authentication-prod.yml
Parameters of the configuration file used by the AUTHENTICATION service in productive systems.
Characteristics
| Configuration File Name | authentication-prod.yml |
|---|---|
| Referenced by Services | authentication |
| Storage Location | Git root directory |
Parameters
| Parameter | Description | Default Value | |
|---|---|---|---|
routing.defaultEntryPoint | Defines a path that will be added to the URL automatically if | '/client/index.html' | |
server.servlet.session.timeout | Defines the duration for which the session between gateway and client is authorized. Specified in seconds. | 1800 | |
routing.endpoints | List of services for which the AUTHENTICATION service endpoints are available. Those services can be accessed via AUTHENTICATION service. Also external services can be added here. |
| |
authorization.accesses | Definition of permissions for the access to individual endpoints and sub-paths. Structured as a list of endpoints and their individual access conditions specified via the parameters Any endpoint that should be accessible via AUTHENTICATION service has to be listed here. Syntax and examples are described in the article on the AUTHENTICATION Service. | See code block below. | |
spring.session.store-type (as of 2022 Spring) | Specifies whether the user session states are stored centrally in a Redis database (value For scaling and fail-safe operation of the AUTHENTICATION service, set the value | - | |
management.health.redis.enabled (as of 2022 Spring) | If For scaling and fail-safe operation of the AUTHENTICATION service, set | false | |
The values for the parameters can be modified as described here.
>> Configuring Services using Profiles.
### Manage-Endpunkte
- endpoints: /manage/**
expose: true
- endpoints: /*/manage/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
### API-Endpunkte
- endpoints: /api/system/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
- endpoints: /api/admin/**
access: hasAuthority('YUUVIS_TENANT_ADMIN')
- endpoints: /api/dms/**
### Endpunkte für Swagger-Webclient des API-Gateways
- endpoints: /api/swagger-ui.html/**,/api/**/springfox-swagger-ui/**,/api/**/swagger-resources/**,/api/**/v2/api-docs/**
- endpoints: /api/swagger-ui/**,/api/swagger/v3/api-docs/**
- endpoints: /api/api/system/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
- endpoints: /api/api/admin/**
access: hasAuthority('YUUVIS_TENANT_ADMIN')
- endpoints: /api/api/dms/**
### Webclient
- endpoints: /search/**,/viewer/**,/architect/**
- endpoints: /client/**
expose: true
### Viewer Service
- endpoints: /viewer/view/**,/viewer/assets/**,/viewer/download/**
expose: true
- endpoints: /viewer/**
### Userservice
- endpoints: /userservice/**
### bpm-engine
- endpoints: /bpm-engine/internal/**
# access: denyAll
- endpoints: /bpm-engine/**
### Metricsservice
- endpoints: /metricsservice/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
### api-web
- endpoints: /api-web/swagger-ui.html,/api-web/swagger-ui/**,/api-web/**/v3/api-docs/**
- endpoints: /api-web/api/resources/**,/api-web/api/users/**,/api-web/api/bpm/**,/api-web/api/dms/**
- endpoints: /api-web/api/system/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
- endpoints: /api-web/api/admin/**
access: hasAuthority('YUUVIS_TENANT_ADMIN')
### tenant-management
- endpoints: /tenant-management/swagger-ui.html,/tenant-management/swagger-ui/**,/tenant-management/**/v3/api-docs/**
- endpoints: /tenant-management/api/system/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
- endpoints: /tenant-management/api/admin/**
access: hasAuthority('YUUVIS_TENANT_ADMIN')
### office 365
- endpoints: /office365/**
- endpoints: /dashlet365/**