Created
October 15, 2015 10:32
-
-
Save andrewferrier/4aa16a18639628f054a8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?><tns:loginConfiguration xmlns:tns="http://www.worklight.com/auth/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> | |
<!-- Licensed Materials - Property of IBM 5725-G92 (C) Copyright IBM Corp. | |
2006, 2013. All Rights Reserved. US Government Users Restricted Rights - | |
Use, duplication or disclosure restricted by GSA ADP Schedule Contract with | |
IBM Corp. --> | |
<staticResources> | |
<resource id="receiveSMS" securityTest="SubscribeServlet"> | |
<urlPatterns>/receiveSMS*</urlPatterns> | |
</resource> | |
</staticResources> | |
<securityTests> | |
<customSecurityTest name="SubscribeServlet"> | |
<test realm="wl_directUpdateRealm" step="1"/> | |
<test isInternalUserID="true" realm="SubscribeServlet"/> | |
</customSecurityTest> | |
<webSecurityTest name="ISAMforMobileFirst-web-securityTest"> | |
<testUser realm="HeaderAuthRealm"/> | |
</webSecurityTest> | |
<mobileSecurityTest name="ISAMforMobileFirst-mobile-securityTest"> | |
<testAppAuthenticity/> | |
<testUser realm="HeaderAuthRealm"/> | |
<testDeviceId provisioningType="none"/> | |
</mobileSecurityTest> | |
<customSecurityTest name="ISAMforMobileFirst-Step-up-securityTest"> | |
<test realm="wl_directUpdateRealm" step="1"/> | |
<test isInternalDeviceID="false" isInternalUserID="true" realm="ISAMStepupRealm"/> | |
</customSecurityTest> | |
<customSecurityTest name="OAuthSecurityTest"> | |
<test realm="wl_directUpdateRealm" step="1"/> | |
<test isInternalDeviceID="false" isInternalUserID="true" realm="OAuthRealm"/> | |
</customSecurityTest> | |
<!--For User Certificate Authentication --> | |
<customSecurityTest name="ISAMforMobileFirst-certificateTest"> | |
<test realm="wl_antiXSRFRealm" step="1"/> | |
<test realm="wl_authenticityRealm" step="1"/> | |
<test realm="wl_directUpdateRealm" mode="perSession" step="1"/> | |
<test realm="wl_userCertificateAuthRealm" isInternalUserID="true" step="1"/> | |
<test realm="wl_deviceNoProvisioningRealm" isInternalDeviceID="true" step="2"/> | |
</customSecurityTest> | |
</securityTests> | |
<realms> | |
<realm loginModule="rejectAll" name="SubscribeServlet"> | |
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className> | |
</realm> | |
<realm loginModule="HeaderAuthModule" name="HeaderAuthRealm"> | |
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className> | |
</realm> | |
<realm loginModule="HeaderAuthModule" name="ISAMStepupRealm"> | |
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className> | |
</realm> | |
<realm loginModule="HeaderAuthModule" name="OAuthRealm"> | |
<className>com.worklight.core.auth.ext.HeaderAuthenticator</className> | |
</realm> | |
<!-- Realm for User Certificate Authentication --> | |
<realm name="wl_userCertificateAuthRealm" loginModule="WLUserCertificateLoginModule"> | |
<className>com.worklight.core.auth.ext.UserCertificateAuthenticator</className> | |
<parameter name="dependent-user-auth-realm" value="HeaderAuthRealm" /> | |
<parameter name="pki-bridge-class" value="com.worklight.core.auth.ext.UserCertificateEmbeddedPKI" /> | |
<parameter name="embedded-pki-bridge-ca-p12-file-path" value="<file-path>"/> | |
<parameter name="embedded-pki-bridge-ca-p12-password" value="passSigningP12" /> | |
</realm> | |
<realm name="WASLTPARealm" loginModule="WASLTPAModule"> | |
<className>com.worklight.core.auth.ext.WebSphereFormBasedAuthenticator</className> | |
<parameter name="login-page" value="/login.html"/> | |
<parameter name="error-page" value="/loginError.html"/> | |
</realm> | |
</realms> | |
<loginModules> | |
<loginModule name="rejectAll"> | |
<className>com.worklight.core.auth.ext.RejectingLoginModule</className> | |
</loginModule> | |
<loginModule name="HeaderAuthModule"> | |
<className>com.worklight.core.auth.ext.HeaderLoginModule</className> | |
<parameter name="user-name-header" value="iv-user"/> | |
<parameter name="display-name-header" value="iv-user"/> | |
</loginModule> | |
<!-- Login Module for User Certificate Authentication --> | |
<loginModule name="WLUserCertificateLoginModule"> | |
<className>com.worklight.core.auth.ext.UserCertificateLoginModule</className> | |
</loginModule> | |
<loginModule name="WASLTPAModule"> | |
<className>com.worklight.core.auth.ext.WebSphereLoginModule</className> | |
</loginModule> | |
</loginModules> | |
</tns:loginConfiguration> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment