Skip to content
Permalink
f0ce67a1e6
Go to file
 
 
Cannot retrieve contributors at this time
55 lines (43 sloc) 2.36 KB
#
# Grouper Configuration
# $Id: grouper.example.properties,v 1.48 2009-12-16 06:02:30 mchyzer Exp $
#
# Grouper uses Grouper Configuration Overlays (documented on wiki)
# By default the configuration is read from grouper.base.properties
# (which should not be edited), and the grouper.properties overlays
# the base settings. See the grouper.base.properties for the possible
# settings that can be applied to the grouper.properties
#if groups like the wheel group should be auto-created for convenience (note: check config needs to be on)
configuration.autocreate.system.groups = true
# A wheel group allows you to enable non-GrouperSystem subjects to act
# like a root user when interacting with the registry.
groups.wheel.use = true
# Set to the name of the group you want to treat as the wheel group.
# The members of this group will be treated as root-like users.
groups.wheel.group = etc:sysadmingroup
# Used to allow Include Exclude groups
grouperIncludeExclude.use = true
grouperIncludeExclude.requireGroups.use = true
##################################
## Lockout groups. Could be used for other things, but used for policy group templates at least
## if there is no allowed group, then anyone could use it
##################################
# group name of a lockout group
# {valueType: "group", regex: "^grouper\\.lockoutGroup\\.name\\.\\d+$"}
grouper.lockoutGroup.name.0 = ref:iam:global_deny
# allowed to use this lockout group. If not configured, anyone could use
# {valueType: "group", regex: "^grouper\\.lockoutGroup\\.allowedToUse\\.\\d+$"}
# grouper.lockoutGroup.allowedToUse.0 = ref:lockoutCanUse
##################################
## Require groups. Could be used for other things, but used for policy group templates at least
## if there is no allowed group, then anyone could use it
##################################
# group name of a require group
# {valueType: "group", regex: "^grouper\\.requireGroup\\.name\\.\\d+$"}
grouper.requireGroup.name.0 = ref:iam:active
# group name of a require group
# {valueType: "group", regex: "^grouper\\.requireGroup\\.name\\.\\d+$"}
grouper.requireGroup.name.0 = ref:employee:fac_staff
# allowed to use this require group. If not configured, anyone could use
# {valueType: "group", regex: "^grouper\\.lockoutGroup\\.requireGroup\\.\\d+$"}
# grouper.requireGroup.allowedToUse.0 = ref:activeCanUse
You can’t perform that action at this time.