diff options
Diffstat (limited to 'conf-from-container/conf/authn/password-authn-config.xml')
| -rw-r--r-- | conf-from-container/conf/authn/password-authn-config.xml | 121 |
1 files changed, 0 insertions, 121 deletions
diff --git a/conf-from-container/conf/authn/password-authn-config.xml b/conf-from-container/conf/authn/password-authn-config.xml deleted file mode 100644 index f27051b..0000000 --- a/conf-from-container/conf/authn/password-authn-config.xml +++ /dev/null @@ -1,121 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans" - xmlns:context="http://www.springframework.org/schema/context" - xmlns:util="http://www.springframework.org/schema/util" - xmlns:p="http://www.springframework.org/schema/p" - xmlns:c="http://www.springframework.org/schema/c" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd - http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd" - - default-init-method="initialize" - default-destroy-method="destroy"> - - <!-- Choose an import based on the back-end you want to use. --> - <!-- <import resource="jaas-authn-config.xml" /> --> - <!-- <import resource="krb5-authn-config.xml" /> --> - <import resource="ldap-authn-config.xml" /> - - - <!-- Names of form fields to pull username and password from. --> - <bean id="shibboleth.authn.Password.UsernameFieldName" class="java.lang.String" c:_0="j_username" /> - <bean id="shibboleth.authn.Password.PasswordFieldName" class="java.lang.String" c:_0="j_password" /> - <bean id="shibboleth.authn.Password.SSOBypassFieldName" class="java.lang.String" c:_0="donotcache" /> - - <!-- Simple transforms to apply to username before validation. --> - <util:constant id="shibboleth.authn.Password.Lowercase" static-field="java.lang.Boolean.FALSE"/> - <util:constant id="shibboleth.authn.Password.Uppercase" static-field="java.lang.Boolean.FALSE"/> - <util:constant id="shibboleth.authn.Password.Trim" static-field="java.lang.Boolean.TRUE"/> - - <!-- Set to TRUE if you want the password kept in the resulting Subject as a private credential. --> - <util:constant id="shibboleth.authn.Password.RetainAsPrivateCredential" static-field="java.lang.Boolean.FALSE"/> - - <!-- Apply any regular expression replacement pairs to username before validation. --> - <util:list id="shibboleth.authn.Password.Transforms"> - <!-- - <bean parent="shibboleth.Pair" p:first="^(.+)@example\.edu$" p:second="$1" /> - --> - </util:list> - - <!-- Uncomment to configure account lockout backed by in-memory storage. --> - <!-- - <bean id="shibboleth.authn.Password.AccountLockoutManager" - parent="shibboleth.StorageBackedAccountLockoutManager" - p:maxAttempts="5" - p:counterInterval="PT5M" - p:lockoutDuration="PT5M" - p:extendLockoutDuration="false" /> - --> - - <!-- - Define entries here to map error messages detected by validation actions and classify them as particular - kinds of errors for use in your templates and as events in flows. - - Keys are events to signal, values are error codes. - --> - <util:map id="shibboleth.authn.Password.ClassifiedMessageMap"> - <entry key="UnknownUsername"> - <list> - <value>NoCredentials</value> - <value>CLIENT_NOT_FOUND</value> - <value>Client not found</value> - <value>DN_RESOLUTION_FAILURE</value> - </list> - </entry> - <entry key="InvalidPassword"> - <list> - <value>InvalidCredentials</value> - <value>PREAUTH_FAILED</value> - <value>INVALID_CREDENTIALS</value> - <value>Checksum failed</value> - </list> - </entry> - <entry key="AccountLocked"> - <list> - <value>AccountLocked</value> - <value>Clients credentials have been revoked</value> - </list> - </entry> - <entry key="ExpiredPassword"> - <list> - <value>PASSWORD_EXPIRED</value> - </list> - </entry> - <entry key="ExpiringPassword"> - <list> - <value>ACCOUNT_WARNING</value> - </list> - </entry> - </util:map> - - <!-- - Configuration of "extended" login methods to offer in the password login form. - - The String bean is a regular expression identifying the flows to offer. These flows - must also be enabled at the "top" level to be available for use. - - The ExtendedFlowParameters bean can be used to transfer custom parameters from the - login form into the context tree for use later by other flows. - - The last bean provides the set of custom Principals to use for results produced by the - Password flow itself. You would use this if you need the Password flow to run as a shell - to run the "extended" login methods, but want to limit its own results more narrowly. - --> - <!-- - <bean id="shibboleth.authn.Password.ExtendedFlows" class="java.lang.String" c:_0="" /> - - <util:list id="shibboleth.authn.Password.ExtendedFlowParameters"> - </util:list> - - <util:list id="shibboleth.authn.Password.PrincipalOverride"> - <bean parent="shibboleth.SAML2AuthnContextClassRef" - c:classRef="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" /> - <bean parent="shibboleth.SAML2AuthnContextClassRef" - c:classRef="urn:oasis:names:tc:SAML:2.0:ac:classes:Password" /> - <bean parent="shibboleth.SAML1AuthenticationMethod" - c:method="urn:oasis:names:tc:SAML:1.0:am:password" /> - </util:list> - --> - -</beans> |