Documentation
¶
Index ¶
- type Admin
- type Analytics
- type Authentication
- type AuthenticationPolicy
- type Branding
- type Claims
- type Client
- type Database
- type Env
- type Global
- type Internal
- type Jwt
- type JwtPolicy
- type LdapGroups
- type LdapSsl
- type Links
- type Login
- type LoginLdap
- type Logout
- type Notifications
- type Oauth
- type Parameter
- type PasswordPolicy
- type Prompt
- type PromptPassword
- type Proxy
- type Redirect
- type Saml
- type Scim
- type ScimUser
- type Servlet
- type Smtp
- type Socket
- type Ssl
- type Uaa
- type UaaJob
- type UaaLdap
- type UaaLogin
- type UaaPassword
- type UaaSsl
- type UaaUser
- type Uaadb
- type Username
- type Zones
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Admin ¶
type Admin struct {
/*ClientSecret - Descr: Secret of the admin client - a client named admin with uaa.admin as an authority Default: <nil>
*/
ClientSecret interface{} `yaml:"client_secret,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Analytics ¶
type Analytics struct {
/*Domain - Descr: Google analytics domain. If Google Analytics is desired set both login.analytics.code and login.analytics.domain Default: <nil>
*/
Domain interface{} `yaml:"domain,omitempty"`
/*Code - Descr: Google analytics code. If Google Analytics is desired set both login.analytics.code and login.analytics.domain Default: <nil>
*/
Code interface{} `yaml:"code,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Authentication ¶
type Authentication struct {
/*Policy - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
Policy *AuthenticationPolicy `yaml:"policy,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type AuthenticationPolicy ¶
type AuthenticationPolicy struct {
/*CountFailuresWithinSeconds - Descr: Number of seconds in which lockoutAfterFailures failures must occur in order for account to be locked Default: 3600
*/
CountFailuresWithinSeconds interface{} `yaml:"countFailuresWithinSeconds,omitempty"`
/*Global - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
Global *Global `yaml:"global,omitempty"`
/*LockoutPeriodSeconds - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
LockoutPeriodSeconds interface{} `yaml:"lockoutPeriodSeconds,omitempty"`
/*LockoutAfterFailures - Descr: Number of allowed failures before account is locked Default: 5
*/
LockoutAfterFailures interface{} `yaml:"lockoutAfterFailures,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Branding ¶
type Branding struct {
FooterLinks interface{} `yaml:"footer_links,omitempty"`
FooterLegalText interface{} `yaml:"footer_legal_text,omitempty"`
/*CompanyName - Descr: This name is used on the UAA Pages and in account management related communication in UAA Default: <nil>
*/
CompanyName interface{} `yaml:"company_name,omitempty"`
/*SquareLogo - Descr: This is a base64 encoded PNG image which will be used as the favicon for the UAA pages Default: <nil>
*/
SquareLogo interface{} `yaml:"square_logo,omitempty"`
/*ProductLogo - Descr: This is a base64 encoded PNG image which will be used as the logo on all UAA pages like Login, Sign Up etc. Default: <nil>
*/
ProductLogo interface{} `yaml:"product_logo,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Claims ¶
type Claims struct {
/*Exclude - Descr: List of claims to exclude from the JWT-based OAuth2 tokens Default: <nil>
*/
Exclude interface{} `yaml:"exclude,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Client ¶
type Client struct {
/*Autoapprove - Descr: Deprecated Default: [login support-signon]
*/
Autoapprove interface{} `yaml:"autoapprove,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Database ¶
type Database struct {
/*RemoveAbandoned - Descr: True if connections that are left open longer then abandoned_timeout seconds during a session(time between borrow and return from pool) should be forcibly closed Default: false
*/
RemoveAbandoned interface{} `yaml:"remove_abandoned,omitempty"`
/*AbandonedTimeout - Descr: Timeout in seconds for the longest running queries. Take into DB migrations for this timeout as they may run during a long period of time. Default: 300
*/
AbandonedTimeout interface{} `yaml:"abandoned_timeout,omitempty"`
/*LogAbandoned - Descr: Should connections that are forcibly closed be logged. Default: true
*/
LogAbandoned interface{} `yaml:"log_abandoned,omitempty"`
/*CaseInsensitive - Descr: Set to true if you don't want to be using LOWER() SQL functions in search queries/filters, because you know that your DB is case insensitive. If this property is null, then it will be set to true if the UAA DB is MySQL and false otherwise, but even on MySQL you can override it by setting it explicitly to false Default: <nil>
*/
CaseInsensitive interface{} `yaml:"case_insensitive,omitempty"`
/*MaxIdleConnections - Descr: The max number of open idle connections to the DB from a running UAA instance Default: 10
*/
MaxIdleConnections interface{} `yaml:"max_idle_connections,omitempty"`
/*MaxConnections - Descr: The max number of open connections to the DB from a running UAA instance Default: 100
*/
MaxConnections interface{} `yaml:"max_connections,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Env ¶
type Env struct {
/*NoProxy - Descr: Set No_Proxy across the VMs Default: <nil>
*/
NoProxy interface{} `yaml:"no_proxy,omitempty"`
/*HttpProxy - Descr: The http_proxy across the VMs Default: <nil>
*/
HttpProxy interface{} `yaml:"http_proxy,omitempty"`
/*HttpsProxy - Descr: The https_proxy across the VMs Default: <nil>
*/
HttpsProxy interface{} `yaml:"https_proxy,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Global ¶
type Global struct {
/*LockoutAfterFailures - Descr: Number of allowed failures before account is locked Default: 5
*/
LockoutAfterFailures interface{} `yaml:"lockoutAfterFailures,omitempty"`
/*CountFailuresWithinSeconds - Descr: Number of seconds in which lockoutAfterFailures failures must occur in order for account to be locked Default: 3600
*/
CountFailuresWithinSeconds interface{} `yaml:"countFailuresWithinSeconds,omitempty"`
/*MaxLength - Descr: Maximum number of characters required for password to be considered valid Default: 255
*/
MaxLength interface{} `yaml:"maxLength,omitempty"`
/*RefreshTokenValiditySeconds - Descr: The global refresh token validity for all zones if nothing is configured on the client Default: 2592000
*/
RefreshTokenValiditySeconds interface{} `yaml:"refreshTokenValiditySeconds,omitempty"`
/*RequireDigit - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
RequireDigit interface{} `yaml:"requireDigit,omitempty"`
/*MinLength - Descr: Minimum number of characters required for password to be considered valid Default: 0
*/
MinLength interface{} `yaml:"minLength,omitempty"`
/*LockoutPeriodSeconds - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
LockoutPeriodSeconds interface{} `yaml:"lockoutPeriodSeconds,omitempty"`
/*AccessTokenValiditySeconds - Descr: The global access token validity for all zones if nothing is configured on the client Default: 43200
*/
AccessTokenValiditySeconds interface{} `yaml:"accessTokenValiditySeconds,omitempty"`
/*ExpirePasswordInMonths - Descr: Number of months after which current password expires Default: 0
*/
ExpirePasswordInMonths interface{} `yaml:"expirePasswordInMonths,omitempty"`
/*RequireLowerCaseCharacter - Descr: Minimum number of lowercase characters required for password to be considered valid Default: 0
*/
RequireLowerCaseCharacter interface{} `yaml:"requireLowerCaseCharacter,omitempty"`
/*RequireSpecialCharacter - Descr: Minimum number of special characters required for password to be considered valid Default: 0
*/
RequireSpecialCharacter interface{} `yaml:"requireSpecialCharacter,omitempty"`
/*RequireUpperCaseCharacter - Descr: Minimum number of uppercase characters required for password to be considered valid Default: 0
*/
RequireUpperCaseCharacter interface{} `yaml:"requireUpperCaseCharacter,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Internal ¶
type Internal struct {
/*Hostnames - Descr: A list of hostnames that are routed to the UAA, specifically the default zone in the UAA. The UAA will reject any Host headers that it doesn't recognize.
By default the UAA recognizes:
The hostname from the property uaa.url
The hostname from the property login.url
localhost (in order to accept health checks)
Any hostnames added as a list are additive to the default hostnames allowed.
Default: <nil>
*/
Hostnames interface{} `yaml:"hostnames,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Jwt ¶
type Jwt struct {
/*Policy - Descr: Map of key IDs and signing keys, each defined with a property `signingKey` Default: <nil>
*/
Policy *JwtPolicy `yaml:"policy,omitempty"`
/*VerificationKey - Descr: The key used to verify JWT-based OAuth2 tokens Default: <nil>
*/
VerificationKey interface{} `yaml:"verification_key,omitempty"`
/*Claims - Descr: List of claims to exclude from the JWT-based OAuth2 tokens Default: <nil>
*/
Claims *Claims `yaml:"claims,omitempty"`
/*SigningKey - Descr: The key used to sign the JWT-based OAuth2 tokens Default: <nil>
*/
SigningKey interface{} `yaml:"signing_key,omitempty"`
/*Revocable - Descr: Set to true if you wish that even JWT tokens become individually revocable and stored in the UAA token storage. This setting applies to the default zone only. Default: false
*/
Revocable interface{} `yaml:"revocable,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type JwtPolicy ¶
type JwtPolicy struct {
/*AccessTokenValiditySeconds - Descr: The access token validity for the default zone if nothing is configured on the client. Will override global validity policies for the default zone only. Default: 43200
*/
AccessTokenValiditySeconds interface{} `yaml:"accessTokenValiditySeconds,omitempty"`
/*ActiveKeyId - Descr: The ID of the JWT signing key to be used when signing tokens. Default: <nil>
*/
ActiveKeyId interface{} `yaml:"active_key_id,omitempty"`
/*Keys - Descr: Map of key IDs and signing keys, each defined with a property `signingKey` Default: <nil>
*/
Keys interface{} `yaml:"keys,omitempty"`
/*RefreshTokenValiditySeconds - Descr: The refresh token validity for the default zone if nothing is configured on the client. Will override global validity policies for the default zone only. Default: 2592000
*/
RefreshTokenValiditySeconds interface{} `yaml:"refreshTokenValiditySeconds,omitempty"`
/*Global - Descr: The global access token validity for all zones if nothing is configured on the client Default: 43200
*/
Global *Global `yaml:"global,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type LdapGroups ¶
type LdapGroups struct {
/*GroupRoleAttribute - Descr: Used with groups-as-scopes, defines the attribute that holds the scope name(s). Default: spring.security.ldap.dn
*/
GroupRoleAttribute interface{} `yaml:"groupRoleAttribute,omitempty"`
/*SearchSubtree - Descr: Boolean value, set to true to search below the search base Default: true
*/
SearchSubtree interface{} `yaml:"searchSubtree,omitempty"`
/*GroupSearchFilter - Descr: Search query filter to find the groups a user belongs to, or for a nested search, groups that a group belongs to Default: member={0}
*/
GroupSearchFilter interface{} `yaml:"groupSearchFilter,omitempty"`
/*ProfileType - Descr: What type of group integration should be used. Values are: 'no-groups', 'groups-as-scopes', 'groups-map-to-scopes' Default: no-groups
*/
ProfileType interface{} `yaml:"profile_type,omitempty"`
/*MaxSearchDepth - Descr: Set to number of levels a nested group search should go. Set to 1 to disable nested groups (default) Default: 1
*/
MaxSearchDepth interface{} `yaml:"maxSearchDepth,omitempty"`
/*AutoAdd - Descr: Set to true when profile_type=groups_as_scopes to auto create scopes for a user. Ignored for other profiles. Default: true
*/
AutoAdd interface{} `yaml:"autoAdd,omitempty"`
/*SearchBase - Descr: Search start point for a user group membership search Default:
*/
SearchBase interface{} `yaml:"searchBase,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type LdapSsl ¶ added in v0.0.18
type LdapSsl struct {
/*Skipverification - Descr: Set to true, and LDAPS connection will not validate the server certificate. Default: false
*/
Skipverification interface{} `yaml:"skipverification,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Links ¶
type Links struct {
/*Signup - Descr: URL for requesting to signup/register for an account Default: /create_account
*/
Signup interface{} `yaml:"signup,omitempty"`
/*Passwd - Descr: URL for requesting password reset Default: /forgot_password
*/
Passwd interface{} `yaml:"passwd,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Login ¶
type Login struct {
/*Protocol - Descr: Scheme to use for HTTP communication (http/https) Default: https
*/
Protocol interface{} `yaml:"protocol,omitempty"`
/*Analytics - Descr: Google analytics domain. If Google Analytics is desired set both login.analytics.code and login.analytics.domain Default: <nil>
*/
Analytics *Analytics `yaml:"analytics,omitempty"`
/*Url - Descr: Set if you have an external login server.
The UAA uses this link on by its email service to create links
The UAA uses this as a base domain for internal hostnames so that subdomain can be detected
This defaults to the uaa.url property, and if not set, to login.<domain>
Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*SignupsEnabled - Descr: Deprecated. Use login.self_service_links_enabled. Instructs UAA to use 'enable account creation flow'. Enabled by default. Default: true
*/
SignupsEnabled interface{} `yaml:"signups_enabled,omitempty"`
/*IdpDiscoveryEnabled - Descr: IDP Discovery should be set to true if you have configured more than one identity provider for UAA. The discovery relies on email domain being set for each additional provider Default: false
*/
IdpDiscoveryEnabled interface{} `yaml:"idpDiscoveryEnabled,omitempty"`
/*Ldap - Descr: Deprecated. Use uaa.ldap.sslCertificateAlias - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
Ldap *LoginLdap `yaml:"ldap,omitempty"`
/*Messages - Descr: A nested or flat hash of messages that the login server uses to display UI message
This will be flattened into a java.util.Properties file. The example below will lead
to four properties, where the key is the concatenated value delimited by dot, for example scope.tokens.read=message
Default: <nil>
*/
Messages interface{} `yaml:"messages,omitempty"`
/*SelfServiceLinksEnabled - Descr: Enable self-service account creation and password resets links. Default: <nil>
*/
SelfServiceLinksEnabled interface{} `yaml:"self_service_links_enabled,omitempty"`
/*EntityId - Descr: Deprecated. Use login.saml.entityid Default: <nil>
*/
EntityId interface{} `yaml:"entity_id,omitempty"`
/*Prompt - Descr: The text used to prompt for a username during login Default: Email
*/
Prompt *Prompt `yaml:"prompt,omitempty"`
/*Notifications - Descr: The url for the notifications service (configure to use Notifications Service instead of SMTP server) Default: <nil>
*/
Notifications *Notifications `yaml:"notifications,omitempty"`
/*HomeRedirect - Descr: URL for configuring a custom home page Default: <nil>
*/
HomeRedirect interface{} `yaml:"home_redirect,omitempty"`
/*AssetBaseUrl - Descr: Base url for static assets, allows custom styling of the login server. Use '/resources/pivotal' for Pivotal style. Default: /resources/oss
*/
AssetBaseUrl interface{} `yaml:"asset_base_url,omitempty"`
/*Oauth - Descr: Contains a hash of OpenID Connect/Oauth Identity Providers, the key will be used as the origin key for that provider, followed by key/value pairs. Presence of the userInfoUrl will mark it as an OpenID provider instead of OAuth. Default: <nil>
*/
Oauth *Oauth `yaml:"oauth,omitempty"`
/*UaaBase - Descr: Deprecated. Use uaa.url for setting the location of UAA. Default: <nil>
*/
UaaBase interface{} `yaml:"uaa_base,omitempty"`
/*Branding - Descr: These links appear on the footer of all UAA pages. You may choose to add multiple urls for things like Support, Terms of Service etc. Default: <nil>
*/
Branding *Branding `yaml:"branding,omitempty"`
/*Saml - Descr: Global property to sign Local/SP requests Default: true
*/
Saml *Saml `yaml:"saml,omitempty"`
/*Tiles - Descr: A list of links to other services to show on the landing page after log in. Default: <nil>
*/
Tiles interface{} `yaml:"tiles,omitempty"`
/*Smtp - Descr: SMTP server port Default: 2525
*/
Smtp *Smtp `yaml:"smtp,omitempty"`
/*Links - Descr: URL for requesting to signup/register for an account Default: /create_account
*/
Links *Links `yaml:"links,omitempty"`
/*Logout - Descr: The Location of the redirect header following a logout of the the UAA (/logout.do). Default: /login
*/
Logout *Logout `yaml:"logout,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type LoginLdap ¶
type LoginLdap struct {
/*SslCertificate - Descr: Deprecated. Use uaa.ldap.sslCertificate - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
SslCertificate interface{} `yaml:"sslCertificate,omitempty"`
/*UserDNPattern - Descr: Deprecated. Use uaa.ldap.userDNPattern - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
UserDNPattern interface{} `yaml:"userDNPattern,omitempty"`
/*SearchBase - Descr: Deprecated. Use uaa.ldap.searchBase - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default:
*/
SearchBase interface{} `yaml:"searchBase,omitempty"`
/*SearchFilter - Descr: Deprecated. Use uaa.ldap.searchFilter - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: cn={0}
*/
SearchFilter interface{} `yaml:"searchFilter,omitempty"`
/*UserDN - Descr: Deprecated. Use uaa.ldap.userDN - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
UserDN interface{} `yaml:"userDN,omitempty"`
/*PasswordAttributeName - Descr: Deprecated. Use uaa.ldap.passwordAttributeName - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: userPassword
*/
PasswordAttributeName interface{} `yaml:"passwordAttributeName,omitempty"`
/*UserPassword - Descr: Deprecated. Use uaa.ldap.userPassword - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
UserPassword interface{} `yaml:"userPassword,omitempty"`
/*SslCertificateAlias - Descr: Deprecated. Use uaa.ldap.sslCertificateAlias - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
SslCertificateAlias interface{} `yaml:"sslCertificateAlias,omitempty"`
/*LocalPasswordCompare - Descr: Deprecated. Use uaa.ldap.localPasswordCompare - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: true
*/
LocalPasswordCompare interface{} `yaml:"localPasswordCompare,omitempty"`
/*PasswordEncoder - Descr: Deprecated. Use uaa.ldap.passwordEncoder - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: org.cloudfoundry.identity.uaa.login.ldap.DynamicPasswordComparator
*/
PasswordEncoder interface{} `yaml:"passwordEncoder,omitempty"`
/*Url - Descr: Deprecated. Use uaa.ldap.url - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*ProfileType - Descr: Deprecated. Use uaa.ldap.profile_type - login.ldap prefix is used for backwards compatibility to enable ldap from login config Default: <nil>
*/
ProfileType interface{} `yaml:"profile_type,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Logout ¶
type Logout struct {
/*Redirect - Descr: The Location of the redirect header following a logout of the the UAA (/logout.do). Default: /login
*/
Redirect *Redirect `yaml:"redirect,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Notifications ¶
type Notifications struct {
/*Url - Descr: The url for the notifications service (configure to use Notifications Service instead of SMTP server) Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Oauth ¶ added in v0.0.18
type Oauth struct {
/*Providers - Descr: Contains a hash of OpenID Connect/Oauth Identity Providers, the key will be used as the origin key for that provider, followed by key/value pairs. Presence of the userInfoUrl will mark it as an OpenID provider instead of OAuth. Default: <nil>
*/
Providers interface{} `yaml:"providers,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Parameter ¶
type Parameter struct {
/*Whitelist - Descr: A list of URLs. When this list is non null, including empty, and disable=false, logout redirects are allowed, but limited to the whitelist URLs. If a redirect parameter value is not white listed, redirect will be to the default URL. Default: <nil>
*/
Whitelist interface{} `yaml:"whitelist,omitempty"`
/*Disable - Descr: When set to false, this allows an operator to leverage an open redirect on the UAA (/logout.do?redirect=google.com). No open redirect enabled Default: true
*/
Disable interface{} `yaml:"disable,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type PasswordPolicy ¶
type PasswordPolicy struct {
/*MaxLength - Descr: Maximum number of characters required for password to be considered valid Default: 255
*/
MaxLength interface{} `yaml:"maxLength,omitempty"`
/*ExpirePasswordInMonths - Descr: Number of months after which current password expires Default: 0
*/
ExpirePasswordInMonths interface{} `yaml:"expirePasswordInMonths,omitempty"`
/*RequireSpecialCharacter - Descr: Minimum number of special characters required for password to be considered valid Default: 0
*/
RequireSpecialCharacter interface{} `yaml:"requireSpecialCharacter,omitempty"`
/*Global - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
Global *Global `yaml:"global,omitempty"`
/*MinLength - Descr: Minimum number of characters required for password to be considered valid Default: 0
*/
MinLength interface{} `yaml:"minLength,omitempty"`
/*RequireLowerCaseCharacter - Descr: Minimum number of lowercase characters required for password to be considered valid Default: 0
*/
RequireLowerCaseCharacter interface{} `yaml:"requireLowerCaseCharacter,omitempty"`
/*RequireUpperCaseCharacter - Descr: Minimum number of uppercase characters required for password to be considered valid Default: 0
*/
RequireUpperCaseCharacter interface{} `yaml:"requireUpperCaseCharacter,omitempty"`
/*RequireDigit - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
RequireDigit interface{} `yaml:"requireDigit,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Prompt ¶
type Prompt struct {
/*Username - Descr: The text used to prompt for a username during login Default: Email
*/
Username *Username `yaml:"username,omitempty"`
/*Password - Descr: The text used to prompt for a password during login Default: Password
*/
Password *PromptPassword `yaml:"password,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type PromptPassword ¶
type PromptPassword struct {
/*Text - Descr: The text used to prompt for a password during login Default: Password
*/
Text interface{} `yaml:"text,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Proxy ¶
type Proxy struct {
/*Servers - Descr: Array of the router IPs acting as the first group of HTTP/TCP backends. These will be added to the proxy_ips_regex as exact matches. When using spiff, these will be router_z1 and router_z2 static IPs from cf-jobs.yml Default: []
*/
Servers interface{} `yaml:"servers,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Redirect ¶
type Redirect struct {
/*Url - Descr: The Location of the redirect header following a logout of the the UAA (/logout.do). Default: /login
*/
Url interface{} `yaml:"url,omitempty"`
/*Parameter - Descr: A list of URLs. When this list is non null, including empty, and disable=false, logout redirects are allowed, but limited to the whitelist URLs. If a redirect parameter value is not white listed, redirect will be to the default URL. Default: <nil>
*/
Parameter *Parameter `yaml:"parameter,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Saml ¶
type Saml struct {
/*MetadataTrustCheck - Descr: Deprecated. Use login.saml.providers list objects Default: true
*/
MetadataTrustCheck interface{} `yaml:"metadataTrustCheck,omitempty"`
/*ServiceProviderKeyPassword - Descr: Password to protect the service provider private key. Default: <nil>
*/
ServiceProviderKeyPassword interface{} `yaml:"serviceProviderKeyPassword,omitempty"`
/*AssertionConsumerIndex - Descr: Deprecated. Use login.saml.providers list objects Default: 1
*/
AssertionConsumerIndex interface{} `yaml:"assertionConsumerIndex,omitempty"`
/*SignRequest - Descr: Global property to sign Local/SP requests Default: true
*/
SignRequest interface{} `yaml:"signRequest,omitempty"`
/*SignMetaData - Descr: Global property to sign Local/SP metadata Default: true
*/
SignMetaData interface{} `yaml:"signMetaData,omitempty"`
/*IdpMetadataURL - Descr: Deprecated. Use login.saml.providers list objects Default: <nil>
*/
IdpMetadataURL interface{} `yaml:"idpMetadataURL,omitempty"`
/*IdpEntityAlias - Descr: Deprecated. Use login.saml.providers list objects Default: <nil>
*/
IdpEntityAlias interface{} `yaml:"idpEntityAlias,omitempty"`
/*ServiceProviderCertificate - Descr: Service provider certificate. Default: <nil>
*/
ServiceProviderCertificate interface{} `yaml:"serviceProviderCertificate,omitempty"`
/*Entityid - Descr: This is used as the SAML Service Provider Entity ID. Each zone has a unique entity ID. Zones other than
the default zone will derive their entity ID from this setting by prefexing it with the subdomain.
Default: <nil>
*/
Entityid interface{} `yaml:"entityid,omitempty"`
/*NameidFormat - Descr: Deprecated. Use login.saml.providers list objects Default: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
*/
NameidFormat interface{} `yaml:"nameidFormat,omitempty"`
/*Socket - Descr: Read timeout in milliseconds for SAML metadata HTTP requests Default: 10000
*/
Socket *Socket `yaml:"socket,omitempty"`
/*IdpMetadataFile - Descr: Deprecated. Use login.saml.providers list objects Default: <nil>
*/
IdpMetadataFile interface{} `yaml:"idp_metadata_file,omitempty"`
/*Providers - Descr: Contains a hash of SAML Identity Providers, the key is the IDP Alias, followed by key/value pairs. To learn more about how to setup a saml identity provider go to https://simplesamlphp.org Default: <nil>
*/
Providers interface{} `yaml:"providers,omitempty"`
/*WantAssertionSigned - Descr: Global property to request that external IDPs sign their SAML assertion before sending them to the UAA Default: false
*/
WantAssertionSigned interface{} `yaml:"wantAssertionSigned,omitempty"`
/*EntityBaseUrl - Descr: The URL for which SAML identity providers will post assertions to.
If set it overrides the default.
This URL should NOT have the schema (http:// or https:// prefix in it) instead just the hostname.
The schema is derived by #{login.protocol} property.
The default value is #{uaa.url}.replaceFirst('uaa','login'), typically login.example.com
The UAA will display this link in the cf --sso call if there is a SAML provider enabled.
Default: <nil>
*/
EntityBaseUrl interface{} `yaml:"entity_base_url,omitempty"`
/*ServiceProviderKey - Descr: Private key for the service provider certificate. Default: <nil>
*/
ServiceProviderKey interface{} `yaml:"serviceProviderKey,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Scim ¶
type Scim struct {
/*User - Descr: If true override users defined in uaa.scim.users found in the database. Default: true
*/
User *ScimUser `yaml:"user,omitempty"`
/*Users - Descr: A list of users to be bootstrapped with authorities.
Each entry supports the following format:
Short Pipe: username|password|comma,separated,groups
Long Pipe: username|password|email|firstName|lastName|comma,separated,groups|origin
Short OpenStruct:
- name: username
password: password
groups:
- group1
- group2
Long OpenStruct:
- name: username
password: password
groups:
- group1
- group2
firstName: first name
lastName: lastName
email: email
origin: origin-value - most commonly uaa
Default: <nil>
*/
Users interface{} `yaml:"users,omitempty"`
/*Groups - Descr: Contains a hash of group names and their descriptions. These groups will be added to the UAA database for the default zone but not associated with any user.
Example:
uaa:
scim:
groups:
my-test-group: 'My test group description'
another-group: 'Another group description'
Deprecated format(still supported, but may be removed in the future):
Comma separated list of groups that should be added to the UAA db, but not assigned to a user by default.
Default: <nil>
*/
Groups interface{} `yaml:"groups,omitempty"`
/*UseridsEnabled - Descr: Enables the endpoint `/ids/Users` that allows consumers to translate user ids to name Default: true
*/
UseridsEnabled interface{} `yaml:"userids_enabled,omitempty"`
/*ExternalGroups - Descr: External group mappings. Either formatted as an OpenStruct or a list of pipe-separated specifications. The list format is deprecated.
As an OpenStruct, the mapping additionally specifies an origin to which the mapping is applied:
origin1:
external_group1:
- internal_group1
- internal_group2
- internal_group3
external_group2:
- internal_group2
- internal_group4
origin2:
external_group3:
- internal_group3
- internal_group4
- internal_group5
As a list, each entry consists of the following (The origin defaults to ldap in this case.):
- internal_group_name|space_delimited_external_groups another_group another_group_etc
Default: <nil>
*/
ExternalGroups interface{} `yaml:"external_groups,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type ScimUser ¶
type ScimUser struct {
/*Override - Descr: If true override users defined in uaa.scim.users found in the database. Default: true
*/
Override interface{} `yaml:"override,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Servlet ¶
type Servlet struct {
/*SessionCookie - Descr: Optional configuration of the UAA session cookie.
Defaults are the following key value pairs:
secure: <(boolean)this value if set, otherwise require_https>
http-only: <(boolean) - default to true. set HttpOnly flag on cookie.
max-age: <(int) lifetime in seconds of cookie - default to 30 minutes)
name: <(String) name of cookie, default is JSESSIONID>
comment: <(String) optional comment in cookie>
path: <(String) path for cookie, default is />
domain: <(String) domain for cookie, default is incoming request domain>
Default: <nil>
*/
SessionCookie interface{} `yaml:"session-cookie,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Smtp ¶
type Smtp struct {
/*Port - Descr: SMTP server port Default: 2525
*/
Port interface{} `yaml:"port,omitempty"`
/*Password - Descr: SMTP server password Default: <nil>
*/
Password interface{} `yaml:"password,omitempty"`
/*Host - Descr: SMTP server host address Default: localhost
*/
Host interface{} `yaml:"host,omitempty"`
/*User - Descr: SMTP server username Default: <nil>
*/
User interface{} `yaml:"user,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Socket ¶
type Socket struct {
/*SoTimeout - Descr: Read timeout in milliseconds for SAML metadata HTTP requests Default: 10000
*/
SoTimeout interface{} `yaml:"soTimeout,omitempty"`
/*ConnectionManagerTimeout - Descr: Timeout in milliseconds for connection pooling for SAML metadata HTTP requests Default: 10000
*/
ConnectionManagerTimeout interface{} `yaml:"connectionManagerTimeout,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Ssl ¶
type Ssl struct {
/*Port - Descr: If this property Tomcat will listen to this port and expect https traffic. If null, tomcat will not listen to this port Default: 8443
*/
Port interface{} `yaml:"port,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Uaa ¶
type Uaa struct {
/*Servlet - Descr: Optional configuration of the UAA session cookie.
Defaults are the following key value pairs:
secure: <(boolean)this value if set, otherwise require_https>
http-only: <(boolean) - default to true. set HttpOnly flag on cookie.
max-age: <(int) lifetime in seconds of cookie - default to 30 minutes)
name: <(String) name of cookie, default is JSESSIONID>
comment: <(String) optional comment in cookie>
path: <(String) path for cookie, default is />
domain: <(String) domain for cookie, default is incoming request domain>
Default: <nil>
*/
Servlet *Servlet `yaml:"servlet,omitempty"`
/*Ldap - Descr: The file to be used for configuring the LDAP authentication. Options are: 'simple-bind', 'search-and-bind', 'search-and-compare' Default: search-and-bind
*/
Ldap *UaaLdap `yaml:"ldap,omitempty"`
/*Password - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
Password *UaaPassword `yaml:"password,omitempty"`
/*Authentication - Descr: Number of seconds to lock out an account when lockoutAfterFailures failures is exceeded Default: 300
*/
Authentication *Authentication `yaml:"authentication,omitempty"`
/*Client - Descr: Deprecated Default: [login support-signon]
*/
Client *Client `yaml:"client,omitempty"`
/*Database - Descr: Timeout in seconds for the longest running queries. Take into DB migrations for this timeout as they may run during a long period of time. Default: 300
*/
Database *Database `yaml:"database,omitempty"`
/*Newrelic - Descr: To enable newrelic monitoring, the sub element of this property will be placed in
a configuration file called newrelic.yml in the jobs config directory.
The syntax that must adhere to documentation in https://docs.newrelic.com/docs/agents/java-agent/configuration/java-agent-configuration-config-file
The JVM option -javaagent:/path/to/newrelic.jar will be added to Apache Tomcat's startup script
The enablement of the NewRelic agent in the UAA is triggered by the property uaa.newrelic.common.license_key
The property uaa.newrelic.common.license_key must be set!
Default: <nil>
*/
Newrelic interface{} `yaml:"newrelic,omitempty"`
/*LoggingUseRfc3339 - Descr: Sets the time format for log messages to be yyyy-MM-dd'T'HH:mm:ss.SSSXXX instead of yyyy-MM-dd HH:mm:ss.SSS Default: false
*/
LoggingUseRfc3339 interface{} `yaml:"logging_use_rfc3339,omitempty"`
/*Login - Descr: Default login client secret, if no login client is defined Default: <nil>
*/
Login *UaaLogin `yaml:"login,omitempty"`
/*LoggingLevel - Descr: Set UAA logging level. (e.g. TRACE, DEBUG, INFO) Default: DEBUG
*/
LoggingLevel interface{} `yaml:"logging_level,omitempty"`
/*Url - Descr: The base url of the UAA Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*RestrictedIpsRegex - Descr: A pipe delimited set of regular expressions of IP addresses that can reach the listening HTTP port of the server. Default: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
*/
RestrictedIpsRegex interface{} `yaml:"restricted_ips_regex,omitempty"`
/*Ssl - Descr: The header to look for to determine if ssl termination was performed by a front end load balancer. Default: x-forwarded-proto
*/
Ssl *UaaSsl `yaml:"ssl,omitempty"`
/*Jwt - Descr: Map of key IDs and signing keys, each defined with a property `signingKey` Default: <nil>
*/
Jwt *Jwt `yaml:"jwt,omitempty"`
/*DisableInternalAuth - Descr: Disables internal user authentication Default: false
*/
DisableInternalAuth interface{} `yaml:"disableInternalAuth,omitempty"`
/*Issuer - Descr: The url to use as the issuer URI Default: <nil>
*/
Issuer interface{} `yaml:"issuer,omitempty"`
/*User - Descr: Contains a list of the default authorities/scopes assigned to a user Default: [openid scim.me cloud_controller.read cloud_controller.write cloud_controller_service_permissions.read password.write uaa.user approvals.me oauth.approvals notification_preferences.read notification_preferences.write profile roles user_attributes]
*/
User *UaaUser `yaml:"user,omitempty"`
/*Scim - Descr: External group mappings. Either formatted as an OpenStruct or a list of pipe-separated specifications. The list format is deprecated.
As an OpenStruct, the mapping additionally specifies an origin to which the mapping is applied:
origin1:
external_group1:
- internal_group1
- internal_group2
- internal_group3
external_group2:
- internal_group2
- internal_group4
origin2:
external_group3:
- internal_group3
- internal_group4
- internal_group5
As a list, each entry consists of the following (The origin defaults to ldap in this case.):
- internal_group_name|space_delimited_external_groups another_group another_group_etc
Default: <nil>
*/
Scim *Scim `yaml:"scim,omitempty"`
/*Zones - Descr: A list of hostnames that are routed to the UAA, specifically the default zone in the UAA. The UAA will reject any Host headers that it doesn't recognize.
By default the UAA recognizes:
The hostname from the property uaa.url
The hostname from the property login.url
localhost (in order to accept health checks)
Any hostnames added as a list are additive to the default hostnames allowed.
Default: <nil>
*/
Zones *Zones `yaml:"zones,omitempty"`
/*DumpRequests - Descr: When set to true dumps UAA requests to uaa.log Default: false
*/
DumpRequests interface{} `yaml:"dump_requests,omitempty"`
/*DisableInternalUserManagement - Descr: Disables UI and API for internal user management Default: false
*/
DisableInternalUserManagement interface{} `yaml:"disableInternalUserManagement,omitempty"`
/*Clients - Descr: List of OAuth2 clients that the UAA will be bootstrapped with Default: <nil>
*/
Clients interface{} `yaml:"clients,omitempty"`
/*RequireHttps - Descr: Request came in on a secure connection. Expect the load balancer/proxy to set the proper headers (x-forwarded-for, x-forwarded-proto) Default: true
*/
RequireHttps interface{} `yaml:"require_https,omitempty"`
/*CatalinaOpts - Descr: The options used to configure Tomcat Default: -Xmx768m -XX:MaxPermSize=256m
*/
CatalinaOpts interface{} `yaml:"catalina_opts,omitempty"`
/*SslPrivateKey - Descr: The server's ssl private key. Only passphrase-less keys are supported Default:
*/
SslPrivateKey interface{} `yaml:"sslPrivateKey,omitempty"`
/*Port - Descr: Port that uaa will accept connections on Default: 8080
*/
Port interface{} `yaml:"port,omitempty"`
/*SslCertificate - Descr: The server's ssl certificate. The default is a self-signed certificate and should always be replaced for production deployments Default:
*/
SslCertificate interface{} `yaml:"sslCertificate,omitempty"`
/*Admin - Descr: Secret of the admin client - a client named admin with uaa.admin as an authority Default: <nil>
*/
Admin *Admin `yaml:"admin,omitempty"`
/*Proxy - Descr: Array of the router IPs acting as the first group of HTTP/TCP backends. These will be added to the proxy_ips_regex as exact matches. When using spiff, these will be router_z1 and router_z2 static IPs from cf-jobs.yml Default: []
*/
Proxy *Proxy `yaml:"proxy,omitempty"`
/*ProxyIpsRegex - Descr: A pipe delimited set of regular expressions of IP addresses that are considered reverse proxies.
When a request from these IP addresses come in, the x-forwarded-for and x-forwarded-proto headers will be respected.
If the uaa.restricted_ips_regex is set, it will be appended to this list for backwards compatibility purposes
If spiff has been used and includes templates/cf-jobs.yml to generate the manifest. This list will automatically
contain the Router IP addresses
Default: 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}
*/
ProxyIpsRegex interface{} `yaml:"proxy_ips_regex,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaJob ¶
type UaaJob struct {
/*Login - Descr: Global property to sign Local/SP requests Default: true
*/
Login *Login `yaml:"login,omitempty"`
/*Uaa - Descr: The file to be used for configuring the LDAP authentication. Options are: 'simple-bind', 'search-and-bind', 'search-and-compare' Default: search-and-bind
*/
Uaa *Uaa `yaml:"uaa,omitempty"`
/*Uaadb - Descr: The UAA database IP address Default: <nil>
*/
Uaadb *Uaadb `yaml:"uaadb,omitempty"`
/*Env - Descr: Set No_Proxy across the VMs Default: <nil>
*/
Env *Env `yaml:"env,omitempty"`
/*Domain - Descr: Deprecated. Use uaa.url for setting the location of UAA Default: <nil>
*/
Domain interface{} `yaml:"domain,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaLdap ¶
type UaaLdap struct {
/*UserDNPattern - Descr: Used with simple-bind only. A semi-colon separated lists of DN patterns to construct a DN direct from the user ID without performing a search. Default: <nil>
*/
UserDNPattern interface{} `yaml:"userDNPattern,omitempty"`
/*Enabled - Descr: Set to true to enable LDAP Default: false
*/
Enabled interface{} `yaml:"enabled,omitempty"`
/*ProfileType - Descr: The file to be used for configuring the LDAP authentication. Options are: 'simple-bind', 'search-and-bind', 'search-and-compare' Default: search-and-bind
*/
ProfileType interface{} `yaml:"profile_type,omitempty"`
/*UserDNPatternDelimiter - Descr: The delimiter character in between user DN patterns for simple-bind authentication Default: ;
*/
UserDNPatternDelimiter interface{} `yaml:"userDNPatternDelimiter,omitempty"`
/*PasswordAttributeName - Descr: Used with search-and-compare only. The name of the password attribute in the LDAP directory Default: userPassword
*/
PasswordAttributeName interface{} `yaml:"passwordAttributeName,omitempty"`
/*AttributeMappings - Descr: Specifies how UAA user attributes map to LDAP attributes. given_name, family_name, and phone_number are UAA user attributes, while other attributes should be included using the prefix `user.attribute` Default: <nil>
*/
AttributeMappings interface{} `yaml:"attributeMappings,omitempty"`
/*UserPassword - Descr: Used with search-and-bind and search-and-compare. Password for the LDAP ID that performs a search of the LDAP tree for user information. Default: <nil>
*/
UserPassword interface{} `yaml:"userPassword,omitempty"`
/*SearchBase - Descr: Used with search-and-bind and search-and-compare. Define a base where the search starts at. Default:
*/
SearchBase interface{} `yaml:"searchBase,omitempty"`
/*ExternalGroupsWhitelist - Descr: Whitelist of external groups from LDAP that get added as roles in the ID Token Default: <nil>
*/
ExternalGroupsWhitelist interface{} `yaml:"externalGroupsWhitelist,omitempty"`
/*SearchFilter - Descr: Used with search-and-bind and search-and-compare. Search filter used. Takes one parameter, user ID defined as {0} Default: cn={0}
*/
SearchFilter interface{} `yaml:"searchFilter,omitempty"`
/*MailSubstitute - Descr: Defines an email pattern containing a {0} to generate an email address for an LDAP user during authentication Default:
*/
MailSubstitute interface{} `yaml:"mailSubstitute,omitempty"`
/*PasswordEncoder - Descr: Used with search-and-compare only. The encoder used to properly encode user password to match the one in the LDAP directory. Default: org.cloudfoundry.identity.uaa.ldap.DynamicPasswordComparator
*/
PasswordEncoder interface{} `yaml:"passwordEncoder,omitempty"`
/*LocalPasswordCompare - Descr: Used with search-and-compare only. Set to true if passwords are retrieved by the search, and should be compared in the login server. Default: true
*/
LocalPasswordCompare interface{} `yaml:"localPasswordCompare,omitempty"`
/*Url - Descr: The URL to the ldap server, must start with ldap:// or ldaps:// Default: <nil>
*/
Url interface{} `yaml:"url,omitempty"`
/*UserDN - Descr: Used with search-and-bind and search-and-compare. A valid LDAP ID that has read permissions to perform a search of the LDAP tree for user information. Default: <nil>
*/
UserDN interface{} `yaml:"userDN,omitempty"`
/*Referral - Descr: Configures the UAA LDAP referral behavior. The following values are possible:
- follow -> Referrals are followed
- ignore -> Referrals are ignored and the partial result is returned
- throw -> An error is thrown and the authentication is aborted
Reference: http://docs.oracle.com/javase/jndi/tutorial/ldap/referral/jndi.html
Default: follow
*/
Referral interface{} `yaml:"referral,omitempty"`
/*MailSubstituteOverridesLdap - Descr: Set to true if you wish to override an LDAP user email address with a generated one Default: false
*/
MailSubstituteOverridesLdap interface{} `yaml:"mailSubstituteOverridesLdap,omitempty"`
/*SslCertificateAlias - Descr: Used with ldaps:// URLs. The certificate alias, to be trusted by this connection and stored in the keystore. Default: <nil>
*/
SslCertificateAlias interface{} `yaml:"sslCertificateAlias,omitempty"`
/*MailAttributeName - Descr: The name of the LDAP attribute that contains the users email address Default: mail
*/
MailAttributeName interface{} `yaml:"mailAttributeName,omitempty"`
/*Groups - Descr: Search start point for a user group membership search Default:
*/
Groups *LdapGroups `yaml:"groups,omitempty"`
/*Ssl - Descr: Set to true, and LDAPS connection will not validate the server certificate. Default: false
*/
Ssl *LdapSsl `yaml:"ssl,omitempty"`
/*SslCertificate - Descr: Used with ldaps:// URLs. The certificate, if self signed, to be trusted by this connection. Default: <nil>
*/
SslCertificate interface{} `yaml:"sslCertificate,omitempty"`
/*EmailDomain - Descr: Sets the whitelist of emails domains that the LDAP identity provider handles Default: <nil>
*/
EmailDomain interface{} `yaml:"emailDomain,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaLogin ¶
type UaaLogin struct {
/*ClientSecret - Descr: Default login client secret, if no login client is defined Default: <nil>
*/
ClientSecret interface{} `yaml:"client_secret,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaPassword ¶
type UaaPassword struct {
/*Policy - Descr: Minimum number of digits required for password to be considered valid Default: 0
*/
Policy *PasswordPolicy `yaml:"policy,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaSsl ¶ added in v0.0.18
type UaaSsl struct {
/*ProtocolHeader - Descr: The header to look for to determine if ssl termination was performed by a front end load balancer. Default: x-forwarded-proto
*/
ProtocolHeader interface{} `yaml:"protocol_header,omitempty"`
/*Port - Descr: If this property Tomcat will listen to this port and expect https traffic. If null, tomcat will not listen to this port Default: 8443
*/
Port interface{} `yaml:"port,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type UaaUser ¶
type UaaUser struct {
/*Authorities - Descr: Contains a list of the default authorities/scopes assigned to a user Default: [openid scim.me cloud_controller.read cloud_controller.write cloud_controller_service_permissions.read password.write uaa.user approvals.me oauth.approvals notification_preferences.read notification_preferences.write profile roles user_attributes]
*/
Authorities interface{} `yaml:"authorities,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Uaadb ¶
type Uaadb struct {
/*Databases - Descr: The list of databases used in UAA database including tag/name Default: <nil>
*/
Databases interface{} `yaml:"databases,omitempty"`
/*DbScheme - Descr: Database scheme for UAA DB Default: <nil>
*/
DbScheme interface{} `yaml:"db_scheme,omitempty"`
/*Roles - Descr: The list of database Roles used in UAA database including tag/name/password Default: <nil>
*/
Roles interface{} `yaml:"roles,omitempty"`
/*Port - Descr: The UAA database Port Default: <nil>
*/
Port interface{} `yaml:"port,omitempty"`
/*Address - Descr: The UAA database IP address Default: <nil>
*/
Address interface{} `yaml:"address,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Username ¶
type Username struct {
/*Text - Descr: The text used to prompt for a username during login Default: Email
*/
Text interface{} `yaml:"text,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
type Zones ¶
type Zones struct {
/*Internal - Descr: A list of hostnames that are routed to the UAA, specifically the default zone in the UAA. The UAA will reject any Host headers that it doesn't recognize.
By default the UAA recognizes:
The hostname from the property uaa.url
The hostname from the property login.url
localhost (in order to accept health checks)
Any hostnames added as a list are additive to the default hostnames allowed.
Default: <nil>
*/
Internal *Internal `yaml:"internal,omitempty"`
}
* File Generated by enaml generator * !!! Please do not edit this file !!!
Source Files
¶
- admin.go
- analytics.go
- authentication.go
- authenticationpolicy.go
- branding.go
- claims.go
- client.go
- database.go
- env.go
- global.go
- internal.go
- jwt.go
- jwtpolicy.go
- ldapgroups.go
- ldapssl.go
- links.go
- login.go
- loginldap.go
- logout.go
- notifications.go
- oauth.go
- parameter.go
- passwordpolicy.go
- prompt.go
- promptpassword.go
- proxy.go
- redirect.go
- saml.go
- scim.go
- scimuser.go
- servlet.go
- smtp.go
- socket.go
- ssl.go
- uaa.go
- uaadb.go
- uaajob.go
- uaaldap.go
- uaalogin.go
- uaapassword.go
- uaassl.go
- uaauser.go
- username.go
- zones.go
Click to show internal directories.
Click to hide internal directories.