| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| |
| |
| # |
| # This file contains localization strings for configuration labels and |
| # descriptions as used in the metatype.xml descriptor generated by the |
| # the Sling SCR plugin |
| |
| # |
| # Request Authenticator. Uses AuthenticationHandlers for the |
| # actual work of extracting user details from the request. |
| auth.name = Apache Sling Authentication Service |
| auth.description = Extracts user authentication details from the request with \ |
| the help of authentication handlers registered as separate services. One \ |
| example of such an authentication handler is the handler HTTP Authorization \ |
| header contained authentication. |
| |
| auth.annonymous.name = Allow Anonymous Access |
| auth.annonymous.description = Whether default access as anonymous when no \ |
| credentials are present in the request is allowed. The default value is \ |
| "true" to allow access without credentials. When set to "false" access to the \ |
| repository is only allowed if valid credentials are presented. The value of \ |
| this configuration option is added to list of Authentication Requirements \ |
| and needs not be explicitly listed. If anonymous access is allowed the entry \ |
| added is "-/". Otherwise anonymous access is denied and "+/" is added to the \ |
| list. |
| |
| sling.auth.anonymous.user.name = Anonymous User Name |
| sling.auth.anonymous.user.description = Defines which user name to assume \ |
| for anonymous requests, that is requests not providing credentials \ |
| supported by any of the registered authentication handlers. If this \ |
| property is missing or empty, the default is assumed which depends on \ |
| the resource provider(s). Otherwise anonymous requests are handled with \ |
| this user name. If the configured user name does not exist or is not \ |
| allowed to access the resource data, anonymous requests may still be \ |
| blocked. If anonymous access is not allowed, this property is ignored. |
| |
| sling.auth.anonymous.password.name = Anonymous User Password |
| sling.auth.anonymous.password.description = Password for the anonymous \ |
| user defined in the Anonymous User Name field. This property is only \ |
| used if a non-empty anonymous user name is configured. If this property \ |
| is not defined but a password is required, an empty password would be \ |
| assumed. |
| |
| |
| sling.auth.requirements.name = Authentication Requirements |
| sling.auth.requirements.description = Defines URL space subtrees which require \ |
| or don't require authentication. For any request the best matching path \ |
| configured applies and defines whether authentication is actually required \ |
| for the request or not. Each entry in this list can be an absolute path (such \ |
| as /content) or and absolute URI (such as http://thehost/content). Optionally \ |
| each entry may be prefixed by a plus (+) or minus (-) sign indicating that \ |
| authentication is required (plus) or not required (minus). Example entries are \ |
| "/content" or "+/content" to require authentication at and below "/content" and \ |
| "-/system/sling/login" to not require authentication at and below \ |
| "/system/sling/login". By default this list is empty. This list is extended at \ |
| run time with additional entries: One entry is added for the "Allow Anonymous \ |
| Access" configuration. Other entries are added for any services setting the \ |
| "sling.auth.requirements" service registration property. |
| |
| auth.uri.suffix.name = Authentication URI Suffices |
| auth.uri.suffix.description = A list of request URI suffixes intended to \ |
| be handled by Authentication Handlers. Any request whose request URI \ |
| ends with any one of the listed suffices is intended to be handled by \ |
| an Authentication Handler causing the request to either be rejected or \ |
| the client being redirected to another location and thus the request not \ |
| being further processed after the authentication phase. The default is \ |
| just "/j_security_check" which is the suffix defined by the Servlet API \ |
| specification used for FORM based authentication. |
| |
| auth.sudo.cookie.name = Impersonation Cookie |
| auth.sudo.cookie.description = The name the HTTP Cookie to set with the value \ |
| of the user which is to be impersonated. This cookie will always be a session \ |
| cookie. |
| |
| auth.sudo.parameter.name = Impersonation Parameter |
| auth.sudo.parameter.description = The name of the request parameter initiating \ |
| impersonation. Setting this parameter to a user id will result in using an \ |
| impersonated session (instead of the actually authenticated session) and set \ |
| a session cookie of the name defined in the Impersonation Cookie setting. |
| |
| auth.newpassword.parameter.name = New Password Parameter |
| auth.newpassword.parameter.description = The name of the request POST parameter \ |
| used for changing the password alongside a login request when the user's password \ |
| has expired. |
| |
| auth.http.name = HTTP Basic Authentication |
| auth.http.description = Level of support for HTTP Basic Authentication. Such \ |
| support can be provided in three levels: (1) no support at all, that is \ |
| disabled, (2) preemptive support, that is HTTP Basic Authentication is \ |
| supported if the authentication header is set in the request, (3) full \ |
| support. The default is preemptive support unless Anonymous Access is \ |
| not allowed. In this case HTTP Basic Authentication is always enabled \ |
| to ensure clients can authenticate at least with basic authentication. |
| |
| auth.http.realm.name = Realm |
| auth.http.realm.description = HTTP BASIC authentication realm. This property \ |
| is only used if the HTTP Basic Authentication support is not disabled. The \ |
| default value is "Sling (Development)". |