| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <project basedir="." default="all" name="Fortress Properties"> |
| <taskdef classname="org.apache.directory.fortress.core.ant.FortressAntTask" name="FortressAdmin" > |
| <classpath path="${java.class.path}"/> |
| </taskdef> |
| |
| <target name="all"> |
| <FortressAdmin> |
| |
| <addsuffix> |
| <suffix name="@SUFFIX_NAME@" dc="@SUFFIX_DC@" dc2="@SUFFIX_DC2@" description="Apache Fortress DIT Suffix"/> |
| </addsuffix> |
| |
| <delcontainer> |
| <container name="Config" description="Fortress Configuration Realms"/> |
| <container name="People" description="Fortress People"/> |
| <container name="Policies" description="Fortress Policies"/> |
| <container name="Groups" description="LDAP Groups"/> |
| <container name="RBAC" description="Fortress RBAC Policies"/> |
| <container name="Roles" parent="RBAC" description="Fortress Roles"/> |
| <container name="Permissions" parent="RBAC" description="Fortress Permissions"/> |
| <container name="Constraints" parent="RBAC" description="Fortress Separation of Duty Constraints"/> |
| <container name="ARBAC" description="Fortress Administrative RBAC Policies"/> |
| <container name="OS-U" parent="ARBAC" description="Fortress User Organizational Units"/> |
| <container name="OS-P" parent="ARBAC" description="Fortress Perm Organizational Units"/> |
| <container name="AdminRoles" parent="ARBAC" description="Fortress AdminRoles"/> |
| <container name="AdminPerms" parent="ARBAC" description="Fortress Admin Permissions"/> |
| <!-- Test Multi-tenancy: --> |
| <!--container name="Client123" description="Client 123 test context"/> |
| <container name="Client456" description="Client 456 test context"/> |
| <container name="Client789" description="Client 789 test context"/--> |
| </delcontainer> |
| |
| <addcontainer> |
| <container name="Config" description="Fortress Configuration Realms"/> |
| <container name="People" description="Fortress People"/> |
| <container name="Policies" description="Fortress Policies"/> |
| <container name="Groups" description="LDAP Groups"/> |
| <container name="RBAC" description="Fortress RBAC Policies"/> |
| <container name="Roles" parent="RBAC" description="Fortress Roles"/> |
| <container name="Permissions" parent="RBAC" description="Fortress Permissions"/> |
| <container name="Constraints" parent="RBAC" description="Fortress Separation of Duty Constraints"/> |
| <container name="ARBAC" description="Fortress Administrative RBAC Policies"/> |
| <container name="OS-U" parent="ARBAC" description="Fortress User Organizational Units"/> |
| <container name="OS-P" parent="ARBAC" description="Fortress Perm Organizational Units"/> |
| <container name="AdminRoles" parent="ARBAC" description="Fortress AdminRoles"/> |
| <container name="AdminPerms" parent="ARBAC" description="Fortress Admin Permissions"/> |
| <!-- Test Multi-tenancy --> |
| <!--container name="Client123" description="Client 123 test context"/> |
| <container name="Client456" description="Client 456 test context"/> |
| <container name="Client789" description="Client 789 test context"/--> |
| </addcontainer> |
| |
| <addconfig> |
| <!-- These values are mapped to a config node named 'DEFAULT' by the FortressAntTask: --> |
| <config props="config.realm:DEFAULT"/> |
| <!-- 2.0.4 schema change maps these to 'gidUnumber' and 'uidNumber' attrs on the associated ftConfig entity. --> |
| <config props="config.gid.number:10000"/> |
| <config props="config.uid.number:20000"/> |
| <!-- These values are stored as properties on the configuration node named 'DEFAULT': --> |
| <config props="user.session.props.enabled:false"/> |
| <config props="authn.type:default"/> |
| <config props="clientside.sorting:true"/> |
| <config props="suffix:@SUFFIX@"/> |
| <config props="user.root:@USERS_DN@"/> |
| <config props="group.root:@GROUPS_DN@"/> |
| <config props="pwpolicy.root:@POLICIES_DN@"/> |
| <config props="role.root:@ROLES_DN@"/> |
| <config props="perm.root:@PERMS_DN@"/> |
| <config props="sdconstraint.root:@CONSTRAINTS_DN@"/> |
| <config props="userou.root:@USEROUS_DN@"/> |
| <config props="permou.root:@PERMOUS_DN@"/> |
| <config props="adminrole.root:@ADMINROLES_DN@"/> |
| <config props="adminperm.root:@ADMINPERMS_DN@"/> |
| <config props="audit.root:@AUDITS_DN@"/> |
| <config props="superadmin.role:fortress-core-super-admin"/> |
| <config props="temporal.validator.0:org.apache.directory.fortress.core.util.time.Date"/> |
| <config props="temporal.validator.1:org.apache.directory.fortress.core.util.time.LockDate"/> |
| <config props="temporal.validator.2:org.apache.directory.fortress.core.util.time.Timeout"/> |
| <config props="temporal.validator.3:org.apache.directory.fortress.core.util.time.ClockTime"/> |
| <config props="temporal.validator.4:org.apache.directory.fortress.core.util.time.Day"/> |
| <config props="temporal.validator.5:org.apache.directory.fortress.core.util.time.UserRoleConstraint"/> |
| <config props="temporal.validator.dsd:org.apache.directory.fortress.core.impl.DSDChecker"/> |
| <config props="user.objectclass:inetOrgPerson"/> |
| <config props="group.objectclass:@GROUP_OBJECT_CLASS@"/> |
| <config props="group.protocol:@GROUP_PROTOCOL@"/> |
| <config props="group.properties:@GROUP_PROPERTIES@"/> |
| <config props="role.occupants:@ROLE_OCCUPANTS@"/> |
| <config props="rfc2307:@IS_RFC2307@"/> |
| <!-- Storing these values as props is deprecated since 2.0.4. --> |
| <config props="gidNumber:5000"/> |
| <config props="uidNumber:1000"/> |
| <!-- For encoding user input. . --> |
| <config props="attr.delimiter:$"/> |
| <config props="field.length:130"/> |
| <config props="ldap.filter.size:15"/> |
| <config props="ldap.filter.1:!"/> |
| <config props="ldap.sub.1:21"/> |
| <config props="ldap.filter.2:%"/> |
| <config props="ldap.sub.2:25"/> |
| <config props="ldap.filter.3:&"/> |
| <config props="ldap.sub.3:26"/> |
| <config props="ldap.filter.4:("/> |
| <config props="ldap.sub.4:28"/> |
| <config props="ldap.filter.5:)"/> |
| <config props="ldap.sub.5:29"/> |
| <config props="ldap.filter.6:*"/> |
| <config props="ldap.sub.6:2a"/> |
| <config props="ldap.filter.7:+"/> |
| <config props="ldap.sub.7:2b"/> |
| <config props="ldap.filter.8:-"/> |
| <config props="ldap.sub.8:2d"/> |
| <config props="ldap.filter.9:/"/> |
| <config props="ldap.sub.9:2f"/> |
| <config props="ldap.filter.10:="/> |
| <config props="ldap.sub.10:3c"/> |
| <config props="ldap.filter.11:>"/> |
| <config props="ldap.sub.11:3d"/> |
| <config props="ldap.filter.12:\\"/> |
| <config props="ldap.sub.12:3e"/> |
| <config props="ldap.filter.13:|"/> |
| <config props="ldap.sub.13:5c"/> |
| <config props="ldap.filter.14:~"/> |
| <config props="ldap.sub.14:7c"/> |
| <config props="ldap.filter.15:~"/> |
| <config props="ldap.sub.15:7e"/> |
| <config props="ldap.search.max.batch.size:@LDAP_MAX_BATCH_SIZE@"/> |
| </addconfig> |
| |
| <addconfig> |
| <!-- Config realms allow different app domains unique sets of parameters, see README-CONFIG.md.--> |
| <config props="config.realm:TOMCAT"/> |
| <!-- These values are stored as properties on a configuration node named 'TOMCAT' under the suffix: --> |
| <config props="authn.type:realm"/> |
| <config props="ldap.server.type:@SERVER_TYPE@"/> |
| <config props="clientside.sorting:true"/> |
| <config props="suffix:@SUFFIX@"/> |
| <config props="user.root:ou=People,@SUFFIX@"/> |
| <config props="group.root:@GROUPS_DN@"/> |
| <config props="role.root:ou=Roles,ou=RBAC,@SUFFIX@"/> |
| <config props="perm.root:ou=Permissions,ou=RBAC,@SUFFIX@"/> |
| <config props="sdconstraint.root:ou=Constraints,ou=RBAC,@SUFFIX@"/> |
| <config props="adminperm.root:ou=AdminPerms,ou=ARBAC,@SUFFIX@"/> |
| <config props="audit.root:@AUDITS_DN@"/> |
| <config props="superadmin.role:fortress-core-super-admin"/> |
| <config props="serviceadmin.role:fortress-rest-admin"/> |
| <config props="temporal.validator.0:org.apache.directory.fortress.core.util.time.Date"/> |
| <config props="temporal.validator.1:org.apache.directory.fortress.core.util.time.LockDate"/> |
| <config props="temporal.validator.2:org.apache.directory.fortress.core.util.time.Timeout"/> |
| <config props="temporal.validator.3:org.apache.directory.fortress.core.util.time.ClockTime"/> |
| <config props="temporal.validator.4:org.apache.directory.fortress.core.util.time.Day"/> |
| <config props="temporal.validator.5:org.apache.directory.fortress.core.util.time.UserRoleConstraint"/> |
| <config props="temporal.validator.dsd:org.apache.directory.fortress.core.impl.DSDChecker"/> |
| <config props="accessmgr.implementation:org.apache.directory.fortress.core.impl.AccessMgrImpl"/> |
| <config props="auditmgr.implementation:org.apache.directory.fortress.core.impl.AuditMgrImpl"/> |
| <config props="user.objectclass:inetOrgPerson"/> |
| <config props="group.objectclass:@GROUP_OBJECT_CLASS@"/> |
| <config props="group.protocol:@GROUP_PROTOCOL@"/> |
| <config props="group.properties:@GROUP_PROPERTIES@"/> |
| <config props="rfc2307:@IS_RFC2307@"/> |
| <!-- For encoding user input. . --> |
| <config props="attr.delimiter:$"/> |
| <config props="field.length:130"/> |
| <config props="ldap.filter.size:15"/> |
| <config props="ldap.filter.1:!"/> |
| <config props="ldap.sub.1:21"/> |
| <config props="ldap.filter.2:%"/> |
| <config props="ldap.sub.2:25"/> |
| <config props="ldap.filter.3:&"/> |
| <config props="ldap.sub.3:26"/> |
| <config props="ldap.filter.4:("/> |
| <config props="ldap.sub.4:28"/> |
| <config props="ldap.filter.5:)"/> |
| <config props="ldap.sub.5:29"/> |
| <config props="ldap.filter.6:*"/> |
| <config props="ldap.sub.6:2a"/> |
| <config props="ldap.filter.7:+"/> |
| <config props="ldap.sub.7:2b"/> |
| <config props="ldap.filter.8:-"/> |
| <config props="ldap.sub.8:2d"/> |
| <config props="ldap.filter.9:/"/> |
| <config props="ldap.sub.9:2f"/> |
| <config props="ldap.filter.10:="/> |
| <config props="ldap.sub.10:3c"/> |
| <config props="ldap.filter.11:>"/> |
| <config props="ldap.sub.11:3d"/> |
| <config props="ldap.filter.12:\\"/> |
| <config props="ldap.sub.12:3e"/> |
| <config props="ldap.filter.13:|"/> |
| <config props="ldap.sub.13:5c"/> |
| <config props="ldap.filter.14:~"/> |
| <config props="ldap.sub.14:7c"/> |
| <config props="ldap.sub.15:7e"/> |
| <config props="ldap.filter.15:~"/> |
| <config props="ldap.search.max.batch.size:@LDAP_MAX_BATCH_SIZE@"/> |
| </addconfig> |
| </FortressAdmin> |
| </target> |
| </project> |
| |
| |