Keycloak

Форк
0
/
kerberosrealm.json 
91 строка · 3.9 Кб
1
{
2
    "id": "kerberos-demo",
3
    "realm": "kerberos-demo",
4
    "enabled": true,
5
    "sslRequired": "external",
6
    "privateKey": "MIICXAIBAAKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQABAoGAfmO8gVhyBxdqlxmIuglbz8bcjQbhXJLR2EoS8ngTXmN1bo2L90M0mUKSdc7qF10LgETBzqL8jYlQIbt+e6TH8fcEpKCjUlyq0Mf/vVbfZSNaVycY13nTzo27iPyWQHK5NLuJzn1xvxxrUeXI6A2WFpGEBLbHjwpx5WQG9A+2scECQQDvdn9NE75HPTVPxBqsEd2z10TKkl9CZxu10Qby3iQQmWLEJ9LNmy3acvKrE3gMiYNWb6xHPKiIqOR1as7L24aTAkEAtyvQOlCvr5kAjVqrEKXalj0Tzewjweuxc0pskvArTI2Oo070h65GpoIKLc9jf+UA69cRtquwP93aZKtW06U8dQJAF2Y44ks/mK5+eyDqik3koCI08qaC8HYq2wVl7G2QkJ6sbAaILtcvD92ToOvyGyeE0flvmDZxMYlvaZnaQ0lcSQJBAKZU6umJi3/xeEbkJqMfeLclD27XGEFoPeNrmdx0q10Azp4NfJAY+Z8KRyQCR2BEG+oNitBOZ+YXF9KCpH3cdmECQHEigJhYg+ykOvr1aiZUMFT72HU0jnmQe2FVekuG+LJUt2Tm7GtMjTFoGpf0JwrVuZN39fOYAlo+nTixgeW7X8Y=",
7
    "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrVrCuTtArbgaZzL1hvh0xtL5mc7o0NqPVnYXkLvgcwiC3BjLGw1tGEGoJaXDuSaRllobm53JBhjx33UNv+5z/UMG4kytBWxheNVKnL6GgqlNabMaFfPLPCF8kAgKnsi79NMo+n6KnSY8YeUmec/p2vjO2NjsSAVcWEQMVhJ31LwIDAQAB",
8
    "requiredCredentials": [ "password", "kerberos" ],
9
    "defaultRoles": [ "user" ],
10
    "scopeMappings": [
11
        {
12
            "client": "kerberos-app",
13
            "roles": [ "user" ]
14
        }
15
    ],
16
    "clients": [
17
        {
18
            "clientId": "kerberos-app",
19
            "enabled": true,
20
            "baseUrl": "/kerberos-portal",
21
            "redirectUris": [
22
                "/kerberos-portal/*"
23
            ],
24
            "adminUrl": "/kerberos-portal",
25
            "secret": "password",
26
            "protocolMappers": [
27
        		{
28
		        	"protocolMapper" : "oidc-usermodel-property-mapper",
29
			        "protocol" : "openid-connect",
30
			        "name" : "username",
31
			        "config" : {
32
				        "Claim JSON Type" : "String",
33
				        "user.attribute" : "username",
34
				        "claim.name" : "preferred_username",
35
				        "id.token.claim" : "true",
36
				        "access.token.claim" : "true"
37
			        }
38
		        },
39
                {
40
			        "protocolMapper" : "oidc-usersessionmodel-note-mapper",
41
			        "protocol" : "openid-connect",
42
			        "name" : "gss delegation credential",
43
			        "config" : {
44
				        "user.session.note" : "gss_delegation_credential",
45
				        "claim.name" : "gss_delegation_credential",
46
                        "id.token.claim" : "false",
47
                        "access.token.claim" : "true"
48
			        }
49
		        }
50
            ]
51
        }
52
    ],
53
    "roles" : {
54
        "realm" : [
55
            {
56
                "name": "user",
57
                "description": "Have User privileges"
58
            }
59
        ]
60
    },
61
    "userFederationProviders": [
62
        {
63
            "displayName": "kerberos-ldap-provider",
64
            "providerName": "ldap",
65
            "priority": 1,
66
            "fullSyncPeriod": -1,
67
            "changedSyncPeriod": -1,
68
            "config": {
69
                "syncRegistrations" : "false",
70
                "connectionPooling" : "true",
71
                "pagination" : "true",
72
                "allowKerberosAuthentication" : "true",
73
                "debug" : "true",
74
                "editMode" : "WRITABLE",
75
                "vendor" : "other",
76
                "usernameLDAPAttribute" : "uid",
77
                "rdnLDAPAttribute" : "uid",
78
                "uuidLDAPAttribute" : "entryUUID",
79
                "userObjectClasses" : "inetOrgPerson, organizationalPerson",
80
                "connectionUrl" : "ldap://localhost:10389",
81
                "usersDn" : "ou=People,dc=keycloak,dc=org",
82
                "bindDn" : "uid=admin,ou=system",
83
                "bindCredential" : "secret",
84
                "kerberosRealm" : "KEYCLOAK.ORG",
85
                "serverPrincipal" : "HTTP/localhost@KEYCLOAK.ORG",
86
                "useKerberosForPasswordAuthentication": "true",
87
                "keyTab" : "http.keytab"
88
            }
89
        }
90
    ]
91
}
92

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.