# ------------------------------------------------------------------- # $Id$ # # This is the configuration file for JetspeedSecurity # # Note that strings containing "," (comma) characters must backslash # escape the comma (i.e. '\,') # # ------------------------------------------------------------------- services.JetspeedSecurity.classname=org.apache.jetspeed.services.security.JetspeedDBSecurityService ######################################### # Programmatic Cascade Delete Service # ######################################### services.JetspeedSecurity.programmatic.cascade.delete=true ######################################### # Authentication Service # ######################################### services.PortalAuthentication.classname=@services.PortalAuthentication.classname@ ######################################### # Authorization Service # ######################################### services.PortalAccessController.classname=@services.PortalAccessController.classname@ ######################################### # User Management Service # ######################################### services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement ######################################### # Role Management Service # ######################################### services.RoleManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineRoleManagement services.JetspeedSecurity.role.class=org.apache.jetspeed.om.security.BaseJetspeedRole services.JetspeedSecurity.role.default=user ######################################### # Group Management Service # ######################################### services.GroupManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineGroupManagement services.JetspeedSecurity.group.class=org.apache.jetspeed.om.security.BaseJetspeedGroup ######################################### # Permission Management Service # ######################################### services.PermissionManagement.classname=org.apache.jetspeed.services.security.turbine.TurbinePermissionManagement services.JetspeedSecurity.permission.class=org.apache.jetspeed.om.security.BaseJetspeedPermission # ------------------------------------------------------------------- # # UserManagement Services # # ------------------------------------------------------------------- services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement services.JetspeedSecurity.user.class=org.apache.jetspeed.om.security.BaseJetspeedUser # This is used by the SecurityService to make the password checking # secure. When enabled, passwords are transformed by a one-way # function into a sequence of bytes that is base64 encoded. # It is impossible to guess the plain-text form of the password # from the representation. When user logs in, the entered password # is transformed the same way and then compared with stored value. # # Default: false # services.JetspeedSecurity.secure.passwords=false # # This property lets you choose what digest algorithm will be used # for encrypting passwords. Check documentation of your JRE for # available algorithms. # # Default: SHA # services.JetspeedSecurity.secure.passwords.algorithm=SHA # Role(s) to assign to new user. Multiple Role must be comma separated. services.JetspeedSecurity.newuser.roles=user # Default permission(s) when object have no permissions defined # The follow permissions are define in the default Jetspeed installation: # view, customize, minimize, maximize, close # * = All permissions services.JetspeedSecurity.permission.default.anonymous=view services.JetspeedSecurity.permission.default.loggedin=* # During logon, username and password can be case sensitive or case insensitive # This option configures the logon username and password to be case sensitive or insensitive # if its case insensitive, then "logon.casesensitive.upper" controls whether the username and # password or converted to upper or lower case before passing on to the database services.JetspeedSecurity.caseinsensitive.username=false services.JetspeedSecurity.caseinsensitive.password=false services.JetspeedSecurity.caseinsensitive.upper=true # Auto-Account-Disable Feature services.JetspeedSecurity.logon.auto.disable=false # 3 logon strikes per 300 seconds and your out services.JetspeedSecurity.logon.strike.count=3 services.JetspeedSecurity.logon.strike.interval=300 # dont allow more than 10 over any time period services.JetspeedSecurity.logon.strike.max=10 # anonymous user services.JetspeedSecurity.user.anonymous=anon ######################################### # Action buttons # ######################################### services.JetspeedSecurity.actions.anon.disable=true services.JetspeedSecurity.action.allusers.disable=false