mirror of
https://bitbucket.org/atlassian-docker/docker-atlassian-confluence-server.git
synced 2024-08-30 18:22:16 +00:00
72 lines
3.0 KiB
Django/Jinja
72 lines
3.0 KiB
Django/Jinja
<security-config>
|
|
<parameters>
|
|
<init-param>
|
|
<param-name>login.url</param-name>
|
|
<param-value>/login.action?os_destination=${originalurl}&permissionViolation=true</param-value>
|
|
</init-param>
|
|
<init-param>
|
|
<param-name>link.login.url</param-name>
|
|
<param-value>/login.action</param-value>
|
|
</init-param>
|
|
<init-param>
|
|
<param-name>cookie.encoding</param-name>
|
|
<param-value>cNf</param-value>
|
|
</init-param>
|
|
<init-param>
|
|
<param-name>login.cookie.key</param-name>
|
|
<param-value>seraph.confluence</param-value>
|
|
</init-param>
|
|
|
|
{% if atl_autologin_cookie_age is defined %}
|
|
<init-param>
|
|
<param-name>autologin.cookie.age</param-name>
|
|
<param-value>{{ atl_autologin_cookie_age }}</param-value>
|
|
</init-param>
|
|
{% endif %}
|
|
|
|
<!--only basic authentication available-->
|
|
<init-param>
|
|
<param-name>authentication.type</param-name>
|
|
<param-value>os_authType</param-value>
|
|
</init-param>
|
|
|
|
<!-- Invalidate session on login to prevent session fixation attack -->
|
|
<init-param>
|
|
<param-name>invalidate.session.on.login</param-name>
|
|
<param-value>true</param-value>
|
|
</init-param>
|
|
<!-- Add names for session attributes that must not be copied to a new session when the old one gets invalidated.
|
|
Currently it is empty (i.e. all attributes will be copied). -->
|
|
<init-param>
|
|
<param-name>invalidate.session.exclude.list</param-name>
|
|
<param-value></param-value>
|
|
</init-param>
|
|
</parameters>
|
|
|
|
<rolemapper class="com.atlassian.confluence.security.ConfluenceRoleMapper"/>
|
|
<controller class="com.atlassian.confluence.setup.seraph.ConfluenceSecurityController"/>
|
|
|
|
<!-- Default Confluence authenticator, which uses the configured user management for authentication. -->
|
|
<authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>
|
|
|
|
<!-- Custom authenticators appear below. To enable one of them, comment out the default authenticator above and uncomment the one below. -->
|
|
|
|
<!-- Authenticator with support for Crowd single-sign on (SSO). -->
|
|
<!-- <authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/> -->
|
|
|
|
<!-- Specialised version of the default authenticator which adds authenticated users to confluence-users if they aren't already a member. -->
|
|
<!-- <authenticator class="com.atlassian.confluence.user.ConfluenceGroupJoiningAuthenticator"/> -->
|
|
|
|
<services>
|
|
<service class="com.atlassian.seraph.service.PathService">
|
|
<init-param>
|
|
<param-name>config.file</param-name>
|
|
<param-value>seraph-paths.xml</param-value>
|
|
</init-param>
|
|
</service>
|
|
</services>
|
|
|
|
<elevatedsecurityguard class="com.atlassian.confluence.security.seraph.ConfluenceElevatedSecurityGuard"/>
|
|
|
|
</security-config>
|