Mentions légales du service

Skip to content
Snippets Groups Projects
Commit bb079593 authored by Nicolas Bailliet's avatar Nicolas Bailliet
Browse files

Merge branch 'STS-28' of... 

Merge branch 'STS-28' of gitlab.inria.fr:gazelle/documentation/gazelle-user-documentation into STS-28
parents b4f51a1c c1502773
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Gazelle-STS/installation.md
+ 13
6
View file @ bb079593
...@@ -73,12 +73,19 @@ _Port could also be different whether you have modified the JBoss configuration. ...@@ -73,12 +73,19 @@ _Port could also be different whether you have modified the JBoss configuration.
## Configuration ## Configuration
By default, the project is configured for working in **gazelle.ihe.net** environment. The keystore used to sign assertions must be located at `/opt/sts/keystore.jks`, the privateKeyEntry must have the alias `tomcat`, and the certificate validator webservice must be reachable at [https://gazelle.ihe.net/gazelle-atna-ejb/CertificateValidatorService/CertificateValidator](https://gazelle.ihe.net/gazelle-atna-ejb/CertificateValidatorService/CertificateValidator). By default, the project is configured for working in **gazelle.ihe.net** environment. The keystore used to sign assertions must be located at
`/opt/sts/keystore.jks`, the privateKeyEntry must have the alias `tomcat`, and the certificate validator webservice must be reachable at
This configuration can be overridden. Download the config archive from our Nexus repository [gazelle-sts releases](https://gazelle.ihe.net/nexus/index.html#nexus-search;quick~gazelle-sts-service) (search for **gazelle-sts-service-X.X.X-config.zip**). Then unzip the archive, copy the file picketlink-sts.xml under `/opt/sts/` and edit its content. [https://gazelle.ihe.net/gazelle-atna-ejb/CertificateValidatorService/CertificateValidator](https://gazelle.ihe.net/gazelle-atna-ejb/CertificateValidatorService/CertificateValidator).
As well, the zip archive contains 2 property files named 'ihe.assertion.properties' and 'sequoia.assertion.properties' containing properties related to assertions such as namespaces, roles, organization, etc.
This configuration can be overridden. Download the config archive from our Nexus repository
Note: The property `X509CERTIFICATE` of the `KeyProvider` must stay equals to the `SigningKeyAlias` property, otherwise the public key declared as issuer will be inconsistant with the private key used to sign the assertion. [gazelle-sts releases](https://gazelle.ihe.net/nexus/index.html#nexus-search;quick~gazelle-sts-service) (search for **gazelle-sts-service-X.X.X-config.zip**).
Then unzip the archive, copy the file picketlink-sts.xml under `/opt/sts/` and edit its content.
As well, the zip archive contains 2 property files named 'ihe.assertion.properties' and 'sequoia.assertion.properties' containing properties related
to assertions such as namespaces, roles, organization, etc. These properties files shall also be copied in `/opt/sts/`. The content may also be edited
to adjust values for defined properties.
Note: The property `X509CERTIFICATE` of the `KeyProvider` must stay equals to the `SigningKeyAlias` property, otherwise the public key declared as
issuer will be inconsistant with the private key used to sign the assertion.
## Sequoia configurations ## Sequoia configurations
Some special configurations have defined in the source code for the Sequoia project. Some special configurations have defined in the source code for the Sequoia project.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment