Configuration
This chapter contains list of configuration properties for DUM Application.
The following properties must be defined as environment properties in DUM Application docker.
Security properties
This section describes security properties which allow you to configure DUM Application login mechanism.
SAML properties
Property |
Default |
Example |
Description |
Mandatory |
SAML_SP_ENABLED |
false |
false |
Turns on SAML authentication |
Y |
SAML_SP_IDPMETADATA_BASE64 |
|
|
Base64 encoded SAML Identity Provider metadata for the SAML Identity Provider used to authenticate users |
Y |
SAML_SP_SPENTITYID |
|
com:onegini:dum:app |
The entity ID that uniquely identifies this DUM Application. An entity ID is a globally unique name for a SAML entity |
Y |
SAML_SP_SIGNING_KEYSTOREPASSWORD |
|
exp?zworp |
A password to the keystore which will be created to store private and public keys |
Y |
SAML_SP_SIGNING_PRIVATEKEY |
|
|
Private key used for signing, must be in PEM format |
Y |
SAML_SP_SIGNING_CERTIFICATE |
|
|
Advertised within SP metadata public key part used by third parties to verify signature |
Y |
Basic authentication properties
Property |
Default |
Example |
Description |
Mandatory |
SPRING_SECURITY_USER_NAME |
|
dum_app_username |
BasicAuth username |
Y |
SPRING_SECURITY_USER_PASSWORD |
|
dum_app_password |
BasicAuth password |
Y |
Secure cookies
Property |
Default |
Example |
Description |
Mandatory |
DUM_APP_COOKIE_CONFIG_SECURE |
true |
true |
Indicates to the browser whether the cookie should only be sent using a secure protocol, such as HTTPS or SSL |
N |
DUM_APP_COOKIE_CONFIG_PATH |
/ |
/ |
Can restrict the path for which cookies are sent to the server. |
N |
DUM Application properties
Property |
Default |
Example |
Description |
Mandatory |
DUM_APP_CONFIG_ROOT_GROUP_ID |
be51f7a1-4b0d-4f80-bf03-3cabf270fd3a |
be51f7a1-4b0d-4f80-bf03-3cabf270fd3a |
Identifier of a root group that stands for a main group in the groups structure. |
N |
DUM_APP_CONFIG_AUTH_IDP_TYPE |
CIM |
CIM |
Identity provider type that is used to login to DUM-app. Value CIM and BASIC are reserved for Onegini Consumer Identity Manager as Identity Provider and Basic authentication respectively. |
N |
DUM_APP_CONFIG_STYLES_PATH |
/static/css/styles.css |
https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css |
URI to CSS file with DUM-app custom styles. If non empty, it overrides the default /static/css/styles.css styles path. |
N |
DUM Engine properties
Property |
Default |
Example |
Description |
Mandatory |
DUM_ENGINE_USERNAME |
|
dum_api_rest_user |
DUM Engine API Basic authentication username |
Y |
DUM_ENGINE_PASSWORD |
|
super_secure_password |
DUM Engine API Basic authentication password |
Y |
DUM_ENGINE_URL |
|
https://dumservice.example |
DUM Engine service name registered within Kubernetes |
Y |
DUM Extension properties
Property |
Default |
Example |
Description |
Mandatory |
DUM_EXTENSION_ENABLED |
false |
true |
Enables communication with extension |
N |
DUM_EXTENSION_PROTOCOL |
|
http |
The protocol to be used to communicate with the extension |
N |
DUM_EXTENSION_BASE_URL |
|
dum-extension.dev.example:8586 |
Url on which extension is started |
N |
DUM_EXTENSION_USERNAME |
|
user |
Basic authentication username used while communicating with extension API |
N |
DUM_EXTENSION_PASSWORD |
|
password |
Basic authentication passsword used while communicating with extension API |
N |
DUM_EXTENSION_RESOURCES_ENABLED |
false |
true |
Enables resolving resources from extension (eg. css files) |
N |
DUM_EXTENSION_EXTERNAL_USERS_ENABLED |
false |
true |
Enables loading users from external service via DUM-Extension app |
N |
Onegini Consumer Identity Manager properties
Property |
Default |
Example |
Description |
Mandatory |
DUM_APP_IDP_URL |
|
https://idp-core.dev.example:8081 |
Host and port used to connect to Onegini Consumer Identity Manager application. Please note that it must point to the CIM's API port |
Y |
DUM_APP_IDP_USERNAME |
|
idp_persons_api_rest_user |
Onegini Consumer Identity Manager API Basic authentication username for the Persons API |
Y |
DUM_APP_IDP_PASSWORD |
|
super_secure_password |
Onegini Consumer Identity Manager API Basic authentication password for the Persons API |
Y |