The crowd.properties file
When integrating an application with Crowd, you will copy Crowd's client library and the crowd.properties
configuration file into the application's library. For details of the procedure, refer to Adding an Application.
Attributes of the crowd.properties File
属性 | 説明 |
---|---|
application.name | The name that the application will use when authenticating with the Crowd server. This needs to match the name you specified in Adding an Application. |
application.password | The password that the application will use when authenticating with the Crowd server. This needs to match the password you specified in Adding an Application. |
application.login.url | Crowd will redirect the user to this URL if their authentication token expires or is invalid due to security restrictions. |
crowd.server.url | The URL to use when connecting with the integration libraries to communicate with the Crowd server. |
crowd.base.url | The URL used by Crowd to create the full URL to be sent to users that reset their passwords. |
session.isauthenticated | The session key to use when storing a |
session.tokenkey | The session key to use when storing a |
session.validationinterval | The number of minutes to cache authentication validation in the session. If this value is set to |
session.lastvalidation | The session key to use when storing a |
The following optional attributes in the crowd.properties
file allow further customization of the client:
属性 | 説明 | Default Value (ms) |
---|---|---|
http.proxy.host | The name of the proxy server used to transport SOAP traffic to the Crowd server. | (なし) |
http.proxy.port | The connection port of the proxy server (must be specified if a proxy host is specified). | (なし) |
http.proxy.username | The username used to authenticate with the proxy server (if the proxy server requires authentication). | (なし) |
http.proxy.password | The password used to authenticate with the proxy server (if the proxy server requires authentication). | (なし) |
http.max.connections | The maximum number of HTTP connections in the connection pool for communication with the Crowd server. | 20 |
http.timeout | The HTTP connection timeout (milliseconds) used for communication with the Crowd server. A value of zero indicates that there is no connection timeout. | 5000 |
cookie.domain | A domain to use when setting cookies, overriding the SSO Domain set in Crowd (since Crowd 2.5.2). When an SSO Domain is set in Crowd, all client applications must be in the same domain so cookies can be shared. A Crowd deployment may have hosts with no common domain suffix, for example 'domain.example.com' and 'domain.internal'. Even though a user has already logged in to 'domain.example.com' and has a cookie set, applications running under 'domain.internal' will not receive this cookie since the domains differ, and users will be unable to log in. Set this property in the crowd client application to override the domain. Applications within the same domain will then be able to share SSO sessions. | (なし) |
cookie.tokenkey | When using Crowd for single sign-on (SSO), you can specify the SSO cookie name for each application. Under the standard configuration, Crowd will use a single, default cookie name for all Crowd-connected applications. You can override the default with your own cookie name. | crowd.token_key |
socket.timeout | The socket timeout in milliseconds. You may wish to override the default value if the latency to the Crowd server is high. | 20000 |
Passing crowd.properties as an Environment Variable
You can pass the location of a client application's crowd.properties
file to the client application as an environment variable when starting the client application. This means that you can choose a suitable location for the crowd.properties
file, instead of putting it in the client application's WEB-INF/classes
directory.
例:
-Dcrowd.properties={FILE-PATH}/crowd.properties
関連トピック
Passing the crowd.properties File as an Environment Variable
Important Directories and Files
Adding an Application