-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathecho-auth-gateway-config.xml
79 lines (68 loc) · 2.54 KB
/
echo-auth-gateway-config.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
<?xml version="1.0" encoding="UTF-8" ?>
<gateway-config xmlns="http://xmlns.kaazing.org/2015/11/gateway">
<service>
<name>Directory Service</name>
<description>
Directory Service to serve up secure pages with, file
in web directory are available via https and only to
authorized users
</description>
<accept>https://kaazing.example.com:8000/</accept>
<type>directory</type>
<properties>
<directory>/javascript.client.tutorials/ws</directory>
<welcome-file>index.html</welcome-file>
</properties>
</service>
<service>
<name>WSS Echo</name>
<description>A service that echo's messages back for WSS</description>
<accept>wss://kaazing.example.com:8000/</accept>
<type>echo</type>
<!-- Specifies what security realm to use to authenticate users-->
<realm-name>tutorial</realm-name>
<!-- Specifies what role users need to have to access the service -->
<authorization-constraint>
<require-role>AUTHORIZED</require-role>
</authorization-constraint>
<cross-site-constraint>
<allow-origin>https://kaazing.example.com:8000/</allow-origin>
</cross-site-constraint>
</service>
<security>
<keystore>
<type>JCEKS</type>
<file>keystore.db</file>
<password-file>keystore.pw</password-file>
</keystore>
<realm>
<name>tutorial</name>
<description>Challenges Users for Credentials</description>
<authentication>
<!--
basic http challenge scheme sends a "Basic" challenge
as specificed in rfc7235. There are several options
that could be used instead that allow programmatic
access on the client to set/get the credentials. See:
http://kaazing.com/doc/5.0/security/p_authentication_config_http_challenge_scheme/
-->
<http-challenge-scheme>Basic</http-challenge-scheme>
<login-modules>
<login-module>
<!--
States how users and roles are validated, the file is the easiest,
but several other options exist, including writing your own custom
login module, See:
http://kaazing.com/doc/5.0/security/p_auth_configure_login_module/
-->
<type>file</type>
<success>required</success>
<options>
<file>jaas-config.xml</file>
</options>
</login-module>
</login-modules>
</authentication>
</realm>
</security>
</gateway-config>