The "realms" parameter of the authentication object is used to define the list of the authentication realms used in the portal.
It is composed of the following elements:
The "realms" parameter of the authentication object is used to define the list of the authentication realms used in the portal.
It is composed of the following elements:
It is mandatory to declare at least one realm, but configuring realms is optional. If not configured, the authentication/user account feature will not be available on the portal.
Example
{
"ui": {
...
"authentication": {
...
"realms": [
{
"name": "internal-realm",
"type": "internal"
},
{
"name": "static-realm",
"type": "static",
"configuration": {
"mail": "static-account@fluidtopics.com",
"password": "aXHBEChodHJgUflzzezf1er5ig=",
"name": "Static Account Username",
"groups": "group1|group2",
"roles": "KHUB_ADMIN|ADMIN|PERSONAL_BOOK_USER"
}
},
{
"name": "ldap-realm",
"type": "ldap",
"configuration": {
"url": "ldaps://ldap.url",
"systemUser": "cn=reader,dc=antidot,dc=net",
"systemPassword": "password",
"searchBase": "dc=antidot,dc=net",
"loginAttribute": "mail",
"nameAttribute": "cn",
"mailAttribute": "mail",
"authenticationMechanism": "simple"
}
},
{
"name": "google-realm",
"type": "google",
"configuration": {
"key": "akey",
"secret": "asecret",
"overridesUserFromRealm": "internal-realm"
}
},
{
"name": "facebook-realm",
"type": "facebook",
"configuration": {
"key": "akey",
"secret": "asecret"
}
},
{
"name": "twitter-realm",
"type": "twitter",
"configuration": {
"key": "akey",
"secret": "asecret"
}
},
{
"name": "saml-realm",
"type": "saml2",
"configuration": {
"name": "saml",
"keystoreFile": "saml/keystore.jks",
"keystorePassword": "keystore_password",
"privateKeyPassword": "private_key_password",
"entityId": "http://hostname/$TENANT_ID/",
"idpMetadataFile": "saml/idp_metadata.xml",
"idPropertyKey": "user_id",
"mailPropertyKey": "user_mail",
"namePropertyKey": "user_name",
"maxAuthenticationLifetime": "numerical_value"
}
}
],
...
},
...
}
}
As seen in the above example, more than one authentication realm can be declared on the portal.