oauth2authserver:
issuer: https://auth.example.com
location: logindialog
consentFile: conf/consent.html
userDataProvider: {}
clientList: {}
claimList: {}
oauth2authserver:
issuer: https://auth.example.com
location: logindialog
consentFile: conf/consent.html
userDataProvider: {}
clientList: {}
claimList: {}
Syntax
oauth2authserver:
issuer: <string> # required
'$ref': <string>
accountBlocker: {}
bearerJwtToken: {}
bearerToken: {}
cachingUserDataProvider: {}
claims: {}
consentFile: <string>
customStatementJdbcUserDataProvider: {}
exposeUserCredentialsToSession: <boolean>
htpasswdFileProvider: {}
issueNonSpecIdTokens: <boolean>
issueNonSpecRefreshTokens: <boolean>
jdbcUserDataProvider: {}
ldapUserDataProvider: {}
location: <string>
message: <string>
path: <string>
refresh: {}
sessionManager: {}
staticClientList: {}
staticUserDataProvider: {}
unifyingUserDataProvider:
- <userDataProviders>
oauth2authserver:
issuer: <string> # required
'$ref': <string>
accountBlocker: {}
bearerJwtToken: {}
bearerToken: {}
cachingUserDataProvider: {}
claims: {}
consentFile: <string>
customStatementJdbcUserDataProvider: {}
exposeUserCredentialsToSession: <boolean>
htpasswdFileProvider: {}
issueNonSpecIdTokens: <boolean>
issueNonSpecRefreshTokens: <boolean>
jdbcUserDataProvider: {}
ldapUserDataProvider: {}
location: <string>
message: <string>
path: <string>
refresh: {}
sessionManager: {}
staticClientList: {}
staticUserDataProvider: {}
unifyingUserDataProvider:
- <userDataProviders>
Attributes
| Name | Required | Default | Description | Examples |
|---|---|---|---|---|
| $ref | false | - | Reference a component defined under components. | - |
| consentFile | false | - | - | - |
| exposeUserCredentialsToSession | false | - | - | - |
| issueNonSpecIdTokens | false | false | Issue id-tokens also in credentials-flow and password-flow . The OIDC specification, which brings in id-tokens, does not handle those flows, which is why the default value is false. | - |
| issueNonSpecRefreshTokens | false | false | Issue refresh-tokens also in credentials-flow. The OAuth2 specification does not issue refresh tokens in the credentials-flow, which is why the default value is false. | - |
| issuer | true | - | - | - |
| location | false | - | Base path under which the login dialog will be served. | logindialog |
| message | false | - | - | - |
| path | false | - | - | - |
Child Structure
| Element | Cardinality | Description |
|---|---|---|
| accountBlocker | 0..1 | Keeps track of blocked user accounts (accounts become blocked after too many failed logins). |
| bearerJwtToken | 0..1 | |
| bearerToken | 0..1 | |
| cachingUserDataProvider | 0..1 | Caching User Data provider caches previous successful logins in order to make authentication faster |
| claims | 0..1 | |
| customStatementJdbcUserDataProvider | 0..1 | |
| htpasswdFileProvider | 0..1 | A user data provider utilizing htpasswd-style files. |
| jdbcUserDataProvider | 0..1 | |
| ldapUserDataProvider | 0..1 | A user data provider querying an LDAP server to authorize users and retrieve attributes. |
| refresh | 0..1 | |
| sessionManager | 0..1 | Explanation: |
| staticClientList | 0..1 | |
| staticUserDataProvider | 0..1 | A user data provider listing all user data in-place in the config file. |
| userDataProviders | 0..* |