配置

CAS web管理系统的配置主要由/etc/cas/config/management.(yml|properties)文件控制。请注意,CAS支持的所有配置策略也同样适用于这里。

命名约定

索引设置

能够接受多个值的配置通常用索引记录,如mgmt.some.setting[0]=value。索引[0]表示由采用者递增,以允许使用不同的多个配置块:

# mgmt.some.setting[0]=value1
# mgmt.some.setting[1]=value2

属性

# mgmt.adminRoles[0]=ROLE_ADMIN
# mgmt.userRoles[0]=ROLE_USER

# mgmt.serverName=https://localhost:8443
# mgmt.defaultLocale=en

# mgmt.authzIpRegex=
# mgmt.authzAttributes[0]=
# mgmt.userPropertiesFile=classpath:user-details.properties

# mgmt.versionControl.servicesRepo=/etc/cas/services-repo
# mgmt.versionControl.enabled=false
# mgmt.versionControl.syncScript=


# mgmt.delegated.enabled=false
# mgmt.delegated.userReposDir=/etc/cas/user-repos
# mgmt.enableDiscoveryEndpointCall=true

译者注:原文中的以上配置有些错误,已在本文改正。

通知

配置键

以下属性适用于上面配置键的通知配置:

# ${configurationKey}.attributeName=mail
# ${configurationKey}.text=
# ${configurationKey}.from=
# ${configurationKey}.subject=
# ${configurationKey}.cc=
# ${configurationKey}.bcc=

LDAP

# mgmt.ldap.ldapUrl = ldap://localhost:389
# mgmt.ldap.bindDn =
# mgmt.ldap.bindCredential =
# mgmt.ldap.useSsl = true

# mgmt.ldap.trustCertificates =
# mgmt.ldap.keystore = 
# mgmt.ldap.keystorePassword
# mgmt.ldap.keystoreType = 

# mgmt.ldap.minPoolSize = 3
# mgmt.ldap.maxPoolSize = 10
# mgmt.ldap.poolPassivator = BIND
# mgmt.ldap.validateOnCheckout = true
# mgmt.ldap.validatePeriodically = true 
# mgmt.ldap.validateTimeout = PT5S
# mgmt.ldap.validatePeriod = PT5M 

# mgmt.ldap.failFast = true
# mgmt.ldap.idleTime = PT10M
# mgmt.ldap.prunePeriod = PT2H
# mgmt.ldap.blockWaitTime = PT3S
# mgmt.ldap.connectionStrategy =
# mgmt.ldap.useStartTls = 
# mgmt.ldap.connectTimeout = PT5S
# mgmt.ldap.responseTimeout = PT5S
# mgmt.ldap.providerClass = 
# mgmt.ldap.allowMultipleDns = false
# mgmt.ldap.saslRealm = 
# mgmt.ldap.saslMechanism = 
# mgmt.ldap.saslAuthorizationId = 
# mgmt.ldap.saslSecurityStrength = 
# mgmt.ldap.saslMutualAuth = 
# mgmt.ldap.saslQualityOfProtection =

LDAP授权

# mgmt.ldap.ldapAuthz.roleAttribute = uugid
# mgmt.ldap.ldapAuthz.rolePrefix = ROLE_
# mgmt.ldap.ldapAuthz.allowMultipleResults
# mgmt.ldap.ldapAuthz.groupAttribute
# mgmt.ldap.ldapAuthz.groupPrefix =
# mgmt.ldap.ldapAuthz.groupFilter
# mgmt.ldap.ldapAuthz.groupBaseDn
# mgmt.ldap.ldapAuthz.baseDn
# mgmt.ldap.ldapAuthz.searchFilter