You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2018/07/02 09:25:40 UTC
[2/2] syncope git commit: [SYNCOPE-1328] Exposed JWT signature
algorithm in security.properties. This will be helpful to choose/configure
algorithm easily
[SYNCOPE-1328] Exposed JWT signature algorithm in security.properties. This will be helpful to choose/configure algorithm easily
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/9050a8f3
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/9050a8f3
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/9050a8f3
Branch: refs/heads/2_0_X
Commit: 9050a8f3fbdc9e96e6280509951bc0b2f9790f0c
Parents: c4eccaa
Author: noorulrazvi-alef <no...@alefeducation.com>
Authored: Tue Jun 26 23:19:33 2018 +0400
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Mon Jul 2 11:25:26 2018 +0200
----------------------------------------------------------------------
core/spring/src/main/resources/security.properties | 3 +++
core/spring/src/main/resources/securityContext.xml | 5 +++--
2 files changed, 6 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/9050a8f3/core/spring/src/main/resources/security.properties
----------------------------------------------------------------------
diff --git a/core/spring/src/main/resources/security.properties b/core/spring/src/main/resources/security.properties
index 2c8b442..1f68aaf 100644
--- a/core/spring/src/main/resources/security.properties
+++ b/core/spring/src/main/resources/security.properties
@@ -28,6 +28,9 @@ secretKey=${secretKey}
jwsKey=${jwsKey}
jwtIssuer=ApacheSyncope
+# Algorthim used to create and authenticate access token
+jwtSignAlgo=HS512
+
# default for LDAP / RFC2307 SSHA
digester.saltIterations=1
digester.saltSizeBytes=8
http://git-wip-us.apache.org/repos/asf/syncope/blob/9050a8f3/core/spring/src/main/resources/securityContext.xml
----------------------------------------------------------------------
diff --git a/core/spring/src/main/resources/securityContext.xml b/core/spring/src/main/resources/securityContext.xml
index 6fd3cbc..00faa6bf 100644
--- a/core/spring/src/main/resources/securityContext.xml
+++ b/core/spring/src/main/resources/securityContext.xml
@@ -58,13 +58,13 @@ under the License.
<bean id="syncopeJWTSSOProviderDelegate" class="org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier">
<constructor-arg value="#{jwsKey.getBytes()}" index="0"/>
<constructor-arg index="1">
- <value type="org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm">HS512</value>
+ <value type="org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm">${jwtSignAlgo}</value>
</constructor-arg>
</bean>
<bean id="jwsSignatureProvider" class="org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider">
<constructor-arg value="#{jwsKey.getBytes()}" index="0"/>
<constructor-arg index="1">
- <value type="org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm">HS512</value>
+ <value type="org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm">${jwtSignAlgo}</value>
</constructor-arg>
</bean>
@@ -140,3 +140,4 @@ under the License.
<security:authentication-provider ref="jwtAuthenticationProvider"/>
</security:authentication-manager>
</beans>
+