Documentation
¶
Index ¶
- type Admin
- type Analytics
- type Authentication
- type AuthenticationPolicy
- type Branding
- type Claims
- type Client
- type Database
- type Env
- type Global
- type Internal
- type Jwt
- type JwtPolicy
- type LdapGroups
- type LdapSsl
- type Links
- type Login
- type LoginLdap
- type Logout
- type Notifications
- type Oauth
- type Parameter
- type PasswordPolicy
- type Prompt
- type PromptPassword
- type Proxy
- type Redirect
- type Saml
- type Scim
- type ScimUser
- type Servlet
- type Smtp
- type Socket
- type Uaa
- type UaaJob
- type UaaLdap
- type UaaLogin
- type UaaPassword
- type UaaSsl
- type UaaUser
- type Uaadb
- type Username
- type Zones
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Admin ¶
type Admin struct {
/*ClientSecret - Descr: Secret of the admin client - a client named admin with uaa.admin as an authority Default: <nil>
*/
ClientSecret interface{} `yaml:"client_secret,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Analytics ¶
type Analytics struct {
/*Code - Descr: Google analytics code. If Google Analytics is desired set both login.analytics.code and login.analytics.domain Default: <nil>
*/
Code interface{} `yaml:"code,omitempty"`
/*Domain - Descr: Google analytics domain. If Google Analytics is desired set both login.analytics.code and login.analytics.domain Default: <nil>
*/
Domain interface{} `yaml:"domain,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Authentication ¶
type Authentication struct {
/*Policy - Descr: Number of allowed failures before account is locked Default: 5
*/
Policy *AuthenticationPolicy `yaml:"policy,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type AuthenticationPolicy ¶
type AuthenticationPolicy struct {
/*LockoutPeriodSeconds - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
LockoutPeriodSeconds interface{} `yaml:"lockoutPeriodSeconds,omitempty"`
/*Global - Descr: Number of allowed failures before account is locked Default: 5
*/
Global *Global `yaml:"global,omitempty"`
/*CountFailuresWithinSeconds - Descr: Number of seconds in which lockoutAfterFailures failures must occur in order for account to be locked Default: 1200
*/
CountFailuresWithinSeconds interface{} `yaml:"countFailuresWithinSeconds,omitempty"`
/*LockoutAfterFailures - Descr: Number of allowed failures before account is locked Default: 5
*/
LockoutAfterFailures interface{} `yaml:"lockoutAfterFailures,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Branding ¶
type Branding struct {
FooterLinks interface{} `yaml:"footer_links,omitempty"`
/*ProductLogo - Descr: This is a base64 encoded PNG image which will be used as the logo on all UAA pages like Login, Sign Up etc. Default: <nil>
*/
ProductLogo interface{} `yaml:"product_logo,omitempty"`
/*SquareLogo - Descr: This is a base64 encoded PNG image which will be used as the favicon for the UAA pages Default: <nil>
*/
SquareLogo interface{} `yaml:"square_logo,omitempty"`
/*CompanyName - Descr: This name is used on the UAA Pages and in account management related communication in UAA Default: <nil>
*/
CompanyName interface{} `yaml:"company_name,omitempty"`
FooterLegalText interface{} `yaml:"footer_legal_text,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Claims ¶
type Claims struct {
/*Exclude - Descr: List of claims to exclude from the JWT-based OAuth2 tokens Default: <nil>
*/
Exclude interface{} `yaml:"exclude,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Client ¶
type Client struct {
/*Autoapprove - Descr: Deprecated Default: [login support-signon]
*/
Autoapprove interface{} `yaml:"autoapprove,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Database ¶
type Database struct {
/*MaxConnections - Descr: The max number of open connections to the DB from a running UAA instance Default: 100
*/
MaxConnections interface{} `yaml:"max_connections,omitempty"`
/*LogAbandoned - Descr: Should connections that are forcibly closed be logged. Default: true
*/
LogAbandoned interface{} `yaml:"log_abandoned,omitempty"`
/*RemoveAbandoned - Descr: True if connections that are left open longer then abandoned_timeout seconds during a session(time between borrow and return from pool) should be forcibly closed Default: false
*/
RemoveAbandoned interface{} `yaml:"remove_abandoned,omitempty"`
/*AbandonedTimeout - Descr: Timeout in seconds for the longest running queries. Take into DB migrations for this timeout as they may run during a long period of time. Default: 300
*/
AbandonedTimeout interface{} `yaml:"abandoned_timeout,omitempty"`
/*CaseInsensitive - Descr: Set to true if you don't want to be using LOWER() SQL functions in search queries/filters, because you know that your DB is case insensitive. If this property is null, then it will be set to true if the UAA DB is MySQL and false otherwise, but even on MySQL you can override it by setting it explicitly to false Default: <nil>
*/
CaseInsensitive interface{} `yaml:"case_insensitive,omitempty"`
/*MaxIdleConnections - Descr: The max number of open idle connections to the DB from a running UAA instance Default: 10
*/
MaxIdleConnections interface{} `yaml:"max_idle_connections,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Env ¶
type Env struct {
/*HttpsProxy - Descr: The https_proxy across the VMs Default: <nil>
*/
HttpsProxy interface{} `yaml:"https_proxy,omitempty"`
/*HttpProxy - Descr: The http_proxy across the VMs Default: <nil>
*/
HttpProxy interface{} `yaml:"http_proxy,omitempty"`
/*NoProxy - Descr: Set No_Proxy across the VMs Default: <nil>
*/
NoProxy interface{} `yaml:"no_proxy,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Global ¶
type Global struct {
/*LockoutPeriodSeconds - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
LockoutPeriodSeconds interface{} `yaml:"lockoutPeriodSeconds,omitempty"`
/*RequireSpecialCharacter - Descr: Minimum number of special characters required for password to be considered valid Default: 0
*/
RequireSpecialCharacter interface{} `yaml:"requireSpecialCharacter,omitempty"`
/*LockoutAfterFailures - Descr: Number of allowed failures before account is locked Default: 5
*/
LockoutAfterFailures interface{} `yaml:"lockoutAfterFailures,omitempty"`
/*RefreshTokenValiditySeconds - Descr: The global refresh token validity for all zones if nothing is configured on the client Default: 2592000
*/
RefreshTokenValiditySeconds interface{} `yaml:"refreshTokenValiditySeconds,omitempty"`
/*AccessTokenValiditySeconds - Descr: The global access token validity for all zones if nothing is configured on the client Default: 43200
*/
AccessTokenValiditySeconds interface{} `yaml:"accessTokenValiditySeconds,omitempty"`
/*MinLength - Descr: Minimum number of characters required for password to be considered valid Default: 0
*/
MinLength interface{} `yaml:"minLength,omitempty"`
/*RequireLowerCaseCharacter - Descr: Minimum number of lowercase characters required for password to be considered valid Default: 0
*/
RequireLowerCaseCharacter interface{} `yaml:"requireLowerCaseCharacter,omitempty"`
/*RequireDigit - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
RequireDigit interface{} `yaml:"requireDigit,omitempty"`
/*RequireUpperCaseCharacter - Descr: Minimum number of uppercase characters required for password to be considered valid Default: 0
*/
RequireUpperCaseCharacter interface{} `yaml:"requireUpperCaseCharacter,omitempty"`
/*CountFailuresWithinSeconds - Descr: Number of seconds in which lockoutAfterFailures failures must occur in order for account to be locked Default: 3600
*/
CountFailuresWithinSeconds interface{} `yaml:"countFailuresWithinSeconds,omitempty"`
/*MaxLength - Descr: Maximum number of characters required for password to be considered valid Default: 255
*/
MaxLength interface{} `yaml:"maxLength,omitempty"`
/*ExpirePasswordInMonths - Descr: Number of months after which current password expires Default: 0
*/
ExpirePasswordInMonths interface{} `yaml:"expirePasswordInMonths,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Internal ¶
type Internal struct {
/*Hostnames - Descr: A list of hostnames that are routed to the UAA, specifically the default zone in the UAA. The UAA will reject any Host headers that it doesn't recognize.
By default the UAA recognizes:
The hostname from the property uaa.url
The hostname from the property login.url
localhost (in order to accept health checks)
Any hostnames added as a list are additive to the default hostnames allowed.
Default: <nil>
*/
Hostnames interface{} `yaml:"hostnames,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Jwt ¶
type Jwt struct {
/*Policy - Descr: The global refresh token validity for all zones if nothing is configured on the client Default: 2592000
*/
Policy *JwtPolicy `yaml:"policy,omitempty"`
/*VerificationKey - Descr: The key used to verify JWT-based OAuth2 tokens Default: <nil>
*/
VerificationKey interface{} `yaml:"verification_key,omitempty"`
/*Claims - Descr: List of claims to exclude from the JWT-based OAuth2 tokens Default: <nil>
*/
Claims *Claims `yaml:"claims,omitempty"`
/*SigningKey - Descr: The key used to sign the JWT-based OAuth2 tokens Default: <nil>
*/
SigningKey interface{} `yaml:"signing_key,omitempty"`
/*Revocable - Descr: Set to true if you wish that even JWT tokens become individually revocable and stored in the UAA token storage. This setting applies to the default zone only. Default: false
*/
Revocable interface{} `yaml:"revocable,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type JwtPolicy ¶
type JwtPolicy struct {
/*Keys - Descr: Map of key IDs and signing keys, each defined with a property `signingKey` Default: <nil>
*/
Keys interface{} `yaml:"keys,omitempty"`
/*Global - Descr: The global refresh token validity for all zones if nothing is configured on the client Default: 2592000
*/
Global *Global `yaml:"global,omitempty"`
/*AccessTokenValiditySeconds - Descr: The access token validity for the default zone if nothing is configured on the client. Will override global validity policies for the default zone only. Default: 43200
*/
AccessTokenValiditySeconds interface{} `yaml:"accessTokenValiditySeconds,omitempty"`
/*RefreshTokenValiditySeconds - Descr: The refresh token validity for the default zone if nothing is configured on the client. Will override global validity policies for the default zone only. Default: 2592000
*/
RefreshTokenValiditySeconds interface{} `yaml:"refreshTokenValiditySeconds,omitempty"`
/*ActiveKeyId - Descr: The ID of the JWT signing key to be used when signing tokens. Default: <nil>
*/
ActiveKeyId interface{} `yaml:"active_key_id,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type LdapGroups ¶
type LdapGroups struct {
/*SearchSubtree - Descr: Boolean value, set to true to search below the search base Default: true
*/
SearchSubtree interface{} `yaml:"searchSubtree,omitempty"`
/*AutoAdd - Descr: Set to true when profile_type=groups_as_scopes to auto create scopes for a user. Ignored for other profiles. Default: true
*/
AutoAdd interface{} `yaml:"autoAdd,omitempty"`
/*MaxSearchDepth - Descr: Set to number of levels a nested group search should go. Set to 1 to disable nested groups (default) Default: 1
*/
MaxSearchDepth interface{} `yaml:"maxSearchDepth,omitempty"`
/*GroupRoleAttribute - Descr: Used with groups-as-scopes, defines the attribute that holds the scope name(s). Default: spring.security.ldap.dn
*/
GroupRoleAttribute interface{} `yaml:"groupRoleAttribute,omitempty"`
/*GroupSearchFilter - Descr: Search query filter to find the groups a user belongs to, or for a nested search, groups that a group belongs to Default: member={0}
*/
GroupSearchFilter interface{} `yaml:"groupSearchFilter,omitempty"`
/*SearchBase - Descr: Search start point for a user group membership search Default:
*/
SearchBase interface{} `yaml:"searchBase,omitempty"`
/*ProfileType - Descr: What type of group integration should be used. Values are: 'no-groups', 'groups-as-scopes', 'groups-map-to-scopes' Default: no-groups
*/
ProfileType interface{} `yaml:"profile_type,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type LdapSsl ¶
type LdapSsl struct {
/*Skipverification - Descr: Set to true, and LDAPS connection will not validate the server certificate. Default: false
*/
Skipverification interface{} `yaml:"skipverification,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Links ¶
type Links struct {
/*Passwd - Descr: URL for requesting password reset Default: /forgot_password
*/
Passwd interface{} `yaml:"passwd,omitempty"`
/*Signup - Descr: URL for requesting to signup/register for an account Default: /create_account
*/
Signup interface{} `yaml:"signup,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Login ¶
type Login struct {
/*IdpDiscoveryEnabled - Descr: IDP Discovery should be set to true if you have configured more than one identity provider for UAA. The discovery relies on email domain being set for each additional provider Default: false
*/
IdpDiscoveryEnabled interface{} `yaml:"idpDiscoveryEnabled,omitempty"`
/*Analytics - Descr: Google analytics domain. If Google Analytics is desired set both login.analytics.code and login.analytics.domain Default: <nil>
*/
Analytics *Analytics `yaml:"analytics,omitempty"`
/*UaaBase - Descr: Deprecated. Use uaa.url for setting the location of UAA. Default: <nil>
*/
UaaBase interface{} `yaml:"uaa_base,omitempty"`
/*Protocol - Descr: Scheme to use for HTTP communication (http/https) Default: https
*/
Protocol interface{} `yaml:"protocol,omitempty"`
/*Logout - Descr: When set to false, this allows an operator to leverage an open redirect on the UAA (/logout.do?redirect=google.com). No open redirect enabled Default: true
*/
Logout *Logout `yaml:"logout,omitempty"`
/*SignupsEnabled - Descr: Deprecated. Use login.self_service_links_enabled. Instructs UAA to use 'enable account creation flow'. Enabled by default. Default: true
*/
SignupsEnabled interface{} `yaml:"signups_enabled,omitempty"`
/*Tiles - Descr: A list of links to other services to show on the landing page after log in. Default: <nil>
*/
Tiles interface{} `yaml:"tiles,omitempty"`
/*HomeRedirect - Descr: URL for configuring a custom home page Default: <nil>
*/
HomeRedirect interface{} `yaml:"home_redirect,omitempty"`
/*Oauth - Descr: Contains a hash of OpenID Connect/Oauth Identity Providers, the key will be used as the origin key for that provider, followed by key/value pairs. Presence of the userInfoUrl will mark it as an OpenID provider instead of OAuth. Default: <nil>
*/
Oauth *Oauth `yaml:"oauth,omitempty"`
/*Url - Descr: Set if you have an external login server.
The UAA uses this link on by its email service to create links
The UAA uses this as a base domain for internal hostnames so that subdomain can be detected
This defaults to the uaa.url property, and if not set, to login.<domain>
Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*Messages - Descr: A nested or flat hash of messages that the login server uses to display UI message
This will be flattened into a java.util.Properties file. The example below will lead
to four properties, where the key is the concatenated value delimited by dot, for example scope.tokens.read=message
Default: <nil>
*/
Messages interface{} `yaml:"messages,omitempty"`
/*Prompt - Descr: The text used to prompt for a username during login Default: Email
*/
Prompt *Prompt `yaml:"prompt,omitempty"`
/*Branding - Descr: This is a base64 encoded PNG image which will be used as the logo on all UAA pages like Login, Sign Up etc. Default: <nil>
*/
Branding *Branding `yaml:"branding,omitempty"`
/*Smtp - Descr: SMTP server password Default: <nil>
*/
Smtp *Smtp `yaml:"smtp,omitempty"`
/*SelfServiceLinksEnabled - Descr: Enable self-service account creation and password resets links. Default: <nil>
*/
SelfServiceLinksEnabled interface{} `yaml:"self_service_links_enabled,omitempty"`
/*Ldap - Descr: Deprecated. Use uaa.ldap.sslCertificateAlias - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
Ldap *LoginLdap `yaml:"ldap,omitempty"`
/*AssetBaseUrl - Descr: Base url for static assets, allows custom styling of the login server. Use '/resources/pivotal' for Pivotal style. Default: /resources/oss
*/
AssetBaseUrl interface{} `yaml:"asset_base_url,omitempty"`
/*EntityId - Descr: Deprecated. Use login.saml.entityid Default: <nil>
*/
EntityId interface{} `yaml:"entity_id,omitempty"`
/*Notifications - Descr: The url for the notifications service (configure to use Notifications Service instead of SMTP server) Default: <nil>
*/
Notifications *Notifications `yaml:"notifications,omitempty"`
/*Links - Descr: URL for requesting to signup/register for an account Default: /create_account
*/
Links *Links `yaml:"links,omitempty"`
/*Saml - Descr: Deprecated. Use login.saml.providers list objects Default: 1
*/
Saml *Saml `yaml:"saml,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type LoginLdap ¶
type LoginLdap struct {
/*PasswordEncoder - Descr: Deprecated. Use uaa.ldap.passwordEncoder - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: org.cloudfoundry.identity.uaa.login.ldap.DynamicPasswordComparator
*/
PasswordEncoder interface{} `yaml:"passwordEncoder,omitempty"`
/*SslCertificateAlias - Descr: Deprecated. Use uaa.ldap.sslCertificateAlias - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
SslCertificateAlias interface{} `yaml:"sslCertificateAlias,omitempty"`
/*UserDNPattern - Descr: Deprecated. Use uaa.ldap.userDNPattern - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
UserDNPattern interface{} `yaml:"userDNPattern,omitempty"`
/*SearchBase - Descr: Deprecated. Use uaa.ldap.searchBase - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default:
*/
SearchBase interface{} `yaml:"searchBase,omitempty"`
/*SearchFilter - Descr: Deprecated. Use uaa.ldap.searchFilter - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: cn={0}
*/
SearchFilter interface{} `yaml:"searchFilter,omitempty"`
/*SslCertificate - Descr: Deprecated. Use uaa.ldap.sslCertificate - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
SslCertificate interface{} `yaml:"sslCertificate,omitempty"`
/*ProfileType - Descr: Deprecated. Use uaa.ldap.profile_type - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
ProfileType interface{} `yaml:"profile_type,omitempty"`
/*PasswordAttributeName - Descr: Deprecated. Use uaa.ldap.passwordAttributeName - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: userPassword
*/
PasswordAttributeName interface{} `yaml:"passwordAttributeName,omitempty"`
/*LocalPasswordCompare - Descr: Deprecated. Use uaa.ldap.localPasswordCompare - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: true
*/
LocalPasswordCompare interface{} `yaml:"localPasswordCompare,omitempty"`
/*Url - Descr: Deprecated. Use uaa.ldap.url - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*UserPassword - Descr: Deprecated. Use uaa.ldap.userPassword - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
UserPassword interface{} `yaml:"userPassword,omitempty"`
/*UserDN - Descr: Deprecated. Use uaa.ldap.userDN - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
UserDN interface{} `yaml:"userDN,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Logout ¶
type Logout struct {
/*Redirect - Descr: When set to false, this allows an operator to leverage an open redirect on the UAA (/logout.do?redirect=google.com). No open redirect enabled Default: true
*/
Redirect *Redirect `yaml:"redirect,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Notifications ¶
type Notifications struct {
/*Url - Descr: The url for the notifications service (configure to use Notifications Service instead of SMTP server) Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Oauth ¶
type Oauth struct {
/*Providers - Descr: Contains a hash of OpenID Connect/Oauth Identity Providers, the key will be used as the origin key for that provider, followed by key/value pairs. Presence of the userInfoUrl will mark it as an OpenID provider instead of OAuth. Default: <nil>
*/
Providers interface{} `yaml:"providers,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Parameter ¶
type Parameter struct {
/*Whitelist - Descr: A list of URLs. When this list is non null, including empty, and disable=false, logout redirects are allowed, but limited to the whitelist URLs. If a redirect parameter value is not white listed, redirect will be to the default URL. Default: <nil>
*/
Whitelist interface{} `yaml:"whitelist,omitempty"`
/*Disable - Descr: When set to false, this allows an operator to leverage an open redirect on the UAA (/logout.do?redirect=google.com). No open redirect enabled Default: true
*/
Disable interface{} `yaml:"disable,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type PasswordPolicy ¶
type PasswordPolicy struct {
/*MaxLength - Descr: Maximum number of characters required for password to be considered valid Default: 255
*/
MaxLength interface{} `yaml:"maxLength,omitempty"`
/*RequireUpperCaseCharacter - Descr: Minimum number of uppercase characters required for password to be considered valid Default: 0
*/
RequireUpperCaseCharacter interface{} `yaml:"requireUpperCaseCharacter,omitempty"`
/*RequireSpecialCharacter - Descr: Minimum number of special characters required for password to be considered valid Default: 0
*/
RequireSpecialCharacter interface{} `yaml:"requireSpecialCharacter,omitempty"`
/*MinLength - Descr: Minimum number of characters required for password to be considered valid Default: 0
*/
MinLength interface{} `yaml:"minLength,omitempty"`
/*RequireDigit - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
RequireDigit interface{} `yaml:"requireDigit,omitempty"`
/*Global - Descr: Number of months after which current password expires Default: 0
*/
Global *Global `yaml:"global,omitempty"`
/*RequireLowerCaseCharacter - Descr: Minimum number of lowercase characters required for password to be considered valid Default: 0
*/
RequireLowerCaseCharacter interface{} `yaml:"requireLowerCaseCharacter,omitempty"`
/*ExpirePasswordInMonths - Descr: Number of months after which current password expires Default: 0
*/
ExpirePasswordInMonths interface{} `yaml:"expirePasswordInMonths,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Prompt ¶
type Prompt struct {
/*Password - Descr: The text used to prompt for a password during login Default: Password
*/
Password *PromptPassword `yaml:"password,omitempty"`
/*Username - Descr: The text used to prompt for a username during login Default: Email
*/
Username *Username `yaml:"username,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type PromptPassword ¶
type PromptPassword struct {
/*Text - Descr: The text used to prompt for a password during login Default: Password
*/
Text interface{} `yaml:"text,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Proxy ¶
type Proxy struct {
/*Servers - Descr: Array of the router IPs acting as the first group of HTTP/TCP backends. These will be added to the proxy_ips_regex as exact matches. When using spiff, these will be router_z1 and router_z2 static IPs from cf-jobs.yml Default: []
*/
Servers interface{} `yaml:"servers,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Redirect ¶
type Redirect struct {
/*Url - Descr: The Location of the redirect header following a logout of the the UAA (/logout.do). Default: /login
*/
Url interface{} `yaml:"url,omitempty"`
/*Parameter - Descr: When set to false, this allows an operator to leverage an open redirect on the UAA (/logout.do?redirect=google.com). No open redirect enabled Default: true
*/
Parameter *Parameter `yaml:"parameter,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Saml ¶
type Saml struct {
/*Socket - Descr: Read timeout in milliseconds for SAML metadata HTTP requests Default: 10000
*/
Socket *Socket `yaml:"socket,omitempty"`
/*SignMetaData - Descr: Global property to sign Local/SP metadata Default: true
*/
SignMetaData interface{} `yaml:"signMetaData,omitempty"`
/*ServiceProviderCertificate - Descr: Service provider certificate. Default: <nil>
*/
ServiceProviderCertificate interface{} `yaml:"serviceProviderCertificate,omitempty"`
/*IdpEntityAlias - Descr: Deprecated. Use login.saml.providers list objects Default: <nil>
*/
IdpEntityAlias interface{} `yaml:"idpEntityAlias,omitempty"`
/*ServiceProviderKey - Descr: Private key for the service provider certificate. Default: <nil>
*/
ServiceProviderKey interface{} `yaml:"serviceProviderKey,omitempty"`
/*MetadataTrustCheck - Descr: Deprecated. Use login.saml.providers list objects Default: true
*/
MetadataTrustCheck interface{} `yaml:"metadataTrustCheck,omitempty"`
/*Entityid - Descr: This is used as the SAML Service Provider Entity ID. Each zone has a unique entity ID. Zones other than
the default zone will derive their entity ID from this setting by prefexing it with the subdomain.
Default: <nil>
*/
Entityid interface{} `yaml:"entityid,omitempty"`
/*Providers - Descr: Contains a hash of SAML Identity Providers, the key is the IDP Alias, followed by key/value pairs. To learn more about how to setup a saml identity provider go to https://simplesamlphp.org Default: <nil>
*/
Providers interface{} `yaml:"providers,omitempty"`
/*AssertionConsumerIndex - Descr: Deprecated. Use login.saml.providers list objects Default: 1
*/
AssertionConsumerIndex interface{} `yaml:"assertionConsumerIndex,omitempty"`
/*WantAssertionSigned - Descr: Global property to request that external IDPs sign their SAML assertion before sending them to the UAA Default: false
*/
WantAssertionSigned interface{} `yaml:"wantAssertionSigned,omitempty"`
/*SignRequest - Descr: Global property to sign Local/SP requests Default: true
*/
SignRequest interface{} `yaml:"signRequest,omitempty"`
/*IdpMetadataURL - Descr: Deprecated. Use login.saml.providers list objects Default: <nil>
*/
IdpMetadataURL interface{} `yaml:"idpMetadataURL,omitempty"`
/*IdpMetadataFile - Descr: Deprecated. Use login.saml.providers list objects Default: <nil>
*/
IdpMetadataFile interface{} `yaml:"idp_metadata_file,omitempty"`
/*EntityBaseUrl - Descr: The URL for which SAML identity providers will post assertions to.
If set it overrides the default.
This URL should NOT have the schema (http:// or https:// prefix in it) instead just the hostname.
The schema is derived by #{login.protocol} property.
The default value is #{uaa.url}.replaceFirst('uaa','login'), typically login.example.com
The UAA will display this link in the cf --sso call if there is a SAML provider enabled.
Default: <nil>
*/
EntityBaseUrl interface{} `yaml:"entity_base_url,omitempty"`
/*NameidFormat - Descr: Deprecated. Use login.saml.providers list objects Default: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
*/
NameidFormat interface{} `yaml:"nameidFormat,omitempty"`
/*ServiceProviderKeyPassword - Descr: Password to protect the service provider private key. Default: <nil>
*/
ServiceProviderKeyPassword interface{} `yaml:"serviceProviderKeyPassword,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Scim ¶
type Scim struct {
/*ExternalGroups - Descr: External group mappings. Either formatted as an OpenStruct or a list of pipe-separated specifications. The list format is deprecated.
As an OpenStruct, the mapping additionally specifies an origin to which the mapping is applied:
origin1:
external_group1:
- internal_group1
- internal_group2
- internal_group3
external_group2:
- internal_group2
- internal_group4
origin2:
external_group3:
- internal_group3
- internal_group4
- internal_group5
As a list, each entry consists of the following (The origin defaults to ldap in this case.):
- internal_group_name|space_delimited_external_groups another_group another_group_etc
Default: <nil>
*/
ExternalGroups interface{} `yaml:"external_groups,omitempty"`
/*Groups - Descr: Contains a hash of group names and their descriptions. These groups will be added to the UAA database for the default zone but not associated with any user.
Example:
uaa:
scim:
groups:
my-test-group: 'My test group description'
another-group: 'Another group description'
Deprecated format(still supported, but may be removed in the future):
Comma separated list of groups that should be added to the UAA db, but not assigned to a user by default.
Default: <nil>
*/
Groups interface{} `yaml:"groups,omitempty"`
/*UseridsEnabled - Descr: Enables the endpoint `/ids/Users` that allows consumers to translate user ids to name Default: true
*/
UseridsEnabled interface{} `yaml:"userids_enabled,omitempty"`
/*Users - Descr: A list of users to be bootstrapped with authorities.
Each entry supports the following format:
Short Pipe: username|password|comma,separated,groups
Long Pipe: username|password|email|firstName|lastName|comma,separated,groups|origin
Short OpenStruct:
- name: username
password: password
groups:
- group1
- group2
Long OpenStruct:
- name: username
password: password
groups:
- group1
- group2
firstName: first name
lastName: lastName
email: email
origin: origin-value - most commonly uaa
Default: <nil>
*/
Users interface{} `yaml:"users,omitempty"`
/*User - Descr: If true override users defined in uaa.scim.users found in the database. Default: true
*/
User *ScimUser `yaml:"user,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type ScimUser ¶
type ScimUser struct {
/*Override - Descr: If true override users defined in uaa.scim.users found in the database. Default: true
*/
Override interface{} `yaml:"override,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Servlet ¶
type Servlet struct {
/*SessionCookie - Descr: Optional configuration of the UAA session cookie.
Defaults are the following key value pairs:
secure: <(boolean)this value if set, otherwise require_https>
http-only: <(boolean) - default to true. set HttpOnly flag on cookie.
max-age: <(int) lifetime in seconds of cookie - default to 30 minutes)
name: <(String) name of cookie, default is JSESSIONID>
comment: <(String) optional comment in cookie>
path: <(String) path for cookie, default is />
domain: <(String) domain for cookie, default is incoming request domain>
Default: <nil>
*/
SessionCookie interface{} `yaml:"session-cookie,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Smtp ¶
type Smtp struct {
/*User - Descr: SMTP server username Default: <nil>
*/
User interface{} `yaml:"user,omitempty"`
/*FromAddress - Descr: SMTP from address Default: <nil>
*/
FromAddress interface{} `yaml:"from_address,omitempty"`
/*Host - Descr: SMTP server host address Default: localhost
*/
Host interface{} `yaml:"host,omitempty"`
/*Port - Descr: SMTP server port Default: 2525
*/
Port interface{} `yaml:"port,omitempty"`
/*Password - Descr: SMTP server password Default: <nil>
*/
Password interface{} `yaml:"password,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Socket ¶
type Socket struct {
/*ConnectionManagerTimeout - Descr: Timeout in milliseconds for connection pooling for SAML metadata HTTP requests Default: 10000
*/
ConnectionManagerTimeout interface{} `yaml:"connectionManagerTimeout,omitempty"`
/*SoTimeout - Descr: Read timeout in milliseconds for SAML metadata HTTP requests Default: 10000
*/
SoTimeout interface{} `yaml:"soTimeout,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Uaa ¶
type Uaa struct {
/*Issuer - Descr: The url to use as the issuer URI Default: <nil>
*/
Issuer interface{} `yaml:"issuer,omitempty"`
/*DisableInternalAuth - Descr: Disables internal user authentication Default: false
*/
DisableInternalAuth interface{} `yaml:"disableInternalAuth,omitempty"`
/*Newrelic - Descr: To enable newrelic monitoring, the sub element of this property will be placed in
a configuration file called newrelic.yml in the jobs config directory.
The syntax that must adhere to documentation in https://docs.newrelic.com/docs/agents/java-agent/configuration/java-agent-configuration-config-file
The JVM option -javaagent:/path/to/newrelic.jar will be added to Apache Tomcat's startup script
The enablement of the NewRelic agent in the UAA is triggered by the property uaa.newrelic.common.license_key
The property uaa.newrelic.common.license_key must be set!
Default: <nil>
*/
Newrelic interface{} `yaml:"newrelic,omitempty"`
/*Login - Descr: Default login client secret, if no login client is defined Default: <nil>
*/
Login *UaaLogin `yaml:"login,omitempty"`
/*CatalinaOpts - Descr: The options used to configure Tomcat Default: -Xmx768m -XX:MaxPermSize=256m
*/
CatalinaOpts interface{} `yaml:"catalina_opts,omitempty"`
/*RequireHttps - Descr: Request came in on a secure connection. Expect the load balancer/proxy to set the proper headers (x-forwarded-for, x-forwarded-proto) Default: true
*/
RequireHttps interface{} `yaml:"require_https,omitempty"`
/*SslPrivateKey - Descr: The server's ssl private key. Only passphrase-less keys are supported Default:
*/
SslPrivateKey interface{} `yaml:"sslPrivateKey,omitempty"`
/*RestrictedIpsRegex - Descr: A pipe delimited set of regular expressions of IP addresses that can reach the listening HTTP port of the server. Default: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
*/
RestrictedIpsRegex interface{} `yaml:"restricted_ips_regex,omitempty"`
/*Clients - Descr: List of OAuth2 clients that the UAA will be bootstrapped with Default: <nil>
*/
Clients interface{} `yaml:"clients,omitempty"`
/*Jwt - Descr: Set to true if you wish that even JWT tokens become individually revocable and stored in the UAA token storage. This setting applies to the default zone only. Default: false
*/
Jwt *Jwt `yaml:"jwt,omitempty"`
/*Authentication - Descr: Number of allowed failures before account is locked Default: 5
*/
Authentication *Authentication `yaml:"authentication,omitempty"`
/*Scim - Descr: If true override users defined in uaa.scim.users found in the database. Default: true
*/
Scim *Scim `yaml:"scim,omitempty"`
/*DisableInternalUserManagement - Descr: Disables UI and API for internal user management Default: false
*/
DisableInternalUserManagement interface{} `yaml:"disableInternalUserManagement,omitempty"`
/*Zones - Descr: A list of hostnames that are routed to the UAA, specifically the default zone in the UAA. The UAA will reject any Host headers that it doesn't recognize.
By default the UAA recognizes:
The hostname from the property uaa.url
The hostname from the property login.url
localhost (in order to accept health checks)
Any hostnames added as a list are additive to the default hostnames allowed.
Default: <nil>
*/
Zones *Zones `yaml:"zones,omitempty"`
/*ProxyIpsRegex - Descr: A pipe delimited set of regular expressions of IP addresses that are considered reverse proxies.
When a request from these IP addresses come in, the x-forwarded-for and x-forwarded-proto headers will be respected.
If the uaa.restricted_ips_regex is set, it will be appended to this list for backwards compatibility purposes
If spiff has been used and includes templates/cf-jobs.yml to generate the manifest. This list will automatically
contain the Router IP addresses
Default: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
*/
ProxyIpsRegex interface{} `yaml:"proxy_ips_regex,omitempty"`
/*Port - Descr: Port that uaa will accept connections on Default: 8080
*/
Port interface{} `yaml:"port,omitempty"`
/*Database - Descr: Timeout in seconds for the longest running queries. Take into DB migrations for this timeout as they may run during a long period of time. Default: 300
*/
Database *Database `yaml:"database,omitempty"`
/*Url - Descr: The base url of the UAA Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*Password - Descr: Number of months after which current password expires Default: 0
*/
Password *UaaPassword `yaml:"password,omitempty"`
/*User - Descr: Contains a list of the default authorities/scopes assigned to a user Default: [openid scim.me cloud_controller.read cloud_controller.write cloud_controller_service_permissions.read password.write uaa.user approvals.me oauth.approvals notification_preferences.read notification_preferences.write profile roles user_attributes]
*/
User *UaaUser `yaml:"user,omitempty"`
/*LoggingUseRfc3339 - Descr: Sets the time format for log messages to be yyyy-MM-dd'T'HH:mm:ss.SSSXXX instead of yyyy-MM-dd HH:mm:ss.SSS Default: false
*/
LoggingUseRfc3339 interface{} `yaml:"logging_use_rfc3339,omitempty"`
/*Admin - Descr: Secret of the admin client - a client named admin with uaa.admin as an authority Default: <nil>
*/
Admin *Admin `yaml:"admin,omitempty"`
/*Servlet - Descr: Optional configuration of the UAA session cookie.
Defaults are the following key value pairs:
secure: <(boolean)this value if set, otherwise require_https>
http-only: <(boolean) - default to true. set HttpOnly flag on cookie.
max-age: <(int) lifetime in seconds of cookie - default to 30 minutes)
name: <(String) name of cookie, default is JSESSIONID>
comment: <(String) optional comment in cookie>
path: <(String) path for cookie, default is />
domain: <(String) domain for cookie, default is incoming request domain>
Default: <nil>
*/
Servlet *Servlet `yaml:"servlet,omitempty"`
/*DumpRequests - Descr: When set to true dumps UAA requests to uaa.log Default: false
*/
DumpRequests interface{} `yaml:"dump_requests,omitempty"`
/*SslCertificate - Descr: The server's ssl certificate. The default is a self-signed certificate and should always be replaced for production deployments Default:
*/
SslCertificate interface{} `yaml:"sslCertificate,omitempty"`
/*Proxy - Descr: Array of the router IPs acting as the first group of HTTP/TCP backends. These will be added to the proxy_ips_regex as exact matches. When using spiff, these will be router_z1 and router_z2 static IPs from cf-jobs.yml Default: []
*/
Proxy *Proxy `yaml:"proxy,omitempty"`
/*Ssl - Descr: If this property Tomcat will listen to this port and expect https traffic. If null, tomcat will not listen to this port Default: 8443
*/
Ssl *UaaSsl `yaml:"ssl,omitempty"`
/*LoggingLevel - Descr: Set UAA logging level. (e.g. TRACE, DEBUG, INFO) Default: DEBUG
*/
LoggingLevel interface{} `yaml:"logging_level,omitempty"`
/*Ldap - Descr: Set to true if you wish to override an LDAP user email address with a generated one Default: false
*/
Ldap *UaaLdap `yaml:"ldap,omitempty"`
/*Client - Descr: Deprecated Default: [login support-signon]
*/
Client *Client `yaml:"client,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaJob ¶
type UaaJob struct {
/*Domain - Descr: Deprecated. Use uaa.url for setting the location of UAA Default: <nil>
*/
Domain interface{} `yaml:"domain,omitempty"`
/*Uaa - Descr: Number of months after which current password expires Default: 0
*/
Uaa *Uaa `yaml:"uaa,omitempty"`
/*Uaadb - Descr: The list of database Roles used in UAA database including tag/name/password Default: <nil>
*/
Uaadb *Uaadb `yaml:"uaadb,omitempty"`
/*Env - Descr: Set No_Proxy across the VMs Default: <nil>
*/
Env *Env `yaml:"env,omitempty"`
/*Login - Descr: Deprecated. Use login.saml.providers list objects Default: 1
*/
Login *Login `yaml:"login,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaLdap ¶
type UaaLdap struct {
/*EmailDomain - Descr: Sets the whitelist of emails domains that the LDAP identity provider handles Default: <nil>
*/
EmailDomain interface{} `yaml:"emailDomain,omitempty"`
/*SslCertificateAlias - Descr: Used with ldaps:// URLs. The certificate alias, to be trusted by this connection and stored in the keystore. Default: <nil>
*/
SslCertificateAlias interface{} `yaml:"sslCertificateAlias,omitempty"`
/*SslCertificate - Descr: Used with ldaps:// URLs. The certificate, if self signed, to be trusted by this connection. Default: <nil>
*/
SslCertificate interface{} `yaml:"sslCertificate,omitempty"`
/*MailSubstituteOverridesLdap - Descr: Set to true if you wish to override an LDAP user email address with a generated one Default: false
*/
MailSubstituteOverridesLdap interface{} `yaml:"mailSubstituteOverridesLdap,omitempty"`
/*SearchBase - Descr: Used with search-and-bind and search-and-compare. Define a base where the search starts at. Default:
*/
SearchBase interface{} `yaml:"searchBase,omitempty"`
/*LocalPasswordCompare - Descr: Used with search-and-compare only. Set to true if passwords are retrieved by the search, and should be compared in the login server. Default: true
*/
LocalPasswordCompare interface{} `yaml:"localPasswordCompare,omitempty"`
/*PasswordAttributeName - Descr: Used with search-and-compare only. The name of the password attribute in the LDAP directory Default: userPassword
*/
PasswordAttributeName interface{} `yaml:"passwordAttributeName,omitempty"`
/*AttributeMappings - Descr: Specifies how UAA user attributes map to LDAP attributes. given_name, family_name, and phone_number are UAA user attributes, while other attributes should be included using the prefix `user.attribute` Default: <nil>
*/
AttributeMappings interface{} `yaml:"attributeMappings,omitempty"`
/*UserDNPattern - Descr: Used with simple-bind only. A semi-colon separated lists of DN patterns to construct a DN direct from the user ID without performing a search. Default: <nil>
*/
UserDNPattern interface{} `yaml:"userDNPattern,omitempty"`
/*UserDNPatternDelimiter - Descr: The delimiter character in between user DN patterns for simple-bind authentication Default: ;
*/
UserDNPatternDelimiter interface{} `yaml:"userDNPatternDelimiter,omitempty"`
/*Referral - Descr: Configures the UAA LDAP referral behavior. The following values are possible:
- follow -> Referrals are followed
- ignore -> Referrals are ignored and the partial result is returned
- throw -> An error is thrown and the authentication is aborted
Reference: http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html
Default: follow
*/
Referral interface{} `yaml:"referral,omitempty"`
/*ProfileType - Descr: The file to be used for configuring the LDAP authentication. Options are: 'simple-bind', 'search-and-bind', 'search-and-compare' Default: search-and-bind
*/
ProfileType interface{} `yaml:"profile_type,omitempty"`
/*UserPassword - Descr: Used with search-and-bind and search-and-compare. Password for the LDAP ID that performs a search of the LDAP tree for user information. Default: <nil>
*/
UserPassword interface{} `yaml:"userPassword,omitempty"`
/*Groups - Descr: Set to true when profile_type=groups_as_scopes to auto create scopes for a user. Ignored for other profiles. Default: true
*/
Groups *LdapGroups `yaml:"groups,omitempty"`
/*Enabled - Descr: Set to true to enable LDAP Default: false
*/
Enabled interface{} `yaml:"enabled,omitempty"`
/*SearchFilter - Descr: Used with search-and-bind and search-and-compare. Search filter used. Takes one parameter, user ID defined as {0} Default: cn={0}
*/
SearchFilter interface{} `yaml:"searchFilter,omitempty"`
/*UserDN - Descr: Used with search-and-bind and search-and-compare. A valid LDAP ID that has read permissions to perform a search of the LDAP tree for user information. Default: <nil>
*/
UserDN interface{} `yaml:"userDN,omitempty"`
/*ExternalGroupsWhitelist - Descr: Whitelist of external groups from LDAP that get added as roles in the ID Token Default: <nil>
*/
ExternalGroupsWhitelist interface{} `yaml:"externalGroupsWhitelist,omitempty"`
/*PasswordEncoder - Descr: Used with search-and-compare only. The encoder used to properly encode user password to match the one in the LDAP directory. Default: org.cloudfoundry.identity.uaa.ldap.DynamicPasswordComparator
*/
PasswordEncoder interface{} `yaml:"passwordEncoder,omitempty"`
/*MailSubstitute - Descr: Defines an email pattern containing a {0} to generate an email address for an LDAP user during authentication Default:
*/
MailSubstitute interface{} `yaml:"mailSubstitute,omitempty"`
/*Ssl - Descr: Set to true, and LDAPS connection will not validate the server certificate. Default: false
*/
Ssl *LdapSsl `yaml:"ssl,omitempty"`
/*MailAttributeName - Descr: The name of the LDAP attribute that contains the users email address Default: mail
*/
MailAttributeName interface{} `yaml:"mailAttributeName,omitempty"`
/*Url - Descr: The URL to the ldap server, must start with ldap:// or ldaps:// Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaLogin ¶
type UaaLogin struct {
/*ClientSecret - Descr: Default login client secret, if no login client is defined Default: <nil>
*/
ClientSecret interface{} `yaml:"client_secret,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaPassword ¶
type UaaPassword struct {
/*Policy - Descr: Number of months after which current password expires Default: 0
*/
Policy *PasswordPolicy `yaml:"policy,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaSsl ¶
type UaaSsl struct {
/*ProtocolHeader - Descr: The header to look for to determine if ssl termination was performed by a front end load balancer. Default: x-forwarded-proto
*/
ProtocolHeader interface{} `yaml:"protocol_header,omitempty"`
/*Port - Descr: If this property Tomcat will listen to this port and expect https traffic. If null, tomcat will not listen to this port Default: 8443
*/
Port interface{} `yaml:"port,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaUser ¶
type UaaUser struct {
/*Authorities - Descr: Contains a list of the default authorities/scopes assigned to a user Default: [openid scim.me cloud_controller.read cloud_controller.write cloud_controller_service_permissions.read password.write uaa.user approvals.me oauth.approvals notification_preferences.read notification_preferences.write profile roles user_attributes]
*/
Authorities interface{} `yaml:"authorities,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Uaadb ¶
type Uaadb struct {
/*DbScheme - Descr: Database scheme for UAA DB Default: <nil>
*/
DbScheme interface{} `yaml:"db_scheme,omitempty"`
/*Roles - Descr: The list of database Roles used in UAA database including tag/name/password Default: <nil>
*/
Roles interface{} `yaml:"roles,omitempty"`
/*Address - Descr: The UAA database IP address Default: <nil>
*/
Address interface{} `yaml:"address,omitempty"`
/*Port - Descr: The UAA database Port Default: <nil>
*/
Port interface{} `yaml:"port,omitempty"`
/*Databases - Descr: The list of databases used in UAA database including tag/name Default: <nil>
*/
Databases interface{} `yaml:"databases,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Username ¶
type Username struct {
/*Text - Descr: The text used to prompt for a username during login Default: Email
*/
Text interface{} `yaml:"text,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Zones ¶
type Zones struct {
/*Internal - Descr: A list of hostnames that are routed to the UAA, specifically the default zone in the UAA. The UAA will reject any Host headers that it doesn't recognize.
By default the UAA recognizes:
The hostname from the property uaa.url
The hostname from the property login.url
localhost (in order to accept health checks)
Any hostnames added as a list are additive to the default hostnames allowed.
Default: <nil>
*/
Internal *Internal `yaml:"internal,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
Source Files
¶
- admin.go
- analytics.go
- authentication.go
- authenticationpolicy.go
- branding.go
- claims.go
- client.go
- database.go
- env.go
- global.go
- internal.go
- jwt.go
- jwtpolicy.go
- ldapgroups.go
- ldapssl.go
- links.go
- login.go
- loginldap.go
- logout.go
- notifications.go
- oauth.go
- parameter.go
- passwordpolicy.go
- prompt.go
- promptpassword.go
- proxy.go
- redirect.go
- saml.go
- scim.go
- scimuser.go
- servlet.go
- smtp.go
- socket.go
- uaa.go
- uaadb.go
- uaajob.go
- uaaldap.go
- uaalogin.go
- uaapassword.go
- uaassl.go
- uaauser.go
- username.go
- zones.go
Click to show internal directories.
Click to hide internal directories.