API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 28th, 2016
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.79 KB | None | 0 0
raw download clone embed print report
  1. <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  2. <jpsConfig xmlns="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" schema-major-version="11" schema-minor-version="1">
  3. <property name="oracle.security.jps.jaas.mode" value="off"/>
  4. <property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
  5. <property name="oracle.security.jps.enterprise.role.class" value="weblogic.security.principal.WLSGroupImpl"/>
  6. <property name="app.roles.source" value="PDP"/>
  7. <propertySets>
  8. <propertySet name="saml.trusted.issuers.1">
  9. <property name="name" value="www.oracle.com"/>
  10. </propertySet>
  11. <propertySet name="UserOrgID">
  12. <property name="ootb.pip.attr.type" value="OOTB_PIP_ATTRIBUTE"/>
  13. <property name="name" value="UserOrgID"/>
  14. <property name="ootb.pip.ref" value="UserOrgAR"/>
  15. <property name="query" value="select * from ( select mda.VALUE from USER_ACCOUNT ua inner join SECURITY_PRINCIPAL sp on sp.SECURITY_PRINCIPAL_ID = ua.SECURITY_PRINCIPAL_ID inner join M_SECURITY_PRINCIPAL_DATA mspd on mspd.PARENT_ID = sp.SECURITY_PRINCIPAL_ID and mspd.KEY = N'PathName' inner join PERSONAGE pers on ua.PERSONAGE_ID = pers.PERSONAGE_ID inner join POST pst on pst.POST_ID = pers.POST_ID inner join DEPARTMENT d on d.DEPARTMENT_ID = pst.DEPARTMENT_ID inner join ( select connect_by_root( d.DEPARTMENT_ID ) ROOT_DEP_ID, d.DEPARTMENT_ID, LEVEL as TreeLevel from DEPARTMENT d connect by prior d.DEPARTMENT_ID = d.PARENT_ID order by LEVEL ) TreeDepartments on TreeDepartments.DEPARTMENT_ID = d.DEPARTMENT_ID inner join M_DEPARTMENT_DATA mda on mda.PARENT_ID = TreeDepartments.ROOT_DEP_ID where MDA.KEY = N'ExternalID' and upper(mspd.VALUE) = upper(%SYS_USER%) order by TreeDepartments.TreeLevel asc ) where rownum = 1;"/>
  16. </propertySet>
  17. </propertySets>
  18. <serviceProviders>
  19. <serviceProvider class="oracle.security.jps.az.internal.runtime.provider.PIPServiceProvider" name="pip.service.provider" type="PIP"/>
  20. <serviceProvider type="CREDENTIAL_STORE" name="credstoressp" class="oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider">
  21. <description>SecretStore-based CSF provider</description>
  22. </serviceProvider>
  23. <serviceProvider type="IDENTITY_STORE" name="idstore.xml.provider" class="oracle.security.jps.internal.idstore.xml.XmlIdentityStoreProvider">
  24. <description>XML-based IdStore Provider</description>
  25. </serviceProvider>
  26. <serviceProvider type="POLICY_STORE" name="policystore.xml.provider" class="oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider">
  27. <description>XML-based PolicyStore Provider</description>
  28. </serviceProvider>
  29. <serviceProvider type="LOGIN" name="jaas.login.provider" class="oracle.security.jps.internal.login.jaas.JaasLoginServiceProvider">
  30. <description>This is Jaas Login Service Provider and is used to configure login module service instances</description>
  31. </serviceProvider>
  32. <serviceProvider type="KEY_STORE" name="keystore.provider" class="oracle.security.jps.internal.keystore.KeyStoreProvider">
  33. <description>PKI Based Keystore Provider</description>
  34. <property name="provider.property.name" value="owsm"/>
  35. </serviceProvider>
  36. <serviceProvider type="AUDIT" name="audit.provider" class="oracle.security.jps.internal.audit.AuditProvider">
  37. <description>Audit Service</description>
  38. </serviceProvider>
  39. <serviceProvider type="PDP" name="pdp.service.provider" class="oracle.security.jps.az.internal.runtime.provider.PDPServiceProvider"/>
  40. <serviceProvider type="POLICY_STORE" name="policy.rdbms" class="oracle.security.jps.internal.policystore.OPSSPolicyStoreProvider">
  41. <property name="policystore.type" value="DB_ORACLE"/>
  42. </serviceProvider>
  43. <serviceProvider type="POLICY_STORE" name="policy.oid" class="oracle.security.jps.internal.policystore.ldap.LdapPolicyStoreProvider">
  44. <property name="policystore.type" value="OID"/>
  45. </serviceProvider>
  46. </serviceProviders>
  47. <serviceInstances>
  48. <serviceInstance name="credstore" provider="credstoressp" location="./">
  49. <description>File Based Credential Store Service Instance</description>
  50. </serviceInstance>
  51. <serviceInstance name="idstore.xml" provider="idstore.xml.provider" location="./system-jazn-data.xml">
  52. <description>File Based Identity Store Service Instance</description>
  53. <property name="subscriber.name" value="jazn.com"/>
  54. </serviceInstance>
  55. <serviceInstance name="policystore.xml" provider="policystore.xml.provider" location="./system-jazn-data.xml">
  56. <description>File Based Policy Store Service Instance</description>
  57. </serviceInstance>
  58. <serviceInstance name="idstore.loginmodule" provider="jaas.login.provider">
  59. <description>Identity Store Login Module</description>
  60. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.idstore.IdStoreLoginModule"/>
  61. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  62. </serviceInstance>
  63. <serviceInstance name="keystore" provider="keystore.provider" location="./default-keystore.jks">
  64. <description>Default JPS Keystore Service</description>
  65. <property name="keystore.provider.type" value="file"/>
  66. <property name="keystore.file.path" value="./"/>
  67. <property name="keystore.type" value="JKS"/>
  68. <property name="keystore.csf.map" value="oracle.wsm.security"/>
  69. <property name="keystore.pass.csf.key" value="keystore-csf-key"/>
  70. <property name="keystore.sig.csf.key" value="sign-csf-key"/>
  71. <property name="keystore.enc.csf.key" value="enc-csf-key"/>
  72. </serviceInstance>
  73. <serviceInstance name="audit" provider="audit.provider">
  74. <property name="audit.filterPreset" value="None"/>
  75. <property name="audit.maxDirSize" value="0"/>
  76. <property name="audit.maxFileSize" value="104857600"/>
  77. <property name="audit.loader.jndi" value="jdbc/AuditDB"/>
  78. <property name="audit.loader.interval" value="15"/>
  79. <property name="audit.loader.repositoryType" value="File"/>
  80. </serviceInstance>
  81. <serviceInstance name="saml.loginmodule" provider="jaas.login.provider">
  82. <description>SAML Login Module</description>
  83. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.saml.JpsSAMLLoginModule"/>
  84. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  85. <propertySetRef ref="saml.trusted.issuers.1"/>
  86. </serviceInstance>
  87. <serviceInstance name="saml2.loginmodule" provider="jaas.login.provider">
  88. <description>SAML2 Login Module</description>
  89. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.saml.JpsSAML2LoginModule"/>
  90. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  91. <propertySetRef ref="saml.trusted.issuers.1"/>
  92. </serviceInstance>
  93. <serviceInstance name="krb5.loginmodule" provider="jaas.login.provider">
  94. <description>Kerberos Login Module</description>
  95. <property name="loginModuleClassName" value="com.sun.security.auth.module.Krb5LoginModule"/>
  96. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  97. <property name="storeKey" value="true"/>
  98. <property name="useKeyTab" value="true"/>
  99. <property name="doNotPrompt" value="true"/>
  100. <property name="keyTab" value="./krb5.keytab"/>
  101. <property name="principal" value="HOST/localhost@EXAMPLE.COM"/>
  102. </serviceInstance>
  103. <serviceInstance name="digest.authenticator.loginmodule" provider="jaas.login.provider">
  104. <description>Digest Authenticator Login Module</description>
  105. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.digest.DigestLoginModule"/>
  106. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  107. </serviceInstance>
  108. <serviceInstance name="certificate.authenticator.loginmodule" provider="jaas.login.provider">
  109. <description>X509 Certificate Login Module</description>
  110. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.x509.X509LoginModule"/>
  111. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  112. </serviceInstance>
  113. <serviceInstance name="wss.digest.loginmodule" provider="jaas.login.provider">
  114. <description>WSS Digest Login Module</description>
  115. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.digest.WSSDigestLoginModule"/>
  116. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  117. </serviceInstance>
  118. <serviceInstance name="user.authentication.loginmodule" provider="jaas.login.provider">
  119. <description>User Authentication Login Module</description>
  120. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.authentication.JpsUserAuthenticationLoginModule"/>
  121. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  122. </serviceInstance>
  123. <serviceInstance name="bootstrap.credstore" provider="credstoressp" location="./bootstrap">
  124. <property name="location" value="./bootstrap"/>
  125. </serviceInstance>
  126. <serviceInstance name="user.assertion.loginmodule" provider="jaas.login.provider">
  127. <description>User Assertion Login Module</description>
  128. <property name="loginModuleClassName" value="oracle.security.jps.internal.jaas.module.assertion.JpsUserAssertionLoginModule"/>
  129. <property name="jaas.login.controlFlag" value="REQUIRED"/>
  130. </serviceInstance>
  131. <serviceInstance name="credstore.enroll" provider="credstoressp" location="/oracle/fmw/oes/oes_sm_instances/VPD1/config/enroll"/>
  132. <serviceInstance name="policystore.rdbms" provider="policy.rdbms">
  133. <property name="jdbc.driver" value="oracle.jdbc.driver.OracleDriver"/>
  134. <property name="jdbc.url" value="jdbc:oracle:thin:@eb-oe-poib-db-rac:1526/poibdb.budget.gov.ru"/>
  135. <property name="oracle.security.jps.ldap.root.name" value="cn=jpsroot"/>
  136. <property name="oracle.security.jps.farm.name" value="cn=oes_domain"/>
  137. <property name="bootstrap.security.principal.key" value="oes_sm_key_new"/>
  138. <property name="bootstrap.security.principal.map" value="oes_sm_map_new"/>
  139. </serviceInstance>
  140. <serviceInstance name="pdp.service" provider="pdp.service.provider">
  141. <property name="oracle.security.jps.runtime.pd.client.policyDistributionMode" value="controlled-pull"/>
  142. <property name="oracle.security.jps.runtime.pd.client.sm_name" value="VPD1"/>
  143. <property name="oracle.security.jps.runtime.pd.client.SMinstanceType" value="java"/>
  144. <property name="oracle.security.jps.pd.client.PollingTimerEnabled" value="true"/>
  145. <property name="oracle.security.jps.pd.client.PollingTimerInterval" value="600"/>
  146. <property name="jdbc.driver" value="oracle.jdbc.driver.OracleDriver"/>
  147. <property name="jdbc.url" value="jdbc:oracle:thin:@eb-oe-poib-db-rac:1526/poibdb.budget.gov.ru"/>
  148. <property name="oracle.security.jps.ldap.root.name" value="cn=jpsroot"/>
  149. <property name="oracle.security.jps.farm.name" value="cn=oes_domain"/>
  150. <property name="bootstrap.security.principal.key" value="oes_sm_key_new"/>
  151. <property name="bootstrap.security.principal.map" value="oes_sm_map_new"/>
  152. <property name="policystore.type" value="DB_ORACLE"/>
  153. </serviceInstance>
  154. <serviceInstance name="UserOrgAR" provider="pip.service.provider">
  155. <property name="type" value="RDBMS_PIP"/>
  156. <property name="jdbc.url" value="jdbc:oracle:thin:@eb-oe-poib-db-rac:1526/poibdb.budget.gov.ru"/>
  157. <property name="jdbc.driver" value="oracle.jdbc.driver.OracleDriver"/>
  158. <property name="bootstrap.security.principal.key" value="cube_key"/>
  159. <property name="bootstrap.security.principal.map" value="cube_map"/>
  160. <property name="failed.server.retry.interval" value="10"/>
  161. </serviceInstance>
  162. </serviceInstances>
  163. <jpsContexts default="default">
  164. <jpsContext name="default">
  165. <serviceInstanceRef ref="audit"/>
  166. <serviceInstanceRef ref="credstore"/>
  167. <serviceInstanceRef ref="idstore.xml"/>
  168. <serviceInstanceRef ref="pdp.service"/>
  169. <serviceInstanceRef ref="UserOrgAR"/>
  170. </jpsContext>
  171. <jpsContext name="bootstrap_credstore_context">
  172. <serviceInstanceRef ref="bootstrap.credstore"/>
  173. </jpsContext>
  174. <jpsContext name="oracle.security.jps.fmw.authenticator.DigestAuthenticator">
  175. <serviceInstanceRef ref="digest.authenticator.loginmodule"/>
  176. </jpsContext>
  177. <jpsContext name="oracle.security.jps.fmw.authenticator.BasicAuthenticator">
  178. <serviceInstanceRef ref="idstore.loginmodule"/>
  179. </jpsContext>
  180. <jpsContext name="X509CertificateAuthentication">
  181. <serviceInstanceRef ref="certificate.authenticator.loginmodule"/>
  182. </jpsContext>
  183. <jpsContext name="SAML">
  184. <serviceInstanceRef ref="saml.loginmodule"/>
  185. </jpsContext>
  186. <jpsContext name="smsec">
  187. <serviceInstanceRef ref="credstore.enroll"/>
  188. </jpsContext>
  189. </jpsContexts>
  190. </jpsConfig>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!