geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
ad7a069507
CASA/CASA-auth-token/client/library/client.conf

115 lines
4.3 KiB
Plaintext
Raw Normal View History

Splitted the non-java project into client and server projects in order to be able to deliver the client component onto distributions targeting desktops without having to deliver the server components. This commit is for the resulting client project.
2006-11-13 06:20:43 +01:00
#######################################################
# #
# CASA Authentication Token System configuration file #
# for client. #
# #
#######################################################
#
Modified client to try to authenticate a user against a list of configured ATSs instead of only utilizing a single configured ATS. The client also tries to contact the ATS using port 443 as well as port 2645 if the port number is not hard configured.
2007-05-30 00:59:50 +02:00
# ATSHostList setting.
#
# Description: Used to configure the addresses of the
# ATSs that should be used for obtaining
# authentication tokens. Use semicolons
# and no spaces to separate the host
# entries. To also configure the ports
# utilized by a host specify the
# port number after the hostname using
# a colon to separate the fields.
#
# Note that the client will try all of the
# ATSs on this list in the specified order
# in addition to the host for which an
# Authentication Token has been requested.
#
Fixed typo in client.conf example setting.
2007-05-30 16:35:51 +02:00
#ATSHostList hostname1:2645;ip_address:443;hostname2
Splitted the non-java project into client and server projects in order to be able to deliver the client component onto distributions targeting desktops without having to deliver the server components. This commit is for the resulting client project.
2006-11-13 06:20:43 +01:00
#
# DisableSecureConnections setting.
#
# Description: Used to disable the use of secure connections (SSL) between
# the Client and ATSs.
#
# If this parameter is not set to true, the client
# defaults to communicating securedly with ATSs.
#
# Security Note: Disabling secure connections allows
# malicious users/processes to view confidential
# information such as username/passwords and to tamper
# with client-ATS communications without being detected.
# You should not disable secure connections unless you are
# trying to debug the authentication token infrastructure.
#
#DisableSecureConnections false
#
Made the following changes: - Use host name specified in ObtainAuthToken call instead of the normalized host name to connect to the ATS to avoid problems when the host name obtained through a reverse DNS lookup fails to resolve via a forward DNS lookup. - Added the capability log debug messages to a file. - Added method to the ConfigIf to free memory returned by calls to getEntryValue to avoid issues related to freeing memory allocated with a heap different than the one owned by the library freeing the memory.
2007-03-05 07:48:26 +01:00
# AllowUntrustedCerts setting.
Splitted the non-java project into client and server projects in order to be able to deliver the client component onto distributions targeting desktops without having to deliver the server components. This commit is for the resulting client project.
2006-11-13 06:20:43 +01:00
#
# Description: Used to specify that the client should ignore
# invalid certificates presented by ATSs when
# performing SSL communications.
#
# If this parameter is not set to true, the client defaults
# to not ignoring invalid certificates presented by ATSs.
# ATSs.
#
# Security Note: Ignoring invalid certificates downgrades the
# security of your infrastructure by allowing a malicious
# process to impersonate an ATS and obtain information that
# is confidential such as username and passwords.
#
The client now tells Curl to look for certificates in /etc/ssl/certs under linux. Commented the line in client.conf that was allowing clients to connect to ATSs whose certificates authenticity could not be verified. :-).
2007-06-02 01:26:28 +02:00
#AllowUntrustedCerts true
Splitted the non-java project into client and server projects in order to be able to deliver the client component onto distributions targeting desktops without having to deliver the server components. This commit is for the resulting client project.
2006-11-13 06:20:43 +01:00
#
# UsersCannotAllowInvalidCerts setting.
#
# Description: Used to specify that the client should not allow users to
# decide that invalid certificates presented by ATSs should be
# ignored.
#
# If this parameter is not set to true, the client defaults
# to allow users to choose whether or not invalid certificates
# presented by ATSs.
#
# If this parameter is set to true then users are not consulted
# when an invalid server certificate is received and communications
# between the client and the ATS fail.
#
# Note: This parameter has no effect if the setting AllowInvalidCerts
# is set to true.
#
# THIS FUNCTIONALITY HAS NOT BEEN IMPLEMENTED
#
#UsersCannotAllowInvalidCerts true
Added the capability to modify the DebugLevel by changing the various .conf files.
2006-11-18 13:33:14 +01:00
#
# DebugLevel setting.
#
# Description: Used to specify the level of logging utilized for debugging
# purposes. A level of zero being the lowest debugging level.
#
# If this parameter is not set, the client defaults
# to use a debug level of zero.
#
Made the following changes: - Use host name specified in ObtainAuthToken call instead of the normalized host name to connect to the ATS to avoid problems when the host name obtained through a reverse DNS lookup fails to resolve via a forward DNS lookup. - Added the capability log debug messages to a file. - Added method to the ConfigIf to free memory returned by calls to getEntryValue to avoid issues related to freeing memory allocated with a heap different than the one owned by the library freeing the memory.
2007-03-05 07:48:26 +01:00
# Note: Under Linux, debug output is placed in the /ver/log/messages
# file. Under Windoes, debug output is dumped to the debugger console
# unless a folder is specified using the DebugLogFolderPath setting.
# Output sent to the debug console under windows can be viewed by using
# tools such as DbgView.
Added the capability to modify the DebugLevel by changing the various .conf files.
2006-11-18 13:33:14 +01:00
#
#DebugLevel 0
Made the following changes: - Use host name specified in ObtainAuthToken call instead of the normalized host name to connect to the ATS to avoid problems when the host name obtained through a reverse DNS lookup fails to resolve via a forward DNS lookup. - Added the capability log debug messages to a file. - Added method to the ConfigIf to free memory returned by calls to getEntryValue to avoid issues related to freeing memory allocated with a heap different than the one owned by the library freeing the memory.
2007-03-05 07:48:26 +01:00
#
# DebugLogFolderPath setting.
#
# Description: Used to specify a path to a folder to be used for placing debug
# log files under Windows.
#
# If this parameter is not set on windows, the client defaults
# to dumping debug output to the debug console.
#
Resolved issues found during unit testing of file logging feature.
2007-03-05 19:01:32 +01:00
# Note: The folder specified must exist and all users that may
# be writting to it should be given write privileges to it.
Made the following changes: - Use host name specified in ObtainAuthToken call instead of the normalized host name to connect to the ATS to avoid problems when the host name obtained through a reverse DNS lookup fails to resolve via a forward DNS lookup. - Added the capability log debug messages to a file. - Added method to the ConfigIf to free memory returned by calls to getEntryValue to avoid issues related to freeing memory allocated with a heap different than the one owned by the library freeing the memory.
2007-03-05 07:48:26 +01:00
#
#DebugLogFolderPath c:\logfolder
Reference in New Issue Copy Permalink