margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 1 | ## index dir |
margaretha | cfea1ae | 2018-01-15 20:27:26 +0100 | [diff] [blame] | 2 | krill.indexDir = ../sample-index |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 3 | |
| 4 | krill.index.commit.count = 134217000 |
| 5 | krill.index.commit.log = log/krill.commit.log |
| 6 | krill.index.commit.auto = 500 |
| 7 | krill.index.relations.max = 100 |
| 8 | |
margaretha | 56e8e55 | 2017-12-05 16:31:21 +0100 | [diff] [blame] | 9 | #LDAP |
| 10 | ldap.config = file-path-to-ldap-config |
| 11 | |
| 12 | # Kustvakt |
margaretha | 56e8e55 | 2017-12-05 16:31:21 +0100 | [diff] [blame] | 13 | ## server |
| 14 | server.port=8089 |
| 15 | server.host=localhost |
| 16 | |
margaretha | a86b141 | 2018-02-21 20:40:35 +0100 | [diff] [blame] | 17 | ## mail settings |
| 18 | mail.enabled = false |
| 19 | mail.receiver = test@localhost |
| 20 | mail.sender = noreply@ids-mannheim.de |
margaretha | 7d0165c | 2018-02-26 15:31:37 +0100 | [diff] [blame] | 21 | mail.address.retrieval = test |
margaretha | a86b141 | 2018-02-21 20:40:35 +0100 | [diff] [blame] | 22 | |
| 23 | ## mail.templates |
| 24 | template.group.invitation = notification.vm |
| 25 | |
margaretha | 56e8e55 | 2017-12-05 16:31:21 +0100 | [diff] [blame] | 26 | ## default layers |
margaretha | 6fca729 | 2018-03-13 13:19:00 +0100 | [diff] [blame] | 27 | default.layer.partOfSpeech = tt |
| 28 | default.layer.lemma = tt |
| 29 | default.layer.orthography = opennlp |
| 30 | default.layer.dependency = mate |
| 31 | default.layer.constituent = corenlp |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 32 | |
margaretha | 2c019fa | 2018-02-01 19:50:51 +0100 | [diff] [blame] | 33 | ## delete configuration (default hard) |
| 34 | # delete.auto.group = hard |
| 35 | delete.group = soft |
| 36 | delete.group.member = soft |
| 37 | |
margaretha | 56e8e55 | 2017-12-05 16:31:21 +0100 | [diff] [blame] | 38 | ## availability regex |
margaretha | dfecb4b | 2017-12-12 19:32:30 +0100 | [diff] [blame] | 39 | ## only support | |
margaretha | c38c856 | 2017-11-21 19:02:08 +0100 | [diff] [blame] | 40 | availability.regex.free = CC-BY.* |
margaretha | ad618d2 | 2017-12-11 19:58:49 +0100 | [diff] [blame] | 41 | availability.regex.public = ACA.* | QAO-NC |
margaretha | c38c856 | 2017-11-21 19:02:08 +0100 | [diff] [blame] | 42 | availability.regex.all = QAO.* |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 43 | |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 44 | ## options referring to the security module! |
| 45 | |
margaretha | 9c78e1a | 2018-06-27 14:12:35 +0200 | [diff] [blame] | 46 | ## OAuth |
margaretha | 6374f72 | 2018-04-17 18:45:57 +0200 | [diff] [blame] | 47 | ### (see de.ids_mannheim.korap.constant.AuthenticationMethod for possible |
| 48 | ### oauth.password.authentication values) |
margaretha | 9c78e1a | 2018-06-27 14:12:35 +0200 | [diff] [blame] | 49 | oauth2.password.authentication = TEST |
| 50 | oauth2.native.client.host = korap.ids-mannheim.de |
margaretha | be4c5c9 | 2018-05-03 18:55:49 +0200 | [diff] [blame] | 51 | oauth2.max.attempts = 2 |
margaretha | 064eb6f | 2018-07-10 18:33:01 +0200 | [diff] [blame] | 52 | # expiry in seconds (S), minutes (M), hours (H), days (D) |
| 53 | oauth2.access.token.expiry = 3S |
| 54 | oauth2.refresh.token.expiry = 90D |
| 55 | oauth2.authorization.code.expiry = 10M |
margaretha | be4c5c9 | 2018-05-03 18:55:49 +0200 | [diff] [blame] | 56 | # -- scopes separated by space |
margaretha | 20f3123 | 2018-07-09 17:49:39 +0200 | [diff] [blame] | 57 | oauth2.default.scopes = openid search match_info |
margaretha | 9c78e1a | 2018-06-27 14:12:35 +0200 | [diff] [blame] | 58 | oauth2.client.credentials.scopes = client_info |
| 59 | |
| 60 | ## OpenId |
| 61 | ### multiple values are separated by space |
| 62 | openid.grant.types = authorization_code |
| 63 | openid.response.types = code |
| 64 | openid.response.modes = query |
| 65 | openid.client.auth.methods = client_secret_basic client_secret_post |
| 66 | openid.token.signing.algorithms = RS256 |
| 67 | openid.subject.types = public |
| 68 | openid.display.types = page |
margaretha | a2ce63d | 2018-06-28 10:11:43 +0200 | [diff] [blame] | 69 | openid.supported.scopes = openid email auth_time |
margaretha | 9c78e1a | 2018-06-27 14:12:35 +0200 | [diff] [blame] | 70 | openid.support.claim.param = false |
| 71 | openid.claim.types = normal |
| 72 | openid.supported.claims = iss sub aud exp iat |
| 73 | openid.ui.locales = en |
| 74 | #openid.privacy.policy = |
| 75 | #openid.term.of.service = |
| 76 | openid.service.doc = https://github.com/KorAP/Kustvakt/wiki |
margaretha | 6374f72 | 2018-04-17 18:45:57 +0200 | [diff] [blame] | 77 | |
margaretha | 1929596 | 2018-06-26 16:00:47 +0200 | [diff] [blame] | 78 | ## JWT |
margaretha | 9c78e1a | 2018-06-27 14:12:35 +0200 | [diff] [blame] | 79 | security.jwt.issuer=https://korap.ids-mannheim.de |
margaretha | 6374f72 | 2018-04-17 18:45:57 +0200 | [diff] [blame] | 80 | |
margaretha | 1929596 | 2018-06-26 16:00:47 +0200 | [diff] [blame] | 81 | ## JWK |
margaretha | 07a356a | 2018-07-11 19:12:21 +0200 | [diff] [blame] | 82 | ## must be set for openid |
margaretha | 1929596 | 2018-06-26 16:00:47 +0200 | [diff] [blame] | 83 | rsa.private = kustvakt_rsa.key |
| 84 | rsa.public = kustvakt_rsa_public.key |
| 85 | rsa.key.id = 74caa3a9-217c-49e6-94e9-2368fdd02c35 |
| 86 | |
| 87 | ## token expiration time |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 88 | security.longTokenTTL = 1D |
margaretha | 49cb688 | 2018-07-04 04:19:54 +0200 | [diff] [blame] | 89 | security.tokenTTL = 2S |
| 90 | security.shortTokenTTL = 1S |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 91 | |
margaretha | 33fa3d9 | 2018-07-26 13:50:17 +0200 | [diff] [blame] | 92 | ## see SecureRandom Number Generation Algorithms |
| 93 | ## default SHA1PRNG |
| 94 | security.secure.random.algorithm=SHA1PRNG |
| 95 | |
| 96 | ## see MessageDigest Algorithms |
| 97 | ## default MD5 |
| 98 | security.md.algoritm = SHA-256 |
| 99 | |
| 100 | ### secure hash support: BCRYPT, ESAPICYPHER |
| 101 | security.secure.hash.algorithm=BCRYPT |
margaretha | f18298b | 2017-09-14 22:14:32 +0200 | [diff] [blame] | 102 | security.passcode.salt=salt |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 103 | |
| 104 | security.idleTimeoutDuration = 25M |
| 105 | security.multipleLogIn = true |
| 106 | security.loginAttemptNum = 3 |
| 107 | security.authAttemptTTL = 45M |
| 108 | |
| 109 | security.encryption.loadFactor = 8 |
| 110 | security.validation.stringLength = 150 |
| 111 | security.validation.emailLength = 50 |
margaretha | 33fa3d9 | 2018-07-26 13:50:17 +0200 | [diff] [blame] | 112 | |
margaretha | e4034a8 | 2018-07-02 14:46:59 +0200 | [diff] [blame] | 113 | security.sharedSecret=this-is-shared-secret-code-for-JWT-Signing.It-must-contains-minimum-256-bits |
margaretha | fc9e407 | 2017-08-29 18:34:01 +0200 | [diff] [blame] | 114 | |
| 115 | ## applicable: rewrite, foundry, filter, deny |
| 116 | security.rewrite.strategies=filter, foundry, rewrite |