API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 25th, 2021
223
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 2.57 KB | None | 0 0
raw download clone embed print report
  1. spring.datasource:
  2.   url: jdbc:h2:./camunda-db;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
  3. #shareable h2 database: jdbc:h2:./camunda-db;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE;AUTO_SERVER=TRUE
  4.   username: sa
  5.   password: sa
  6. spring.h2.console.enabled: true
  7. server.port: 8081
  8.  
  9.  
  10. # Externalized Keycloak configuration
  11. keycloak:
  12.  # SSO Authentication requests. Send by application as redirect to the browser
  13.   url.auth: ${KEYCLOAK_URL_AUTH:http://localhost:8080}
  14.   # SSO Token requests. Send from the application to Keycloak
  15.   url.token: ${KEYCLOAK_URL_TOKEN:http://localhost:8080}
  16.   # Keycloak access for the Identity Provider plugin.
  17.   url.plugin: ${KEYCLOAK_URL_PLUGIN:https://localhost:8443}
  18.  
  19.   # Keycloak Camunda Identity Client
  20.   client.id: ${KEYCLOAK_CLIENT_ID:camunda-identity-service-new}
  21.   client.secret: ${KEYCLOAK_CLIENT_SECRET:11dc46a6-7062-4aa2-bb13-066a7b41de1b}
  22.  
  23. # Spring Boot Security OAuth2 SSO
  24. spring.security:
  25.   oauth2:
  26.     client:
  27.       registration:
  28.         keycloak:
  29.           provider: keycloak
  30.           client-id: ${keycloak.client.id}
  31.           client-secret: ${keycloak.client.secret}
  32.           authorization-grant-type: authorization_code
  33.           redirect-uri: "{baseUrl}/{action}/oauth2/code/{registrationId}"
  34.           scope: openid, profile, email
  35.       provider:
  36.         keycloak:
  37.           issuer-uri: ${keycloak.url.auth}/auth/realms/camunda-realm
  38.           authorization-uri: ${keycloak.url.auth}/auth/realms/camunda-realm/protocol/openid-connect/auth
  39.           user-info-uri: ${keycloak.url.auth}/auth/realms/camunda-realm/protocol/openid-connect/userinfo
  40.           token-uri: ${keycloak.url.token}/auth/realms/camunda-realm/protocol/openid-connect/token
  41.           jwk-set-uri: ${keycloak.url.token}/auth/realms/camunda-realm/protocol/openid-connect/certs
  42.           # set user-name-attribute one of:
  43.           # - sub                -> default; using keycloak ID as camunda user ID
  44.           # - email              -> useEmailAsCamundaUserId=true
  45.           # - preferred_username -> useUsernameAsCamundaUserId=true
  46.           user-name-attribute: preferred_username
  47.  
  48.  
  49. # Camunda Keycloak Identity Provider Plugin
  50. plugin.identity.keycloak:
  51.   keycloakIssuerUrl: ${keycloak.url.plugin}/auth/realms/camunda-realm
  52.   keycloakAdminUrl: ${keycloak.url.plugin}/auth/admin/realms/camunda-realm
  53.   clientId: ${keycloak.client.id}
  54.   clientSecret: ${keycloak.client.secret}
  55.   useEmailAsCamundaUserId: false
  56.   useUsernameAsCamundaUserId: true
  57.   useGroupPathAsCamundaGroupId: true
  58.   administratorGroupName: camunda-admin
  59.   disableSSLCertificateValidation: true
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!