Additional Parameters
- security.pdp.xacml.engine
-
Specifies where XACML authorization requests ("PDP requests") are processed
-
inmemory
(default): Requests are directly processed by the WSS. -
remote
: Requests are sent over HTTP to the PDP endpoint provided by the Administration Web App and are processed here.
Since version 4.6.0
-
- security.url.forwardOriginalError
-
Specifies if the original error of a protected URL backend service, is forwarded to the requesting client.
-
true
: The error is executed and forwarded to the client, like every other response. -
false
(default): The error (HTTP status code and body) is replaced by a generic HTTP 500 response.
Since version 4.6.4
-
- security.user.termsofuse.terms
-
Comma-separated list of identifiers for terms of use. If set, a user has to accept the terms before they can sign in.
Versions 4.11.0 and higher do not provide a way to display and accept the terms in the UI. To accept terms of use, applications can integrate with a technical HTTP interface that security.manager provides. Example:
privacy_terms,legal_terms
Since version 4.11.0
- security.user.termsofuse.ignoredUsername
-
Username of a user who doesn’t have to accept any terms of use defined by
security.user.termsofuse.terms
before she is able to login. Per default this is the super administrator.Since version 4.11.0
- security.user.termsofuse.ignoredUsernameIsRegex
-
Specifies if the value defined for
security.user.termsofuse.ignoredUsername
is to be interpreted as a regular expression. Accepted values:true
,false
.Since version 4.11.0
- security.user.termsofuse.ignoredDomains
-
Comma-separated list of domain names. Users that belong to one of these domains (see Hybrid user management) do not have to accept the terms of use, defined in
security.user.termsofuse.terms
before they are allowed to sign in.Since version 4.11.0