| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <topology> |
| <name>homepage</name> |
| <gateway> |
| <provider> |
| <role>webappsec</role> |
| <name>WebAppSec</name> |
| <enabled>true</enabled> |
| <param> |
| <name>csrf.enabled</name> |
| <value>true</value> |
| </param> |
| <param> |
| <name>csrf.customHeader</name> |
| <value>X-XSRF-Header</value> |
| </param> |
| <param> |
| <name>csrf.methodsToIgnore</name> |
| <value>GET,OPTIONS,HEAD</value> |
| </param> |
| <param> |
| <name>xframe.options.enabled</name> |
| <value>true</value> |
| </param> |
| <param> |
| <name>xss.protection.enabled</name> |
| <value>true</value> |
| </param> |
| <param> |
| <name>strict.transport.enabled</name> |
| <value>false</value> |
| </param> |
| <param> |
| <name>xframe.options.enabled</name> |
| <value>true</value> |
| </param> |
| <param> |
| <name>xframe.options</name> |
| <value>SAMEORIGIN</value> |
| </param> |
| </provider> |
| <provider> |
| <role>federation</role> |
| <name>SSOCookieProvider</name> |
| <enabled>true</enabled> |
| </provider> |
| <provider> |
| <role>identity-assertion</role> |
| <name>Default</name> |
| <enabled>true</enabled> |
| </provider> |
| </gateway> |
| <service> |
| <role>KNOXSSOUT</role> |
| </service> |
| <service> |
| <role>KNOX-SESSION</role> |
| </service> |
| <service> |
| <role>KNOX-METADATA</role> |
| </service> |
| <service> |
| <role>KNOXTOKEN</role> |
| <param> |
| <name>knox.token.ttl</name> |
| <value>10368000000</value> |
| </param> |
| <param> |
| <name>knox.token.target.url</name> |
| <value>proxy-token/</value> |
| </param> |
| <param> |
| <name>knox.token.client.data</name> |
| <value>homepage_url=homepage/home?profile=token&topologies=sandbox</value> |
| </param> |
| <param> |
| <name>knox.token.exp.server-managed</name> |
| <value>true</value> |
| </param> |
| <param> |
| <name>knox.token.renewer.whitelist</name> |
| <value>admin</value> |
| </param> |
| </service> |
| <application> |
| <name>tokengen</name> |
| </application> |
| <application> |
| <name>home</name> |
| </application> |
| <application> |
| <name>token-management</name> |
| </application> |
| </topology> |