPathResource(ConstantsProperties.maxKeyPropertySource))); + ConstantsProperties.classPathResource( + ConstantsProperties.classPathResource( + ConstantsProperties.applicationPropertySource, + profilesActive))); + Properties properties = new Properties(); properties.load(resource.getInputStream()); - String [] providerList =properties.get("config.login.socialsignon.providers").toString().split(","); + String [] providerList =properties.get("maxkey.login.socialsignon.providers").toString().split(","); List socialSignOnProviderList = new ArrayList(); for(String provider : providerList) { - String providerName = properties.getProperty("config.socialsignon."+provider+".provider.name"); - String icon=properties.getProperty("config.socialsignon."+provider+".icon"); - String clientId=properties.getProperty("config.socialsignon."+provider+".client.id"); - String clientSecret=properties.getProperty("config.socialsignon."+provider+".client.secret"); - String sortOrder = properties.getProperty("config.socialsignon."+provider+".sortorder"); + String providerName = properties.getProperty("maxkey.socialsignon."+provider+".provider.name"); + String icon=properties.getProperty("maxkey.socialsignon."+provider+".icon"); + String clientId=properties.getProperty("maxkey.socialsignon."+provider+".client.id"); + String clientSecret=properties.getProperty("maxkey.socialsignon."+provider+".client.secret"); + String sortOrder = properties.getProperty("maxkey.socialsignon."+provider+".sortorder"); SocialSignOnProvider socialSignOnProvider = new SocialSignOnProvider(); socialSignOnProvider.setProvider(provider); socialSignOnProvider.setProviderName(providerName); diff --git a/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java b/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java index 145a98a4..712b3e76 100644 --- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java +++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java @@ -56,7 +56,6 @@ import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder; @Configuration @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) public class ApplicationAutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(ApplicationAutoConfiguration.class); @@ -76,19 +75,18 @@ public class ApplicationAutoConfiguration implements InitializingBean { @Bean (name = "propertySourcesPlaceholderConfigurer") public PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() throws IOException { - ClassPathResource classPathResource1 = + ClassPathResource classPathApplicationPropertySource = new ClassPathResource(ConstantsProperties.classPathResource( ConstantsProperties.applicationPropertySource)); - ClassPathResource classPathResource2 = - new ClassPathResource(ConstantsProperties.classPathResource( - ConstantsProperties.maxKeyPropertySource)); + PropertySourcesPlaceholderConfigurer configurer = new PropertySourcesPlaceholderConfigurer(); - configurer.setLocations( + configurer.setLocations(classPathApplicationPropertySource); + /*configurer.setLocations( classPathResource1, classPathResource2 - ); + );*/ configurer.setIgnoreUnresolvablePlaceholders(true); _logger.debug("PropertySourcesPlaceholderConfigurer init"); return configurer; @@ -150,9 +148,9 @@ public class ApplicationAutoConfiguration implements InitializingBean { */ @Bean(name = "keyStoreLoader") public KeyStoreLoader keyStoreLoader( - @Value("${config.saml.v20.idp.issuing.entity.id}") String entityName, - @Value("${config.saml.v20.idp.keystore.password}") String keystorePassword, - @Value("${config.saml.v20.idp.keystore}") Resource keystoreFile) { + @Value("${maxkey.saml.v20.idp.issuing.entity.id}") String entityName, + @Value("${maxkey.saml.v20.idp.keystore.password}") String keystorePassword, + @Value("${maxkey.saml.v20.idp.keystore}") Resource keystoreFile) { KeyStoreLoader keyStoreLoader = new KeyStoreLoader(); keyStoreLoader.setEntityName(entityName); keyStoreLoader.setKeystorePassword(keystorePassword); @@ -166,9 +164,9 @@ public class ApplicationAutoConfiguration implements InitializingBean { */ @Bean(name = "spKeyStoreLoader") public KeyStoreLoader spKeyStoreLoader( - @Value("${config.saml.v20.sp.issuing.entity.id}") String entityName, - @Value("${config.saml.v20.sp.keystore.password}") String keystorePassword, - @Value("${config.saml.v20.sp.keystore}") Resource keystoreFile) { + @Value("${maxkey.saml.v20.sp.issuing.entity.id}") String entityName, + @Value("${maxkey.saml.v20.sp.keystore.password}") String keystorePassword, + @Value("${maxkey.saml.v20.sp.keystore}") Resource keystoreFile) { KeyStoreLoader keyStoreLoader = new KeyStoreLoader(); keyStoreLoader.setEntityName(entityName); keyStoreLoader.setKeystorePassword(keystorePassword); @@ -182,7 +180,7 @@ public class ApplicationAutoConfiguration implements InitializingBean { */ @Bean(name = "spIssuingEntityName") public String spIssuingEntityName( - @Value("${config.saml.v20.sp.issuing.entity.id}") String spIssuingEntityName) { + @Value("${maxkey.saml.v20.sp.issuing.entity.id}") String spIssuingEntityName) { return spIssuingEntityName; } diff --git a/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java b/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java index 5345e0d6..f6f36f8c 100644 --- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java +++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java @@ -58,7 +58,6 @@ import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandl @Configuration @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) public class MvcAutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(MvcAutoConfiguration.class); @@ -68,7 +67,7 @@ public class MvcAutoConfiguration implements InitializingBean { */ @Bean (name = "localeResolver") public CookieLocaleResolver cookieLocaleResolver( - @Value("${config.server.domain:maxkey.top}")String domainName) { + @Value("${maxkey.server.domain:maxkey.top}")String domainName) { _logger.debug("DomainName " + domainName); CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver(); cookieLocaleResolver.setCookieName("maxkey_lang"); diff --git a/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java b/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java index 6b045ddd..55071a81 100644 --- a/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java +++ b/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java @@ -36,7 +36,6 @@ import org.springframework.stereotype.Component; * */ @Component -@PropertySource(ConstantsProperties.maxKeyPropertySource) @PropertySource(ConstantsProperties.applicationPropertySource) public class ApplicationConfig { private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class); @@ -50,22 +49,22 @@ public class ApplicationConfig { @Autowired LoginConfig loginConfig; - @Value("${config.server.basedomain}") + @Value("${maxkey.server.basedomain}") String baseDomainName; - @Value("${config.server.domain}") + @Value("${maxkey.server.domain}") String domainName; - @Value("${config.server.name}") + @Value("${maxkey.server.name}") String serverName; - @Value("${config.server.uri}") + @Value("${maxkey.server.uri}") String serverPrefix; - @Value("${config.server.default.uri}") + @Value("${maxkey.server.default.uri}") String defaultUri; - @Value("${config.server.management.uri}") + @Value("${maxkey.server.management.uri}") String managementUri; @Value("${server.port:8080}") @@ -74,10 +73,10 @@ public class ApplicationConfig { @Value("${server.servlet.session.timeout:1800}") private int sessionTimeout; - @Value("${config.identity.kafkasupport:false}") + @Value("${maxkey.identity.kafkasupport:false}") private boolean kafkaSupport; - @Value("${config.maxkey.uri}") + @Value("${maxkey.maxkey.uri}") private String maxKeyUri; public int getPort() { diff --git a/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java b/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java index c1b10f60..a17c72cc 100644 --- a/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java +++ b/maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java @@ -23,31 +23,31 @@ import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; @Configuration -@PropertySource(ConstantsProperties.maxKeyPropertySource) +@PropertySource(ConstantsProperties.applicationPropertySource) public class LoginConfig { - @Value("${config.login.captcha}") + @Value("${maxkey.login.captcha}") boolean captcha; //验证码类型 text 文本 , arithmetic算术验证码 - @Value("${config.login.captcha.type:text}") + @Value("${maxkey.login.captcha.type:text}") String captchaType; - @Value("${config.login.mfa}") + @Value("${maxkey.login.mfa}") boolean mfa; - @Value("${config.login.socialsignon}") + @Value("${maxkey.login.socialsignon}") boolean socialSignOn; - @Value("${config.login.kerberos}") + @Value("${maxkey.login.kerberos}") boolean kerberos; - @Value("${config.login.remeberme}") + @Value("${maxkey.login.remeberme}") boolean remeberMe; - @Value("${config.login.wsfederation}") + @Value("${maxkey.login.wsfederation}") boolean wsFederation; - @Value("${config.login.default.uri}") + @Value("${maxkey.login.default.uri}") String defaultUri; /** diff --git a/maxkey-core/src/main/java/org/maxkey/constants/ConstantsProperties.java b/maxkey-core/src/main/java/org/maxkey/constants/ConstantsProperties.java index d38ba8f0..a7e5d232 100644 --- a/maxkey-core/src/main/java/org/maxkey/constants/ConstantsProperties.java +++ b/maxkey-core/src/main/java/org/maxkey/constants/ConstantsProperties.java @@ -24,9 +24,6 @@ public class ConstantsProperties { public static final String applicationPropertySource = "classpath:/application.properties"; - public static final String maxKeyPropertySource = - "classpath:/maxkey.properties"; - public static final String kaptchaPropertySource = "classpath:/kaptcha.properties"; @@ -34,8 +31,16 @@ public class ConstantsProperties { return propertySource.replaceAll("classpath:",""); } + public static String classPathResource(String propertySource,String active) { + if(active == null || active.equals("")) { + return propertySource.replaceAll("classpath:",""); + } + return propertySource.replace(".", "-"+active+".").replaceAll("classpath:",""); + } + @Test public void classPathResourceTest() { - System.out.println(classPathResource(maxKeyPropertySource)); + System.out.println(classPathResource(applicationPropertySource)); + System.out.println(classPathResource(applicationPropertySource,"active")); } } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java index b797ca35..78d1acd5 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java @@ -37,7 +37,7 @@ import org.springframework.jdbc.core.JdbcTemplate; @ComponentScan(basePackages = { "org.maxkey.authz.cas.endpoint" }) -@PropertySource(ConstantsProperties.maxKeyPropertySource) +@PropertySource(ConstantsProperties.applicationPropertySource) public class CasAutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(CasAutoConfiguration.class); @@ -49,8 +49,8 @@ public class CasAutoConfiguration implements InitializingBean { */ @Bean(name = "casTicketServices") public TicketServices casTicketServices( - @Value("${config.server.persistence}") int persistence, - @Value("${config.login.remeberme.validity}") int validity, + @Value("${maxkey.server.persistence}") int persistence, + @Value("${maxkey.login.remeberme.validity}") int validity, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { _logger.debug("init casTicketServices."); @@ -65,8 +65,8 @@ public class CasAutoConfiguration implements InitializingBean { */ @Bean(name = "casTicketGrantingTicketServices") public TicketServices casTicketGrantingTicketServices( - @Value("${config.server.persistence}") int persistence, - @Value("${config.login.remeberme.validity}") int validity, + @Value("${maxkey.server.persistence}") int persistence, + @Value("${maxkey.login.remeberme.validity}") int validity, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { _logger.debug("init casTicketGrantingTicketServices."); @@ -75,8 +75,8 @@ public class CasAutoConfiguration implements InitializingBean { @Bean(name = "casProxyGrantingTicketServices") public TicketServices casProxyGrantingTicketServices( - @Value("${config.server.persistence}") int persistence, - @Value("${config.login.remeberme.validity}") int validity, + @Value("${maxkey.server.persistence}") int persistence, + @Value("${maxkey.login.remeberme.validity}") int validity, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { _logger.debug("init casTicketGrantingTicketServices."); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java index e254a674..53fde7b5 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java @@ -71,7 +71,6 @@ import com.nimbusds.jose.JWEAlgorithm; "org.maxkey.authz.oauth2.provider.approval.controller" }) @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) public class Oauth20AutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(Oauth20AutoConfiguration.class); @@ -93,13 +92,13 @@ public class Oauth20AutoConfiguration implements InitializingBean { */ @Bean(name = "oidcProviderMetadata") public OIDCProviderMetadataDetails OIDCProviderMetadataDetails( - @Value("${config.oidc.metadata.issuer}") + @Value("${maxkey.oidc.metadata.issuer}") String issuer, - @Value("${config.oidc.metadata.authorizationEndpoint}") + @Value("${maxkey.oidc.metadata.authorizationEndpoint}") URI authorizationEndpoint, - @Value("${config.oidc.metadata.tokenEndpoint}") + @Value("${maxkey.oidc.metadata.tokenEndpoint}") URI tokenEndpoint, - @Value("${config.oidc.metadata.userinfoEndpoint}") + @Value("${maxkey.oidc.metadata.userinfoEndpoint}") URI userinfoEndpoint) { _logger.debug("OIDCProviderMetadataDetails init ."); OIDCProviderMetadataDetails oidcProviderMetadata = new OIDCProviderMetadataDetails(); @@ -203,7 +202,7 @@ public class Oauth20AutoConfiguration implements InitializingBean { */ @Bean(name = "oauth20AuthorizationCodeServices") public AuthorizationCodeServices oauth20AuthorizationCodeServices( - @Value("${config.server.persistence}") int persistence, + @Value("${maxkey.server.persistence}") int persistence, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { return new AuthorizationCodeServicesFactory().getService(persistence, jdbcTemplate, redisConnFactory); @@ -216,7 +215,7 @@ public class Oauth20AutoConfiguration implements InitializingBean { */ @Bean(name = "oauth20TokenStore") public TokenStore oauth20TokenStore( - @Value("${config.server.persistence}") int persistence, + @Value("${maxkey.server.persistence}") int persistence, JdbcTemplate jdbcTemplate, RedisConnectionFactory redisConnFactory) { diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/autoconfigure/Saml20AutoConfiguration.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/autoconfigure/Saml20AutoConfiguration.java index fb6511f0..24325066 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/autoconfigure/Saml20AutoConfiguration.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/autoconfigure/Saml20AutoConfiguration.java @@ -59,7 +59,6 @@ import org.springframework.ui.velocity.VelocityEngineFactoryBean; "org.maxkey.authz.saml20.metadata.endpoint", }) @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) public class Saml20AutoConfiguration implements InitializingBean { private static final Logger _logger = LoggerFactory.getLogger(Saml20AutoConfiguration.class); @@ -110,7 +109,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "authnResponseGenerator") public AuthnResponseGenerator authnResponseGenerator(TimeService timeService,IDService idService, - @Value("${config.saml.v20.idp.issuer}") String issuerEntityName) { + @Value("${maxkey.saml.v20.idp.issuer}") String issuerEntityName) { AuthnResponseGenerator generator = new AuthnResponseGenerator(issuerEntityName,timeService,idService); return generator; } @@ -121,7 +120,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "issuerEntityName") public String issuerEntityName( - @Value("${config.saml.v20.idp.issuer}") String issuerEntityName) { + @Value("${maxkey.saml.v20.idp.issuer}") String issuerEntityName) { return issuerEntityName; } @@ -131,15 +130,15 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "saml20Metadata") public Saml20Metadata saml20Metadata( - @Value("${config.saml.v20.metadata.orgName}") String orgName, - @Value("${config.saml.v20.metadata.orgDisplayName}") String orgDisplayName, - @Value("${config.saml.v20.metadata.orgURL}") String orgURL, - @Value("${config.saml.v20.metadata.company}") String company, - @Value("${config.saml.v20.metadata.contactType}") String contactType, - @Value("${config.saml.v20.metadata.givenName}") String givenName, - @Value("${config.saml.v20.metadata.surName}") String surName, - @Value("${config.saml.v20.metadata.emailAddress}") String emailAddress, - @Value("${config.saml.v20.metadata.telephoneNumber}") String telephoneNumber) { + @Value("${maxkey.saml.v20.metadata.orgName}") String orgName, + @Value("${maxkey.saml.v20.metadata.orgDisplayName}") String orgDisplayName, + @Value("${maxkey.saml.v20.metadata.orgURL}") String orgURL, + @Value("${maxkey.saml.v20.metadata.company}") String company, + @Value("${maxkey.saml.v20.metadata.contactType}") String contactType, + @Value("${maxkey.saml.v20.metadata.givenName}") String givenName, + @Value("${maxkey.saml.v20.metadata.surName}") String surName, + @Value("${maxkey.saml.v20.metadata.emailAddress}") String emailAddress, + @Value("${maxkey.saml.v20.metadata.telephoneNumber}") String telephoneNumber) { Saml20Metadata metadata = new Saml20Metadata(); metadata.setOrgName(orgName); metadata.setOrgDisplayName(orgDisplayName); @@ -197,7 +196,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "replayCache") public ReplayCache replayCache(MapBasedStorageService mapBasedStorageService, - @Value("${config.saml.v20.replay.cache.life.in.millis}") long duration) { + @Value("${maxkey.saml.v20.replay.cache.life.in.millis}") long duration) { ReplayCache replayCache = new ReplayCache(mapBasedStorageService,duration); return replayCache; } @@ -218,7 +217,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "samlParserPool") public BasicParserPool samlParserPool( - @Value("${config.saml.v20.max.parser.pool.size}") int maxPoolSize) { + @Value("${maxkey.saml.v20.max.parser.pool.size}") int maxPoolSize) { BasicParserPool samlParserPool = new BasicParserPool(); samlParserPool.setMaxPoolSize(maxPoolSize); return samlParserPool; @@ -230,8 +229,8 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "issueInstantRule") public IssueInstantRule issueInstantRule( - @Value("${config.saml.v20.issue.instant.check.clock.skew.in.seconds}") int newClockSkew, - @Value("${config.saml.v20.issue.instant.check.validity.time.in.seconds}") int newExpires) { + @Value("${maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds}") int newClockSkew, + @Value("${maxkey.saml.v20.issue.instant.check.validity.time.in.seconds}") int newExpires) { IssueInstantRule decoder = new IssueInstantRule(newClockSkew,newExpires); decoder.setRequiredRule(true); return decoder; @@ -243,7 +242,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "openHTTPPostSimpleSignDecoder") public OpenHTTPPostSimpleSignDecoder openHTTPPostSimpleSignDecoder(BasicParserPool samlParserPool, - @Value("${config.saml.v20.idp.receiver.endpoint}") String receiverEndpoint) { + @Value("${maxkey.saml.v20.idp.receiver.endpoint}") String receiverEndpoint) { OpenHTTPPostSimpleSignDecoder decoder = new OpenHTTPPostSimpleSignDecoder(samlParserPool); decoder.setReceiverEndpoint(receiverEndpoint); return decoder; @@ -255,7 +254,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "openHTTPPostDecoder") public OpenHTTPPostDecoder openHTTPPostDecoder(BasicParserPool samlParserPool, - @Value("${config.saml.v20.idp.receiver.endpoint}") String receiverEndpoint) { + @Value("${maxkey.saml.v20.idp.receiver.endpoint}") String receiverEndpoint) { OpenHTTPPostDecoder decoder = new OpenHTTPPostDecoder(samlParserPool); decoder.setReceiverEndpoint(receiverEndpoint); return decoder; @@ -267,7 +266,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "openHTTPRedirectDecoder") public OpenHTTPRedirectDecoder openHTTPRedirectDecoder(BasicParserPool samlParserPool, - @Value("${config.saml.v20.idp.receiver.endpoint}") String receiverEndpoint) { + @Value("${maxkey.saml.v20.idp.receiver.endpoint}") String receiverEndpoint) { OpenHTTPRedirectDecoder decoder = new OpenHTTPRedirectDecoder(samlParserPool); decoder.setReceiverEndpoint(receiverEndpoint); return decoder; @@ -308,7 +307,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "postSimpleSignBindingAdapter") public PostSimpleSignBindingAdapter postSimpleSignBindingAdapter(VelocityEngine velocityEngine, - @Value("${config.saml.v20.idp.issuer}") String issuerEntityName) { + @Value("${maxkey.saml.v20.idp.issuer}") String issuerEntityName) { PostSimpleSignBindingAdapter adapter = new PostSimpleSignBindingAdapter(); adapter.setVelocityEngine(velocityEngine); adapter.setIssuerEntityName(issuerEntityName); @@ -321,7 +320,7 @@ public class Saml20AutoConfiguration implements InitializingBean { */ @Bean(name = "postBindingAdapter") public PostBindingAdapter postBindingAdapter(VelocityEngine velocityEngine, - @Value("${config.saml.v20.idp.issuer}") String issuerEntityName) { + @Value("${maxkey.saml.v20.idp.issuer}") String issuerEntityName) { PostBindingAdapter adapter = new PostBindingAdapter(); adapter.setVelocityEngine(velocityEngine); adapter.setIssuerEntityName(issuerEntityName); diff --git a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java index 6f302c47..70006f91 100644 --- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java +++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java @@ -77,7 +77,7 @@ public class MaxKeyMgtConfig implements InitializingBean { */ @Bean(name = "oauth20TokenStore") public TokenStore oauth20TokenStore( - @Value("${config.server.persistence}") int persistence, + @Value("${maxkey.server.persistence}") int persistence, JdbcTemplate jdbcTemplate, RedisConnectionFactory jedisConnectionFactory) { TokenStore tokenStore = null; @@ -149,7 +149,7 @@ public class MaxKeyMgtConfig implements InitializingBean { public Scheduler schedulerJobs( SchedulerFactoryBean schedulerFactoryBean, GroupsService groupsService, - @Value("${config.job.cron.dynamicgroups}") String cronScheduleDynamicGroups + @Value("${maxkey.job.cron.dynamicgroups}") String cronScheduleDynamicGroups ) throws SchedulerException { Scheduler scheduler = schedulerFactoryBean.getScheduler(); diff --git a/maxkey-web-manage/src/main/resources/application.properties b/maxkey-web-manage/src/main/resources/application.properties index 1cd9df9b..1c3d5a87 100644 --- a/maxkey-web-manage/src/main/resources/application.properties +++ b/maxkey-web-manage/src/main/resources/application.properties @@ -101,3 +101,73 @@ management.security.enabled=false #management.endpoints.jmx.exposure.include=health,info management.endpoints.web.exposure.include=metrics,health,info,env,beans +############################################################################ +# domain name configuration +maxkey.server.scheme=http +maxkey.server.basedomain=maxkey.top +maxkey.server.domain=sso.${maxkey.server.basedomain} +maxkey.server.name=${maxkey.server.scheme}://${maxkey.server.domain} +maxkey.server.uri=${maxkey.server.name}:9521/maxkey-mgt +#default.uri +maxkey.server.default.uri=${maxkey.server.uri}/main +maxkey.maxkey.uri=https://${maxkey.server.domain}/maxkey +#InMemory 0 , Redis 2 +maxkey.server.persistence=0 +#identity +maxkey.identity.kafkasupport=false +############################################################################ +# Login configuration +#enable captcha +maxkey.login.captcha=true +#text or arithmetic +maxkey.login.captcha.type=text +#enable two factor,use one time password +maxkey.login.mfa=false +#enable social sign on +maxkey.login.socialsignon=false +#Enable kerberos/SPNEGO +maxkey.login.kerberos=false +#wsFederation +maxkey.login.wsfederation=false +#remeberme +maxkey.login.remeberme=false +#validity +maxkey.login.remeberme.validity=0 +#default.uri +#to appList page +maxkey.login.default.uri=appList + +maxkey.ipaddress.whitelist=false +############################################################################ +# SAML V2.0 configuration +# saml common +maxkey.saml.v20.max.parser.pool.size=2 +maxkey.saml.v20.assertion.validity.time.ins.seconds=90 +maxkey.saml.v20.replay.cache.life.in.millis=14400000 +maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds=90 +maxkey.saml.v20.issue.instant.check.validity.time.in.seconds=300 + +#saml idp keystore +maxkey.saml.v20.idp.keystore.password=maxkey +maxkey.saml.v20.idp.keystore.private.key.password=maxkey +maxkey.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks +#keystore id for sec +maxkey.saml.v20.idp.issuing.entity.id=maxkey.top +maxkey.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml + +maxkey.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/ + +#saml sp keystore +maxkey.saml.v20.sp.keystore.password=maxkey +maxkey.saml.v20.sp.keystore.private.key.password=maxkey +maxkey.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks +maxkey.saml.v20.sp.issuing.entity.id=client.maxkey.org + +############################################################################ +maxkey.oidc.metadata.issuer=https://${maxkey.server.domain}/maxkey +maxkey.oidc.metadata.authorizationEndpoint=${maxkey.server.name}/maxkey/oauth/v20/authorize +maxkey.oidc.metadata.tokenEndpoint=${maxkey.server.name}/maxkey/oauth/v20/token +maxkey.oidc.metadata.userinfoEndpoint=${maxkey.server.name}/maxkey/api/connect/userinfo +############################################################################# +#one hour for refresh dynamic groups +maxkey.job.cron.dynamicgroups=0 0 0/1 * * ? \ No newline at end of file diff --git a/maxkey-web-manage/src/main/resources/maxkey.properties b/maxkey-web-manage/src/main/resources/maxkey.properties index faf9720d..544c3e9a 100644 --- a/maxkey-web-manage/src/main/resources/maxkey.properties +++ b/maxkey-web-manage/src/main/resources/maxkey.properties @@ -1,71 +1,2 @@ ############################################################################ # MaxKey Management -############################################################################ -# domain name configuration -config.server.basedomain=maxkey.top -config.server.domain=sso.${config.server.basedomain} -config.server.name=http://${config.server.domain} -config.server.uri=${config.server.name}:9521/maxkey-mgt -#default.uri -config.server.default.uri=${config.server.uri}/main -config.maxkey.uri=https://${config.server.domain}/maxkey -#InMemory 0 , Redis 2 -config.server.persistence=0 -#identity -config.identity.kafkasupport=false -############################################################################ -# Login configuration -#enable captcha -config.login.captcha=true -#text or arithmetic -config.login.captcha.type=text -#enable two factor,use one time password -config.login.mfa=false -#enable social sign on -config.login.socialsignon=false -#Enable kerberos/SPNEGO -config.login.kerberos=false -#wsFederation -config.login.wsfederation=false -#remeberme -config.login.remeberme=false -#validity -config.login.remeberme.validity=0 -#default.uri -#to appList page -config.login.default.uri=appList - -config.ipaddress.whitelist=false -############################################################################ -# SAML V2.0 configuration -# saml common -config.saml.v20.max.parser.pool.size=2 -config.saml.v20.assertion.validity.time.ins.seconds=90 -config.saml.v20.replay.cache.life.in.millis=14400000 -config.saml.v20.issue.instant.check.clock.skew.in.seconds=90 -config.saml.v20.issue.instant.check.validity.time.in.seconds=300 - -#saml idp keystore -config.saml.v20.idp.keystore.password=maxkey -config.saml.v20.idp.keystore.private.key.password=maxkey -config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks -#keystore id for sec -config.saml.v20.idp.issuing.entity.id=maxkey.top -config.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml - -config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/ - -#saml sp keystore -config.saml.v20.sp.keystore.password=maxkey -config.saml.v20.sp.keystore.private.key.password=maxkey -config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks -config.saml.v20.sp.issuing.entity.id=client.maxkey.org - -############################################################################ -config.oidc.metadata.issuer=https://${config.server.domain}/maxkey -config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize -config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token -config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo -############################################################################# -#one hour for refresh dynamic groups -config.job.cron.dynamicgroups=0 0 0/1 * * ? \ No newline at end of file diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java index 5367ebf2..c8d55a84 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java @@ -60,7 +60,6 @@ import org.springframework.security.crypto.password.PasswordEncoder; @Configuration //@ImportResource(locations = { "classpath:spring/maxkey.xml" }) @PropertySource(ConstantsProperties.applicationPropertySource) -@PropertySource(ConstantsProperties.maxKeyPropertySource) @ComponentScan(basePackages = { "org.maxkey.configuration", "org.maxkey.domain", @@ -84,15 +83,15 @@ public class MaxKeyConfig implements InitializingBean { @Bean(name = "keyUriFormat") public KeyUriFormat keyUriFormat( - @Value("${config.otp.keyuri.format.type:totp}") + @Value("${maxkey.otp.keyuri.format.type:totp}") String keyuriFormatType, - @Value("${config.otp.keyuri.format.domain:MaxKey.top}") + @Value("${maxkey.otp.keyuri.format.domain:MaxKey.top}") String keyuriFormatDomain, - @Value("${config.otp.keyuri.format.issuer:MaxKey}") + @Value("${maxkey.otp.keyuri.format.issuer:MaxKey}") String keyuriFormatIssuer, - @Value("${config.otp.keyuri.format.digits:6}") + @Value("${maxkey.otp.keyuri.format.digits:6}") int keyuriFormatDigits, - @Value("${config.otp.keyuri.format.period:30}") + @Value("${maxkey.otp.keyuri.format.period:30}") int keyuriFormatPeriod) { KeyUriFormat keyUriFormat=new KeyUriFormat(); @@ -174,8 +173,8 @@ public class MaxKeyConfig implements InitializingBean { //default tfaOtpAuthn @Bean(name = "tfaOtpAuthn") public AbstractOtpAuthn tfaOptAuthn( - @Value("${config.login.mfa.type}")String mfaType, - @Value("${config.server.persistence}") int persistence, + @Value("${maxkey.login.mfa.type}")String mfaType, + @Value("${maxkey.server.persistence}") int persistence, MailOtpAuthn tfaMailOtpAuthn, RedisConnectionFactory redisConnFactory) { @@ -222,8 +221,8 @@ public class MaxKeyConfig implements InitializingBean { @Bean(name = "tfaMobileOtpAuthn") public SmsOtpAuthn smsOtpAuthn( - @Value("${config.otp.sms}")String optSmsProvider, - @Value("${config.server.persistence}") int persistence, + @Value("${maxkey.otp.sms}")String optSmsProvider, + @Value("${maxkey.server.persistence}") int persistence, RedisConnectionFactory redisConnFactory) { SmsOtpAuthn smsOtpAuthn = null; if(optSmsProvider.equalsIgnoreCase("SmsOtpAuthnAliyun")) { @@ -246,13 +245,13 @@ public class MaxKeyConfig implements InitializingBean { @Bean(name = "kerberosService") public RemoteKerberosService kerberosService( - @Value("${config.support.kerberos.default.userdomain}") + @Value("${maxkey.support.kerberos.default.userdomain}") String userDomain, - @Value("${config.support.kerberos.default.fulluserdomain}") + @Value("${maxkey.support.kerberos.default.fulluserdomain}") String fullUserDomain, - @Value("${config.support.kerberos.default.crypto}") + @Value("${maxkey.support.kerberos.default.crypto}") String crypto, - @Value("${config.support.kerberos.default.redirecturi}") + @Value("${maxkey.support.kerberos.default.redirecturi}") String redirectUri ) { RemoteKerberosService kerberosService = new RemoteKerberosService(); diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java index 183e888f..f716f11a 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java @@ -45,7 +45,7 @@ import org.springframework.web.servlet.i18n.LocaleChangeInterceptor; @Configuration @EnableWebMvc -@PropertySource(ConstantsProperties.maxKeyPropertySource) +@PropertySource(ConstantsProperties.applicationPropertySource) public class MaxKeyMvcConfig implements WebMvcConfigurer { private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMvcConfig.class); @@ -80,13 +80,13 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer { @Autowired HistoryLoginAppAdapter historyLoginAppAdapter; - @Value("${config.support.httpheader.enable:false}") + @Value("${maxkey.support.httpheader.enable:false}") private boolean httpHeaderEnable; - @Value("${config.support.httpheader.headername:iv-user}") + @Value("${maxkey.support.httpheader.headername:iv-user}") private String httpHeaderName; - @Value("${config.support.basic.enable:false}") + @Value("${maxkey.support.basic.enable:false}") private boolean basicEnable; @Override diff --git a/maxkey-web-maxkey/src/main/resources/application-http.properties b/maxkey-web-maxkey/src/main/resources/application-http.properties index 601ad3a1..504ede8f 100644 --- a/maxkey-web-maxkey/src/main/resources/application-http.properties +++ b/maxkey-web-maxkey/src/main/resources/application-http.properties @@ -115,3 +115,240 @@ management.security.enabled=false #management.endpoints.jmx.exposure.include=health,info management.endpoints.web.exposure.include=metrics,health,info,env + +############################################################################ +# domain name configuration +maxkey.server.scheme=http +maxkey.server.basedomain=maxkey.top +maxkey.server.domain=sso.${config.server.basedomain} +maxkey.server.name=${maxkey.server.scheme}://${maxkey.server.domain} +maxkey.server.uri=${maxkey.server.name}/maxkey +#default.uri +maxkey.server.default.uri=${maxkey.server.uri}/maxkey/appList +maxkey.server.management.uri=${maxkey.server.name}:9521/maxkey-mgt/login +#InMemory 0 , Redis 2 +maxkey.server.persistence=0 +#identity +maxkey.identity.kafkasupport=false + +maxkey.app.issuer=CN=ConSec,CN=COM,CN=SH +############################################################################ +# Login configuration +#enable captcha +maxkey.login.captcha=true +#text or arithmetic +maxkey.login.captcha.type=text +#enable two factor,use one time password +maxkey.login.mfa=true +#TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud +maxkey.login.mfa.type=TimeBasedOtpAuthn +#enable social sign on +maxkey.login.socialsignon=true +#social sign on providers +maxkey.login.socialsignon.providers=gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook +#Enable kerberos/SPNEGO +maxkey.login.kerberos=true +#wsFederation +maxkey.login.wsfederation=false +#remeberme +maxkey.login.remeberme=true +#validity +maxkey.login.remeberme.validity=0 + +#to default application web site +maxkey.login.default.uri=appList + +maxkey.ipaddress.whitelist=false + +#SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud +maxkey.otp.sms=SmsOtpAuthnYunxin + +maxkey.otp.sms.aliyun.accesskeyid=94395d754eb55693043f5d6a2b772ef4 +maxkey.otp.sms.aliyun.accesssecret=05d5485357bc +maxkey.otp.sms.aliyun.templatecode=14860095 +maxkey.otp.sms.aliyun.signname=maxkey + +maxkey.otp.sms.yunxin.appkey=94395d754eb55693043f5d6a2b772ef4 +maxkey.otp.sms.yunxin.appsecret=05d5485357bc +maxkey.otp.sms.yunxin.templateid=14860095 + +maxkey.otp.sms.tencentcloud.secretid=94395d754eb55693043f5d6a2b772ef4 +maxkey.otp.sms.tencentcloud.secretkey=05d5485357bc +maxkey.otp.sms.tencentcloud.smssdkappid=1486220095 +maxkey.otp.sms.tencentcloud.templateid=14860095 +maxkey.otp.sms.tencentcloud.sign=1486009522 + +maxkey.otp.keyuri.format.type=totp +maxkey.otp.keyuri.format.digits=6 +maxkey.otp.keyuri.format.issuer=MaxKey +maxkey.otp.keyuri.format.domain=${maxkey.server.domain} +maxkey.otp.keyuri.format.period=30 + +############################################################################ +# Kerberos Login configuration +############################################################################ +#short name of user domain must be in upper case,eg:MAXKEY +maxkey.support.kerberos.default.userdomain=MAXKEY +#short name of user domain must be in upper case,eg:MAXKEY.ORG +maxkey.support.kerberos.default.fulluserdomain=MAXKEY.ORG +#last 8Bit crypto for Kerberos web Authentication +maxkey.support.kerberos.default.crypto=846KZSzYq56M6d5o +#Kerberos Authentication server RUL +maxkey.support.kerberos.default.redirecturi=http://sso.maxkey.top/kerberos/authn/ +############################################################################ +# HTTPHEADER Login configuration +############################################################################ +maxkey.support.httpheader.enable=false +maxkey.support.httpheader.headername=header-user +# iv-user is for IBM Security Access Manager +#config.httpheader.headername=iv-user + +############################################################################ +# BASIC Login support configuration +############################################################################ + +maxkey.support.basic.enable=false + +############################################################################# +# WsFederation Login support configuration +#identifier: the identifer for the ADFS server +#url: the login url for ADFS +#principal: the name of the attribute/assertion returned by ADFS that contains the principal's username. +#relyingParty: the identifier of the CAS Server as it has been configured in ADFS. +#tolerance: (optional) the amount of drift to allow when validating the timestamp on the token. Default: 10000 (ms) +#attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server +#signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS. +############################################################################ + +maxkey.support.wsfederation.identifier=http://adfs.maxkey.top/adfs/services/trust +maxkey.support.wsfederation.url=https://adfs.maxkey.top/adfs/ls/ +maxkey.support.wsfederation.principal=upn +maxkey.support.wsfederation.relyingParty=urn:federation:connsec +maxkey.support.wsfederation.signingCertificate=adfs-signing.crt +maxkey.support.wsfederation.tolerance=10000 +maxkey.support.wsfederation.upn.suffix=maxkey.org +maxkey.support.wsfederation.logoutUrl=https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0 +############################################################################# + +############################################################################# +# OIDC V1.0 METADATA configuration +maxkey.oidc.metadata.issuer=${maxkey.server.name}/maxkey +maxkey.oidc.metadata.authorizationEndpoint=${maxkey.server.name}/maxkey/oauth/v20/authorize +maxkey.oidc.metadata.tokenEndpoint=${maxkey.server.name}/maxkey/oauth/v20/token +maxkey.oidc.metadata.userinfoEndpoint=${maxkey.server.name}/maxkey/api/connect/userinfo + +############################################################################# +# SAML V2.0 configuration +#saml common +maxkey.saml.v20.max.parser.pool.size=2 +maxkey.saml.v20.assertion.validity.time.ins.seconds=90 +maxkey.saml.v20.replay.cache.life.in.millis=14400000 +maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds=90 +maxkey.saml.v20.issue.instant.check.validity.time.in.seconds=300 + + +#saml idp keystore +maxkey.saml.v20.idp.keystore.password=maxkey +maxkey.saml.v20.idp.keystore.private.key.password=maxkey +maxkey.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks +#keystore id for sec +maxkey.saml.v20.idp.issuing.entity.id=maxkey.top +maxkey.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml + +maxkey.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/ + +#saml sp keystore +maxkey.saml.v20.sp.keystore.password=maxkey +maxkey.saml.v20.sp.keystore.private.key.password=maxkey +maxkey.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks +maxkey.saml.v20.sp.issuing.entity.id=client.maxkey.org + +#Saml v20 METADATA +maxkey.saml.v20.metadata.orgName=MaxKeyTop +maxkey.saml.v20.metadata.orgDisplayName=MaxKeyTop +maxkey.saml.v20.metadata.orgURL=https://www.maxkey.top +maxkey.saml.v20.metadata.contactType=technical +maxkey.saml.v20.metadata.company=MaxKeyTop +maxkey.saml.v20.metadata.givenName=maxkey +maxkey.saml.v20.metadata.surName=maxkey +maxkey.saml.v20.metadata.emailAddress=maxkeysupport@163.com +maxkey.saml.v20.metadata.telephoneNumber=4008981111 + +############################################################################ +# Social Sign On Configuration # +#you config client.id & client.secret only +############################################################################ + +############################################################################ +#gitee +maxkey.socialsignon.gitee.provider=gitee +maxkey.socialsignon.gitee.provider.name=Gitee +maxkey.socialsignon.gitee.icon=images/social/gitee.png +maxkey.socialsignon.gitee.client.id=ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45 +maxkey.socialsignon.gitee.client.secret=d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad +maxkey.socialsignon.gitee.account.id=id +maxkey.socialsignon.gitee.sortorder=1 +#wechat +maxkey.socialsignon.wechatopen.provider=wechatopen +maxkey.socialsignon.wechatopen.provider.name=\u5fae\u4fe1 +maxkey.socialsignon.wechatopen.icon=images/social/wechat.png +maxkey.socialsignon.wechatopen.client.id=ee6fdc484b3398d17e7 +maxkey.socialsignon.wechatopen.client.secret=7a5faccdbad +maxkey.socialsignon.wechatopen.account.id=id +maxkey.socialsignon.wechatopen.sortorder=2 + +#sina weibo +maxkey.socialsignon.sinaweibo.provider=sinaweibo +maxkey.socialsignon.sinaweibo.provider.name=\u65b0\u6d6a\u5fae\u535a +maxkey.socialsignon.sinaweibo.icon=images/social/weibo.png +maxkey.socialsignon.sinaweibo.client.id=3379757634 +maxkey.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba +maxkey.socialsignon.sinaweibo.account.id=id +maxkey.socialsignon.sinaweibo.sortorder=3 + +#Google +maxkey.socialsignon.google.provider=google +maxkey.socialsignon.google.provider.name=Google +maxkey.socialsignon.google.icon=images/social/google.png +maxkey.socialsignon.google.client.id=519914515488.apps.googleusercontent.com +maxkey.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt +maxkey.socialsignon.google.account.id=id +maxkey.socialsignon.google.sortorder=4 + +#dingtalk +maxkey.socialsignon.dingtalk.provider=dingtalk +maxkey.socialsignon.dingtalk.provider.name=dingtalk +maxkey.socialsignon.dingtalk.icon=images/social/dingtalk.png +maxkey.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg +maxkey.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9 +maxkey.socialsignon.dingtalk.account.id=openid +maxkey.socialsignon.dingtalk.sortorder=5 + +#QQ +maxkey.socialsignon.qq.provider=qq +maxkey.socialsignon.qq.provider.name=QQ +maxkey.socialsignon.qq.icon=images/social/qq.png +maxkey.socialsignon.qq.client.id=101225363 +maxkey.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd +maxkey.socialsignon.qq.account.id=openid +maxkey.socialsignon.qq.sortorder=6 + + + +#Microsoft +maxkey.socialsignon.microsoft.provider=microsoft +maxkey.socialsignon.microsoft.provider.name=Microsoft +maxkey.socialsignon.microsoft.icon=images/social/microsoft.png +maxkey.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95 +maxkey.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5 +maxkey.socialsignon.microsoft.account.id=id +maxkey.socialsignon.microsoft.sortorder=7 + +#facebook +maxkey.socialsignon.facebook.provider=facebook +maxkey.socialsignon.facebook.provider.name=facebook +maxkey.socialsignon.facebook.icon=images/social/facebook.png +maxkey.socialsignon.facebook.client.id=appKey +maxkey.socialsignon.facebook.client.secret=appSecret +maxkey.socialsignon.facebook.account.id=id +maxkey.socialsignon.facebook.sortorder=8 diff --git a/maxkey-web-maxkey/src/main/resources/application-https.properties b/maxkey-web-maxkey/src/main/resources/application-https.properties index 6b79b831..7f63ea56 100644 --- a/maxkey-web-maxkey/src/main/resources/application-https.properties +++ b/maxkey-web-maxkey/src/main/resources/application-https.properties @@ -122,3 +122,240 @@ management.security.enabled=false #management.endpoints.jmx.exposure.include=health,info management.endpoints.web.exposure.include=metrics,health,info,env + +############################################################################ +# domain name configuration +maxkey.server.scheme=https +maxkey.server.basedomain=maxkey.top +maxkey.server.domain=sso.${maxkey.server.basedomain} +maxkey.server.name=${maxkey.server.scheme}://${maxkey.server.domain} +maxkey.server.uri=${maxkey.server.name}/maxkey +#default.uri +maxkey.server.default.uri=${maxkey.server.uri}/maxkey/appList +maxkey.server.management.uri=${maxkey.server.name}:9521/maxkey-mgt/login +#InMemory 0 , Redis 2 +maxkey.server.persistence=0 +#identity +maxkey.identity.kafkasupport=false + +maxkey.app.issuer=CN=ConSec,CN=COM,CN=SH +############################################################################ +# Login configuration +#enable captcha +maxkey.login.captcha=true +#text or arithmetic +maxkey.login.captcha.type=text +#enable two factor,use one time password +maxkey.login.mfa=true +#TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud +maxkey.login.mfa.type=TimeBasedOtpAuthn +#enable social sign on +maxkey.login.socialsignon=true +#social sign on providers +maxkey.login.socialsignon.providers=gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook +#Enable kerberos/SPNEGO +maxkey.login.kerberos=true +#wsFederation +maxkey.login.wsfederation=false +#remeberme +maxkey.login.remeberme=true +#validity +maxkey.login.remeberme.validity=0 + +#to default application web site +maxkey.login.default.uri=appList + +maxkey.ipaddress.whitelist=false + +#SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud +maxkey.otp.sms=SmsOtpAuthnYunxin + +maxkey.otp.sms.aliyun.accesskeyid=94395d754eb55693043f5d6a2b772ef4 +maxkey.otp.sms.aliyun.accesssecret=05d5485357bc +maxkey.otp.sms.aliyun.templatecode=14860095 +maxkey.otp.sms.aliyun.signname=maxkey + +maxkey.otp.sms.yunxin.appkey=94395d754eb55693043f5d6a2b772ef4 +maxkey.otp.sms.yunxin.appsecret=05d5485357bc +maxkey.otp.sms.yunxin.templateid=14860095 + +maxkey.otp.sms.tencentcloud.secretid=94395d754eb55693043f5d6a2b772ef4 +maxkey.otp.sms.tencentcloud.secretkey=05d5485357bc +maxkey.otp.sms.tencentcloud.smssdkappid=1486220095 +maxkey.otp.sms.tencentcloud.templateid=14860095 +maxkey.otp.sms.tencentcloud.sign=1486009522 + +maxkey.otp.keyuri.format.type=totp +maxkey.otp.keyuri.format.digits=6 +maxkey.otp.keyuri.format.issuer=MaxKey +maxkey.otp.keyuri.format.domain=${maxkey.server.domain} +maxkey.otp.keyuri.format.period=30 + +############################################################################ +# Kerberos Login configuration +############################################################################ +#short name of user domain must be in upper case,eg:MAXKEY +maxkey.support.kerberos.default.userdomain=MAXKEY +#short name of user domain must be in upper case,eg:MAXKEY.ORG +maxkey.support.kerberos.default.fulluserdomain=MAXKEY.ORG +#last 8Bit crypto for Kerberos web Authentication +maxkey.support.kerberos.default.crypto=846KZSzYq56M6d5o +#Kerberos Authentication server RUL +maxkey.support.kerberos.default.redirecturi=http://sso.maxkey.top/kerberos/authn/ +############################################################################ +# HTTPHEADER Login configuration +############################################################################ +maxkey.support.httpheader.enable=false +maxkey.support.httpheader.headername=header-user +# iv-user is for IBM Security Access Manager +#config.httpheader.headername=iv-user + +############################################################################ +# BASIC Login support configuration +############################################################################ + +maxkey.support.basic.enable=false + +############################################################################# +# WsFederation Login support configuration +#identifier: the identifer for the ADFS server +#url: the login url for ADFS +#principal: the name of the attribute/assertion returned by ADFS that contains the principal's username. +#relyingParty: the identifier of the CAS Server as it has been configured in ADFS. +#tolerance: (optional) the amount of drift to allow when validating the timestamp on the token. Default: 10000 (ms) +#attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server +#signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS. +############################################################################ + +maxkey.support.wsfederation.identifier=http://adfs.maxkey.top/adfs/services/trust +maxkey.support.wsfederation.url=https://adfs.maxkey.top/adfs/ls/ +maxkey.support.wsfederation.principal=upn +maxkey.support.wsfederation.relyingParty=urn:federation:connsec +maxkey.support.wsfederation.signingCertificate=adfs-signing.crt +maxkey.support.wsfederation.tolerance=10000 +maxkey.support.wsfederation.upn.suffix=maxkey.org +maxkey.support.wsfederation.logoutUrl=https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0 +############################################################################# + +############################################################################# +# OIDC V1.0 METADATA configuration +maxkey.oidc.metadata.issuer=${maxkey.server.name}/maxkey +maxkey.oidc.metadata.authorizationEndpoint=${maxkey.server.name}/maxkey/oauth/v20/authorize +maxkey.oidc.metadata.tokenEndpoint=${maxkey.server.name}/maxkey/oauth/v20/token +maxkey.oidc.metadata.userinfoEndpoint=${maxkey.server.name}/maxkey/api/connect/userinfo + +############################################################################# +# SAML V2.0 configuration +#saml common +maxkey.saml.v20.max.parser.pool.size=2 +maxkey.saml.v20.assertion.validity.time.ins.seconds=90 +maxkey.saml.v20.replay.cache.life.in.millis=14400000 +maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds=90 +maxkey.saml.v20.issue.instant.check.validity.time.in.seconds=300 + + +#saml idp keystore +maxkey.saml.v20.idp.keystore.password=maxkey +maxkey.saml.v20.idp.keystore.private.key.password=maxkey +maxkey.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks +#keystore id for sec +maxkey.saml.v20.idp.issuing.entity.id=maxkey.top +maxkey.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml + +maxkey.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/ + +#saml sp keystore +maxkey.saml.v20.sp.keystore.password=maxkey +maxkey.saml.v20.sp.keystore.private.key.password=maxkey +maxkey.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks +maxkey.saml.v20.sp.issuing.entity.id=client.maxkey.org + +#Saml v20 METADATA +maxkey.saml.v20.metadata.orgName=MaxKeyTop +maxkey.saml.v20.metadata.orgDisplayName=MaxKeyTop +maxkey.saml.v20.metadata.orgURL=https://www.maxkey.top +maxkey.saml.v20.metadata.contactType=technical +maxkey.saml.v20.metadata.company=MaxKeyTop +maxkey.saml.v20.metadata.givenName=maxkey +maxkey.saml.v20.metadata.surName=maxkey +maxkey.saml.v20.metadata.emailAddress=maxkeysupport@163.com +maxkey.saml.v20.metadata.telephoneNumber=4008981111 + +############################################################################ +# Social Sign On Configuration # +#you config client.id & client.secret only +############################################################################ + +############################################################################ +#gitee +maxkey.socialsignon.gitee.provider=gitee +maxkey.socialsignon.gitee.provider.name=Gitee +maxkey.socialsignon.gitee.icon=images/social/gitee.png +maxkey.socialsignon.gitee.client.id=ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45 +maxkey.socialsignon.gitee.client.secret=d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad +maxkey.socialsignon.gitee.account.id=id +maxkey.socialsignon.gitee.sortorder=1 +#wechat +maxkey.socialsignon.wechatopen.provider=wechatopen +maxkey.socialsignon.wechatopen.provider.name=\u5fae\u4fe1 +maxkey.socialsignon.wechatopen.icon=images/social/wechat.png +maxkey.socialsignon.wechatopen.client.id=ee6fdc484b3398d17e7 +maxkey.socialsignon.wechatopen.client.secret=7a5faccdbad +maxkey.socialsignon.wechatopen.account.id=id +maxkey.socialsignon.wechatopen.sortorder=2 + +#sina weibo +maxkey.socialsignon.sinaweibo.provider=sinaweibo +maxkey.socialsignon.sinaweibo.provider.name=\u65b0\u6d6a\u5fae\u535a +maxkey.socialsignon.sinaweibo.icon=images/social/weibo.png +maxkey.socialsignon.sinaweibo.client.id=3379757634 +maxkey.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba +maxkey.socialsignon.sinaweibo.account.id=id +maxkey.socialsignon.sinaweibo.sortorder=3 + +#Google +maxkey.socialsignon.google.provider=google +maxkey.socialsignon.google.provider.name=Google +maxkey.socialsignon.google.icon=images/social/google.png +maxkey.socialsignon.google.client.id=519914515488.apps.googleusercontent.com +maxkey.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt +maxkey.socialsignon.google.account.id=id +maxkey.socialsignon.google.sortorder=4 + +#dingtalk +maxkey.socialsignon.dingtalk.provider=dingtalk +maxkey.socialsignon.dingtalk.provider.name=dingtalk +maxkey.socialsignon.dingtalk.icon=images/social/dingtalk.png +maxkey.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg +maxkey.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9 +maxkey.socialsignon.dingtalk.account.id=openid +maxkey.socialsignon.dingtalk.sortorder=5 + +#QQ +maxkey.socialsignon.qq.provider=qq +maxkey.socialsignon.qq.provider.name=QQ +maxkey.socialsignon.qq.icon=images/social/qq.png +maxkey.socialsignon.qq.client.id=101225363 +maxkey.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd +maxkey.socialsignon.qq.account.id=openid +maxkey.socialsignon.qq.sortorder=6 + + + +#Microsoft +maxkey.socialsignon.microsoft.provider=microsoft +maxkey.socialsignon.microsoft.provider.name=Microsoft +maxkey.socialsignon.microsoft.icon=images/social/microsoft.png +maxkey.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95 +maxkey.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5 +maxkey.socialsignon.microsoft.account.id=id +maxkey.socialsignon.microsoft.sortorder=7 + +#facebook +maxkey.socialsignon.facebook.provider=facebook +maxkey.socialsignon.facebook.provider.name=facebook +maxkey.socialsignon.facebook.icon=images/social/facebook.png +maxkey.socialsignon.facebook.client.id=appKey +maxkey.socialsignon.facebook.client.secret=appSecret +maxkey.socialsignon.facebook.account.id=id +maxkey.socialsignon.facebook.sortorder=8 diff --git a/maxkey-web-maxkey/src/main/resources/maxkey.properties b/maxkey-web-maxkey/src/main/resources/maxkey.properties deleted file mode 100644 index 786b61d0..00000000 --- a/maxkey-web-maxkey/src/main/resources/maxkey.properties +++ /dev/null @@ -1,238 +0,0 @@ -############################################################################ -# MaxKey -############################################################################ -# domain name configuration -config.server.scheme=http -config.server.basedomain=maxkey.top -config.server.domain=sso.${config.server.basedomain} -config.server.name=${config.server.scheme}://${config.server.domain} -config.server.uri=${config.server.name}/maxkey -#default.uri -config.server.default.uri=${config.server.uri}/maxkey/appList -config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login -#InMemory 0 , Redis 2 -config.server.persistence=0 -#identity -config.identity.kafkasupport=false - -config.app.issuer=CN=ConSec,CN=COM,CN=SH -############################################################################ -# Login configuration -#enable captcha -config.login.captcha=true -#text or arithmetic -config.login.captcha.type=text -#enable two factor,use one time password -config.login.mfa=true -#TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud -config.login.mfa.type=TimeBasedOtpAuthn -#enable social sign on -config.login.socialsignon=true -#social sign on providers -config.login.socialsignon.providers=gitee,wechatopen,sinaweibo,google,qq,dingtalk,microsoft,facebook -#Enable kerberos/SPNEGO -config.login.kerberos=true -#wsFederation -config.login.wsfederation=false -#remeberme -config.login.remeberme=true -#validity -config.login.remeberme.validity=0 - -#to default application web site -config.login.default.uri=appList - -config.ipaddress.whitelist=false - -#SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud -config.otp.sms=SmsOtpAuthnYunxin - -config.otp.sms.aliyun.accesskeyid=94395d754eb55693043f5d6a2b772ef4 -config.otp.sms.aliyun.accesssecret=05d5485357bc -config.otp.sms.aliyun.templatecode=14860095 -config.otp.sms.aliyun.signname=maxkey - -config.otp.sms.yunxin.appkey=94395d754eb55693043f5d6a2b772ef4 -config.otp.sms.yunxin.appsecret=05d5485357bc -config.otp.sms.yunxin.templateid=14860095 - -config.otp.sms.tencentcloud.secretid=94395d754eb55693043f5d6a2b772ef4 -config.otp.sms.tencentcloud.secretkey=05d5485357bc -config.otp.sms.tencentcloud.smssdkappid=1486220095 -config.otp.sms.tencentcloud.templateid=14860095 -config.otp.sms.tencentcloud.sign=1486009522 - -config.otp.keyuri.format.type=totp -config.otp.keyuri.format.digits=6 -config.otp.keyuri.format.issuer=MaxKey -config.otp.keyuri.format.domain=${config.server.domain} -config.otp.keyuri.format.period=30 - -############################################################################ -# Kerberos Login configuration -############################################################################ -#short name of user domain must be in upper case,eg:MAXKEY -config.support.kerberos.default.userdomain=MAXKEY -#short name of user domain must be in upper case,eg:MAXKEY.ORG -config.support.kerberos.default.fulluserdomain=MAXKEY.ORG -#last 8Bit crypto for Kerberos web Authentication -config.support.kerberos.default.crypto=846KZSzYq56M6d5o -#Kerberos Authentication server RUL -config.support.kerberos.default.redirecturi=http://sso.maxkey.top/kerberos/authn/ -############################################################################ -# HTTPHEADER Login configuration -############################################################################ -config.support.httpheader.enable=false -config.support.httpheader.headername=header-user -# iv-user is for IBM Security Access Manager -#config.httpheader.headername=iv-user - -############################################################################ -# BASIC Login support configuration -############################################################################ - -config.support.basic.enable=false - -############################################################################# -# WsFederation Login support configuration -#identifier: the identifer for the ADFS server -#url: the login url for ADFS -#principal: the name of the attribute/assertion returned by ADFS that contains the principal's username. -#relyingParty: the identifier of the CAS Server as it has been configured in ADFS. -#tolerance: (optional) the amount of drift to allow when validating the timestamp on the token. Default: 10000 (ms) -#attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server -#signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS. -############################################################################ - -config.support.wsfederation.identifier=http://adfs.maxkey.top/adfs/services/trust -config.support.wsfederation.url=https://adfs.maxkey.top/adfs/ls/ -config.support.wsfederation.principal=upn -config.support.wsfederation.relyingParty=urn:federation:connsec -config.support.wsfederation.signingCertificate=adfs-signing.crt -config.support.wsfederation.tolerance=10000 -config.support.wsfederation.upn.suffix=maxkey.org -config.support.wsfederation.logoutUrl=https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0 -############################################################################# - -############################################################################# -# OIDC V1.0 METADATA configuration -config.oidc.metadata.issuer=${config.server.name}/maxkey -config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize -config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token -config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo - -############################################################################# -# SAML V2.0 configuration -#saml common -config.saml.v20.max.parser.pool.size=2 -config.saml.v20.assertion.validity.time.ins.seconds=90 -config.saml.v20.replay.cache.life.in.millis=14400000 -config.saml.v20.issue.instant.check.clock.skew.in.seconds=90 -config.saml.v20.issue.instant.check.validity.time.in.seconds=300 - - -#saml idp keystore -config.saml.v20.idp.keystore.password=maxkey -config.saml.v20.idp.keystore.private.key.password=maxkey -config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks -#keystore id for sec -config.saml.v20.idp.issuing.entity.id=maxkey.top -config.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml - -config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/ - -#saml sp keystore -config.saml.v20.sp.keystore.password=maxkey -config.saml.v20.sp.keystore.private.key.password=maxkey -config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks -config.saml.v20.sp.issuing.entity.id=client.maxkey.org - -#Saml v20 METADATA -config.saml.v20.metadata.orgName=MaxKeyTop -config.saml.v20.metadata.orgDisplayName=MaxKeyTop -config.saml.v20.metadata.orgURL=https://www.maxkey.top -config.saml.v20.metadata.contactType=technical -config.saml.v20.metadata.company=MaxKeyTop -config.saml.v20.metadata.givenName=maxkey -config.saml.v20.metadata.surName=maxkey -config.saml.v20.metadata.emailAddress=maxkeysupport@163.com -config.saml.v20.metadata.telephoneNumber=4008981111 - -############################################################################ -# Social Sign On Configuration # -#you config client.id & client.secret only -############################################################################ - -############################################################################ -#gitee -config.socialsignon.gitee.provider=gitee -config.socialsignon.gitee.provider.name=Gitee -config.socialsignon.gitee.icon=images/social/gitee.png -config.socialsignon.gitee.client.id=ee6fdc484b3398d17e77d6ff37fd8b9fe502106398c7b22bf5522d3c01303f45 -config.socialsignon.gitee.client.secret=d6c3558f295f044df538c966a9084166f9a877c7a7392543184007a5faccdbad -config.socialsignon.gitee.account.id=id -config.socialsignon.gitee.sortorder=1 -#wechat -config.socialsignon.wechatopen.provider=wechatopen -config.socialsignon.wechatopen.provider.name=\u5fae\u4fe1 -config.socialsignon.wechatopen.icon=images/social/wechat.png -config.socialsignon.wechatopen.client.id=ee6fdc484b3398d17e7 -config.socialsignon.wechatopen.client.secret=7a5faccdbad -config.socialsignon.wechatopen.account.id=id -config.socialsignon.wechatopen.sortorder=2 - -#sina weibo -config.socialsignon.sinaweibo.provider=sinaweibo -config.socialsignon.sinaweibo.provider.name=\u65b0\u6d6a\u5fae\u535a -config.socialsignon.sinaweibo.icon=images/social/weibo.png -config.socialsignon.sinaweibo.client.id=3379757634 -config.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba -config.socialsignon.sinaweibo.account.id=id -config.socialsignon.sinaweibo.sortorder=3 - -#Google -config.socialsignon.google.provider=google -config.socialsignon.google.provider.name=Google -config.socialsignon.google.icon=images/social/google.png -config.socialsignon.google.client.id=519914515488.apps.googleusercontent.com -config.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt -config.socialsignon.google.account.id=id -config.socialsignon.google.sortorder=4 - -#dingtalk -config.socialsignon.dingtalk.provider=dingtalk -config.socialsignon.dingtalk.provider.name=dingtalk -config.socialsignon.dingtalk.icon=images/social/dingtalk.png -config.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg -config.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9 -config.socialsignon.dingtalk.account.id=openid -config.socialsignon.dingtalk.sortorder=5 - -#QQ -config.socialsignon.qq.provider=qq -config.socialsignon.qq.provider.name=QQ -config.socialsignon.qq.icon=images/social/qq.png -config.socialsignon.qq.client.id=101225363 -config.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd -config.socialsignon.qq.account.id=openid -config.socialsignon.qq.sortorder=6 - - - -#Microsoft -config.socialsignon.microsoft.provider=microsoft -config.socialsignon.microsoft.provider.name=Microsoft -config.socialsignon.microsoft.icon=images/social/microsoft.png -config.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95 -config.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5 -config.socialsignon.microsoft.account.id=id -config.socialsignon.microsoft.sortorder=7 - -#facebook -config.socialsignon.facebook.provider=facebook -config.socialsignon.facebook.provider.name=facebook -config.socialsignon.facebook.icon=images/social/facebook.png -config.socialsignon.facebook.client.id=appKey -config.socialsignon.facebook.client.secret=appSecret -config.socialsignon.facebook.account.id=id -config.socialsignon.facebook.sortorder=8 diff --git a/shellscript/start_maxkey.bat b/shellscript/start_maxkey.bat index 60afda2c..9686ee49 100644 --- a/shellscript/start_maxkey.bat +++ b/shellscript/start_maxkey.bat @@ -46,8 +46,6 @@ echo JAVA_HOME = %JAVA_HOME% echo JAVA = %JAVA_EXEC% echo JAVA = %JAVA_MAINCLASS% echo. -%JAVA_EXEC% -version -echo. echo =============================================================================== echo. diff --git a/shellscript/start_maxkey.sh b/shellscript/start_maxkey.sh index 9499afd2..e66e7007 100644 --- a/shellscript/start_maxkey.sh +++ b/shellscript/start_maxkey.sh @@ -40,7 +40,6 @@ echo JAVA_CONF : $JAVA_CONF echo JAVA_OPTS : $JAVA_OPTS echo JAVA_HOME : $JAVA_HOME echo JAVA : $JAVA_EXEC} -${JAVA_EXEC} -version echo "" echo "-------------------------------------------------------------------------------" echo "" diff --git a/shellscript/start_maxkey_mgt.bat b/shellscript/start_maxkey_mgt.bat index 16c5c4d3..67a29069 100644 --- a/shellscript/start_maxkey_mgt.bat +++ b/shellscript/start_maxkey_mgt.bat @@ -46,8 +46,6 @@ echo JAVA_HOME = %JAVA_HOME% echo JAVA = %JAVA_EXEC% echo JAVA = %JAVA_MAINCLASS% echo. -%JAVA_EXEC% -version -echo. echo =============================================================================== echo. diff --git a/shellscript/start_maxkey_mgt.sh b/shellscript/start_maxkey_mgt.sh index 31bc0f75..b081bf7f 100644 --- a/shellscript/start_maxkey_mgt.sh +++ b/shellscript/start_maxkey_mgt.sh @@ -40,7 +40,6 @@ echo JAVA_CONF : $JAVA_CONF echo JAVA_OPTS : $JAVA_OPTS echo JAVA_HOME : $JAVA_HOME echo JAVA : $JAVA_EXEC} -${JAVA_EXEC} -version echo "" echo "-------------------------------------------------------------------------------" echo ""