svn commit: r1823467 - /ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r1823467 - /ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties

jleroux@apache.org
Author: jleroux
Date: Wed Feb  7 14:17:51 2018
New Revision: 1823467

URL: http://svn.apache.org/viewvc?rev=1823467&view=rev
Log:
Completed:: Security issue in Token Based Authentication
(OFBIZ-10206)

No functional change.

Updates the security.properties content related to JWT
 Refers to the last up to date external-server-test-example.patch at OFBIZ-10206
 Makes demo-trunk.ofbiz.apache.org default external-server-name so that anybody
 can try the feature from own machine. The use-external-server=Y was already set

Modified:
    ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties

Modified: ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties?rev=1823467&r1=1823466&r2=1823467&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties (original)
+++ ofbiz/ofbiz-framework/trunk/framework/security/config/security.properties Wed Feb  7 14:17:51 2018
@@ -132,12 +132,11 @@ default.error.response.view=view:viewBlo
 # -- If false, then no externalLoginKey parameters will be added to cross-webapp urls
 security.login.externalLoginKey.enabled=true
 
-### To have this working, an example of the change needed on the source server is available in OFBIZ-9833-external-server-test-example.patch
-### With this example, the external-server-query must be /catalog/control/
+### To have this working, an example of the change needed on the source server is available in OFBIZ-10206-external-server-test-example.patch
 # -- If true, then it's possible to connect to another webapp on another server w/o signing in
 # -- This needs to be changed on both the source server and the target server
 use-external-server=Y
 # -- Name of the external server (DNS) ex: demo-trunk.ofbiz.apache.org where the port is not needed, or localhost:8443 (default) for local tests (not using the same webapp)
-external-server-name=localhost:8443
+external-server-name=demo-trunk.ofbiz.apache.org
 # -- Time To Live of the token send to the external server in seconds
 external-server-token-duration=30