For scenarios where neither an LDAP server nor header authentication is available (e.g. while testing), there is an in-memory user store for a single user. This in-memory user store is disabled by default.
|SECURITY_IN_MEMORY_ENABLED||false||Flag to enable/disable the in-memory user store|
|SECURITY_IN_MEMORY_USERNAME||tokenserver||Username to log in|
|SECURITY_IN_MEMORY_PASSWORD||Password to log in.|
When no value is set for
SECURITY_IN_MEMORY_PASSWORD, a random value is generated during start up. In a clustered environment each node will generate a
different random password. In order to know the the random password, the logger level of
com.onegini.tokenserver.admin.config.security must be set to
With that property the password will be printed to the console during startup:
... .InMemoryUserAuthenticationConfiguration : using '3dd92895f09dfeb71b0184bcb90612d7' as the password for the 'tokenserver' user
The default user has the admin role, which means they can access the admin console without any limitations.