Simple SSO config file


  • Maps the simulator's debug.jsp page into the simulated internet domain as explained in detail in the dual debug page example.
  • Maps a cmis web service hosted at chqpvuu8440:9083/cmissearch/services/ into rewriting the URLs of inbound requests accordingly.
  • The pholder user's attributes defined herein will be replaced if such a user is found in service. Otherwise, these values will be used.
* User attributes defined here conform to [[SSO Injected Headers]].

<?xml version="1.0" encoding="UTF-8"?>

    Leverages sso simulator provided default login page and users defined solely
    in the config file.
    Processing supports aliases with processing instructions of form name=value
    and for each string value read thereafter replaces any occurrence of 
    {{name}} with the specified value in the alias declaration.

<?alias rest-port=1776?>
<?alias console-port={{rest-port}}?>
<?alias http-port=80?>

    Defines the configuration for the sso simulator. The console-port is the
    port on which the console will be found and the rest api resides. The proxy
    port is the port that mimics the targeted internet site "" 
    below with a suitable change to /etc/hosts so that domain resolves to Alternatively, if allow-non-sso-traffic='true' then the proxy
    port can be set as the browser's http proxy to watch forward proxied traffic.

<config proxy-port="{{http-port}}" console-port="{{console-port}}" allow-non-sso-traffic="false" rest-version="CD-OESv1">
    <console-recording sso="true" rest="true" max-entries="100" enable-debug-logging="true"/>
    <sso-cookie name="lds-policy" domain=""/>

        <by-site host="" port="{{http-port}}">
            <cctx-mapping cctx="/public/*" thost="" tport="{{console-port}}" tpath="/admin/*"/>
            <unenforced cpath="/public/debug.jsp"/>
            <unenforced cpath="/public/debug.jsp?*"/>
            <cctx-mapping cctx="/secure/*" thost="" tport="{{console-port}}" tpath="/admin/*"/>
            <allow action="GET,POST" cpath="/secure/debug.jsp*"/>
            <allow action="GET,POST" cpath="/secure/debug.jsp?*"/>

            <cctx-mapping cctx="/cmisservices/*" thost="chqpvuu8440" tport="9083" tpath="/cmissearch/services/*"/>
            <unenforced cpath="/cmisservices/*"/>
            <unenforced cpath="/cmisservices/*?*"/>
        The set of defined users, headers injected per user, and urls allowed 
        by each user url access permissions 
    <users session-timeout-seconds="18000">
        <user name="pholder" pwd="password1">
            <sso-header name="policy-ldsbdate" value="1980-03-31"/>
            <sso-header name="policy-ldsemailaddress" value="admin@localhost"/>
            <sso-header name="policy-preferredname" value="Perry Holder"/>
            <sso-header name="policy-sn" value="Holder"/>
            <sso-header name="policy-ldsmrn" value="0000025601091"/>
            <sso-header name="policy-ldsaccountid" value="11"/>
            <sso-header name="policy-ldsunits" value="/7u17701/5u501484/1u790036/"/>
            <sso-header name="policy-ldspositions" value="p4/7u17701/5u501484/1u790036/"/>
            <sso-header name="policy-preferredlanguage" value="en"/>
This page was last modified on 31 March 2016, at 14:10.

Note: Content found in this wiki may not always reflect official Church information.