Skip to content
Permalink
Browse files

Add demo/grouper scenario

This is basically a clone of demo/complex2s from the laboratory branch.

Main differences:

1. Fixed "unknown host directory" error message when building
grouper_data container. The initialization script is no longer run
at build time in grouper_data. It is instead run at first start of
grouper_daemon container, when LDAP server is already up.

2. banderson and sysadmingroup is now created when building LDAP container.
So the Grouper resource test action can be executed directly, without
the need to prepare midPoint objects for banderson & sysadmingroup first.

Note that tests were not updated yet.
  • Loading branch information
mederly committed Nov 6, 2019
1 parent b7d380f commit f30d47e4192c02758363d4cb12e98380f2154901
Showing with 7,787 additions and 2 deletions.
  1. +2 −2 build.sh
  2. +14 −0 demo/grouper/.env
  3. +9 −0 demo/grouper/README.md
  4. +26 −0 demo/grouper/add-ref-groups.gsh
  5. +4 −0 demo/grouper/add-ref-groups.sh
  6. +15 −0 demo/grouper/after-installation.sh
  7. 0 demo/grouper/configs-and-secrets/grouper/application/database_password.txt
  8. +71 −0 demo/grouper/configs-and-secrets/grouper/application/grouper-loader.properties
  9. +112 −0 demo/grouper/configs-and-secrets/grouper/application/grouper.client.properties
  10. +29 −0 demo/grouper/configs-and-secrets/grouper/application/grouper.hibernate.properties
  11. +25 −0 demo/grouper/configs-and-secrets/grouper/application/grouper.properties
  12. +1 −0 demo/grouper/configs-and-secrets/grouper/application/rabbitmq_password.txt
  13. +78 −0 demo/grouper/configs-and-secrets/grouper/application/subject.properties
  14. 0 demo/grouper/configs-and-secrets/grouper/httpd/cachain-cer.pem
  15. +20 −0 demo/grouper/configs-and-secrets/grouper/httpd/host-cert.pem
  16. +28 −0 demo/grouper/configs-and-secrets/grouper/httpd/host-key.pem
  17. +207 −0 demo/grouper/configs-and-secrets/grouper/shibboleth/idp-metadata.xml
  18. +136 −0 demo/grouper/configs-and-secrets/grouper/shibboleth/shibboleth2.xml
  19. +20 −0 demo/grouper/configs-and-secrets/grouper/shibboleth/sp-cert.pem
  20. +28 −0 demo/grouper/configs-and-secrets/grouper/shibboleth/sp-key.pem
  21. +1 −0 demo/grouper/configs-and-secrets/midpoint/application/database_password.txt
  22. +1 −0 demo/grouper/configs-and-secrets/midpoint/application/keystore_password.txt
  23. +22 −0 demo/grouper/configs-and-secrets/midpoint/httpd/host-cert.pem
  24. +28 −0 demo/grouper/configs-and-secrets/midpoint/httpd/host-key.pem
  25. +207 −0 demo/grouper/configs-and-secrets/midpoint/shibboleth/idp-metadata.xml
  26. +139 −0 demo/grouper/configs-and-secrets/midpoint/shibboleth/shibboleth2.xml
  27. +24 −0 demo/grouper/configs-and-secrets/midpoint/shibboleth/sp-encrypt-cert.pem
  28. +40 −0 demo/grouper/configs-and-secrets/midpoint/shibboleth/sp-encrypt-key.pem
  29. +24 −0 demo/grouper/configs-and-secrets/midpoint/shibboleth/sp-signing-cert.pem
  30. +40 −0 demo/grouper/configs-and-secrets/midpoint/shibboleth/sp-signing-key.pem
  31. +31 −0 demo/grouper/create-ref-loaders.gsh
  32. +5 −0 demo/grouper/create-ref-loaders.sh
  33. +28 −0 demo/grouper/directory/Dockerfile
  34. +51 −0 demo/grouper/directory/container_files/seed-data/data.ldif
  35. +28 −0 demo/grouper/directory/container_files/seed-data/ds-setup.inf
  36. +302 −0 demo/grouper/docker-compose.yml
  37. +5 −0 demo/grouper/get-import-sis-persons-status.sh
  38. +6 −0 demo/grouper/grouper_daemon/Dockerfile
  39. +12 −0 demo/grouper/grouper_daemon/container_files/usr-local-bin/startup.sh
  40. +36 −0 demo/grouper/grouper_data/Dockerfile
  41. +29 −0 demo/grouper/grouper_data/container_files/conf/grouper.hibernate.properties
  42. +25 −0 demo/grouper/grouper_data/container_files/conf/grouper.properties
  43. +7 −0 demo/grouper/grouper_ui/Dockerfile
  44. +69 −0 demo/grouper/grouper_ui/container_files/shibboleth/shibd.logger
  45. +9 −0 demo/grouper/grouper_ws/Dockerfile
  46. +180 −0 demo/grouper/grouper_ws/container_files/server.xml
  47. +46 −0 demo/grouper/grouper_ws/container_files/tomcat-users.xml
  48. +128 −0 demo/grouper/grouper_ws/container_files/web.xml
  49. +5 −0 demo/grouper/idp/Dockerfile
  50. +47 −0 demo/grouper/idp/shibboleth-idp/conf/attribute-filter.xml
  51. +293 −0 demo/grouper/idp/shibboleth-idp/conf/attribute-resolver.xml
  52. +195 −0 demo/grouper/idp/shibboleth-idp/conf/idp.properties
  53. +58 −0 demo/grouper/idp/shibboleth-idp/conf/ldap.properties
  54. +81 −0 demo/grouper/idp/shibboleth-idp/conf/metadata-providers.xml
  55. +19 −0 demo/grouper/idp/shibboleth-idp/credentials/idp-backchannel.crt
  56. BIN demo/grouper/idp/shibboleth-idp/credentials/idp-backchannel.p12
  57. BIN demo/grouper/idp/shibboleth-idp/credentials/idp-browser.p12
  58. +19 −0 demo/grouper/idp/shibboleth-idp/credentials/idp-encryption.crt
  59. +27 −0 demo/grouper/idp/shibboleth-idp/credentials/idp-encryption.key
  60. +19 −0 demo/grouper/idp/shibboleth-idp/credentials/idp-signing.crt
  61. +27 −0 demo/grouper/idp/shibboleth-idp/credentials/idp-signing.key
  62. BIN demo/grouper/idp/shibboleth-idp/credentials/sealer.jks
  63. +2 −0 demo/grouper/idp/shibboleth-idp/credentials/sealer.kver
  64. +78 −0 demo/grouper/idp/shibboleth-idp/metadata/grouper-sp.xml
  65. +206 −0 demo/grouper/idp/shibboleth-idp/metadata/idp-metadata.xml
  66. +37 −0 demo/grouper/idp/shibboleth-idp/metadata/midpoint-sp-new.xml
  67. +80 −0 demo/grouper/idp/shibboleth-idp/metadata/midpoint-sp.xml
  68. +43 −0 demo/grouper/midpoint-objects-manual/tasks/task-async-update-grouper.xml
  69. +31 −0 demo/grouper/midpoint-objects-manual/tasks/task-import-sis-persons.xml
  70. +25 −0 demo/grouper/midpoint-objects-manual/tasks/task-recomputation-users.xml
  71. +43 −0 demo/grouper/midpoint-objects-manual/tasks/task-reconciliation-grouper-groups.xml
  72. +25 −0 demo/grouper/midpoint-objects/archetypes/archetype-academic-person.xml
  73. +52 −0 demo/grouper/midpoint-objects/archetypes/archetype-affiliation.xml
  74. +64 −0 demo/grouper/midpoint-objects/archetypes/archetype-course.xml
  75. +53 −0 demo/grouper/midpoint-objects/archetypes/archetype-department.xml
  76. +40 −0 demo/grouper/midpoint-objects/archetypes/archetype-generic-grouper-group.xml
  77. +56 −0 demo/grouper/midpoint-objects/archetypes/archetype-mailing-list.xml
  78. +32 −0 demo/grouper/midpoint-objects/archetypes/archetype-midpoint-group.xml
  79. +25 −0 demo/grouper/midpoint-objects/archetypes/archetype-non-academic-person.xml
  80. +184 −0 demo/grouper/midpoint-objects/functionLibraries/function-library-grouper.xml
  81. +92 −0 demo/grouper/midpoint-objects/objectTemplates/template-user.xml
  82. +13 −0 demo/grouper/midpoint-objects/orgs/org-affiliations.xml
  83. +13 −0 demo/grouper/midpoint-objects/orgs/org-courses.xml
  84. +13 −0 demo/grouper/midpoint-objects/orgs/org-departments.xml
  85. +13 −0 demo/grouper/midpoint-objects/orgs/org-generic-groups.xml
  86. +16 −0 demo/grouper/midpoint-objects/orgs/org-grouper-sysadmin.xml
  87. +13 −0 demo/grouper/midpoint-objects/orgs/org-mailing-lists.xml
  88. +13 −0 demo/grouper/midpoint-objects/orgs/org-midpoint-groups.xml
  89. +341 −0 demo/grouper/midpoint-objects/resources/ldap-main.xml
  90. +186 −0 demo/grouper/midpoint-objects/resources/resource-grouper.xml
  91. +221 −0 demo/grouper/midpoint-objects/resources/scriptedsql-sis-persons.xml
  92. +112 −0 demo/grouper/midpoint-objects/resources/target-cs-portal.xml
  93. +121 −0 demo/grouper/midpoint-objects/resources/target-faculty-portal.xml
  94. +102 −0 demo/grouper/midpoint-objects/resources/target-mailing-lists.xml
  95. +192 −0 demo/grouper/midpoint-objects/roles/metarole-grouper-provided-group.xml
  96. +128 −0 demo/grouper/midpoint-objects/roles/metarole-ldap-group.xml
  97. +25 −0 demo/grouper/midpoint-objects/roles/role-ldap-basic.xml
  98. +257 −0 demo/grouper/midpoint-objects/systemConfigurations/SystemConfiguration.xml
  99. +85 −0 demo/grouper/midpoint-objects/tasks/task-group-scavenger.xml
  100. +27 −0 demo/grouper/midpoint-objects/users/user-banderson.xml
  101. +9 −0 demo/grouper/midpoint_server/Dockerfile
  102. +22 −0 demo/grouper/midpoint_server/container_files/httpd/host-cert.pem
  103. +28 −0 demo/grouper/midpoint_server/container_files/httpd/host-key.pem
  104. +64 −0 demo/grouper/midpoint_server/container_files/mp-home/config.xml
  105. +1 −0 demo/grouper/midpoint_server/container_files/mp-home/cs-portal.csv
  106. +1 −0 demo/grouper/midpoint_server/container_files/mp-home/faculty-portal.csv
  107. BIN demo/grouper/midpoint_server/container_files/mp-home/icf-connectors/connector-grouper-rest-0.4.jar
  108. BIN ...ontainer_files/mp-home/icf-connectors/net.tirasa.connid.bundles.db.scriptedsql-2.2.6-SNAPSHOT.jar
  109. +1 −0 demo/grouper/midpoint_server/container_files/mp-home/mailing-lists.csv
  110. +57 −0 demo/grouper/midpoint_server/container_files/mp-home/res/sis-persons/SchemaScript.groovy
  111. +153 −0 demo/grouper/midpoint_server/container_files/mp-home/res/sis-persons/SearchScript.groovy
  112. +38 −0 demo/grouper/midpoint_server/container_files/mp-home/res/sis-persons/TestScript.groovy
  113. +47 −0 demo/grouper/midpoint_server/container_files/mp-home/schema/internet2.xsd
  114. +13 −0 demo/grouper/mq/Dockerfile
  115. +2 −0 demo/grouper/mq/container_files/etc-rabbitmq/rabbitmq.conf
  116. +8 −0 demo/grouper/mq/container_files/usr-local-bin/demo-entrypoint.sh
  117. +11 −0 demo/grouper/mq/container_files/usr-local-bin/initialize-rabbitmq.sh
  118. +6 −0 demo/grouper/recompute.sh
  119. +1 −0 demo/grouper/show-queue-size.sh
  120. +10 −0 demo/grouper/sources/Dockerfile
  121. +531 −0 demo/grouper/sources/container_files/seed-data/persons-and-courses.sql
  122. +11 −0 demo/grouper/test-resources.sh
  123. +355 −0 demo/grouper/tests/main.bats
  124. +22 −0 demo/grouper/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-banderson.xml
  125. +22 −0 demo/grouper/tests/resources/bulk-action/assign-role-grouper-sysadmin-to-test-user.xml
  126. +16 −0 demo/grouper/tests/resources/bulk-action/recompute-role-grouper-sysadmin.xml
  127. +15 −0 demo/grouper/tests/resources/grouper/t300.gsh
  128. +11 −0 demo/grouper/tests/resources/grouper/t330.gsh
  129. +12 −0 demo/grouper/tests/resources/grouper/t350.gsh
  130. +11 −0 demo/grouper/tests/resources/grouper/t410.gsh
  131. +8 −0 demo/grouper/tests/resources/rabbitmq/check-samplequeue.sh
  132. +29 −0 demo/grouper/tests/resources/tasks/task-livesync-grouper-single.xml
  133. +20 −0 demo/grouper/tests/resources/users/user-grouper-admin.xml
  134. +13 −0 demo/grouper/update-bgasper-in-grouper.gsh
  135. +5 −0 demo/grouper/update-bgasper-in-grouper.sh
  136. +5 −0 demo/grouper/upload-async-update-task.sh
  137. +5 −0 demo/grouper/upload-import-sis-persons.sh
  138. +17 −0 demo/grouper/upload-objects.sh
  139. +5 −0 demo/grouper/upload-recompute-users.sh
  140. +5 −0 demo/grouper/upload-reconcile-grouper-groups.sh
@@ -42,7 +42,7 @@ echo ""
echo "$ cd" $(pwd)/demo/simple echo "$ cd" $(pwd)/demo/simple
echo "$ docker-compose up" echo "$ docker-compose up"
echo "" echo ""
echo "(for complex demo)" echo "(for Grouper integration demo)"
echo "" echo ""
echo "$ cd" $(pwd)/demo/complex echo "$ cd" $(pwd)/demo/grouper
echo "$ docker-compose up --build" echo "$ docker-compose up --build"
@@ -0,0 +1,14 @@
AUTHENTICATION=internal
ENV=demo
REPO_DATABASE_TYPE=mariadb
REPO_JDBC_URL=default
REPO_HOST=midpoint_data
REPO_PORT=default
REPO_DATABASE=registry
REPO_USER=registry_user
REPO_MISSING_SCHEMA_ACTION=create
REPO_UPGRADEABLE_SCHEMA_ACTION=stop
MP_MEM_MAX=2048m
MP_MEM_INIT=1024m
SSO_HEADER=uid
TIMEZONE=UTC
@@ -0,0 +1,9 @@
This is a demonstration of using midPoint dockerization for TIER environment in a broader context. It is a work in progress.

# Building and execution
```
$ ../../build.sh
$ docker-compose up --build
```

Please see a detailed description [here](https://spaces.at.internet2.edu/display/MID/Complex+midPoint+integration+demo).
@@ -0,0 +1,26 @@

def addGroups(gs,stem,owner,regexp) {
for (group in stem.childGroups) {
if (!group.name.endsWith('_includes') &&
!group.name.endsWith('_excludes') &&
!group.name.endsWith('_systemOfRecord') &&
!group.name.endsWith('_systemOfRecordAndIncludes') &&
(regexp == null || group.extension ==~ regexp)) {
println 'Adding: ' + group
def s = SubjectFinder.findById(group.getId(), 'group', 'g:gsa')
owner.addMember(s, false)
} else {
println 'Ignoring: ' + group
}
}
}

gs = GrouperSession.startRootSession()
def supergroup = GroupFinder.findByName(gs, "etc:midpointGroups", true)
def cs = GroupFinder.findByName(gs, "app:cs", true)

addGroups(gs, StemFinder.findByName(gs, 'ref:affiliation'), supergroup, null)
addGroups(gs, StemFinder.findByName(gs, 'ref:dept'), supergroup, null)
addGroups(gs, StemFinder.findByName(gs, 'ref:course'), supergroup, null)

addGroups(gs, StemFinder.findByName(gs, 'ref:course'), cs, /CS.*/)
@@ -0,0 +1,4 @@
#!/bin/bash
source ../../library.bash

execute_gsh grouper_grouper_daemon_1 add-ref-groups.gsh
@@ -0,0 +1,15 @@
#!/bin/bash

B='\033[1;33m'
N='\033[0m'

echo -e "${B} * Uploading objects...${N}"
$(dirname "$0")/upload-objects.sh

echo -e "${B} * Testing resources...${N}"
$(dirname "$0")/test-resources.sh

echo -e "${B} * Recomputing Grouper admin group and user object...${N}"
$(dirname "$0")/recompute.sh

echo -e "${B} * Done${N}"
@@ -0,0 +1,71 @@
#################################
## LDAP connections
#################################
# specify the ldap connection with user, pass, url
# the string after "ldap." is the ID of the connection, and it should not have
# spaces or other special chars in it. In this case is it "personLdap"

#note the URL should start with ldap: or ldaps: if it is SSL.
#It should contain the server and port (optional if not default), and baseDn,
#e.g. ldaps://ldapserver.school.edu:636/dc=school,dc=edu
ldap.demo.url = ldap://directory:389/dc=internet2,dc=edu

#optional, if authenticated
ldap.demo.user = cn=admin,dc=internet2,dc=edu
#ldap.demo.user = cn=admin

#optional, if authenticated note the password can be stored encrypted in an external file
#ldap.demo.pass = ${java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('SUBJECT_SOURCE_LDAP_PASSWORD')}
ldap.demo.pass = password

#optional, if you are using tls, set this to true. Generally you will not be using an SSL URL to use TLS...
ldap.demo.tls = false

#optional, if using sasl
#ldap.personLdap.saslAuthorizationId =
#ldap.personLdap.saslRealm =

#optional (note, time limit is for search operations, timeout is for connection timeouts),
#most of these default to vt-ldap defaults. times are in millis
#validateOnCheckout defaults to true if all other validate methods are false
#ldap.personLdap.batchSize =
#ldap.personLdap.countLimit =
#ldap.personLdap.timeLimit =
#ldap.personLdap.timeout =
#ldap.personLdap.minPoolSize =
#ldap.personLdap.maxPoolSize =
#ldap.personLdap.validateOnCheckIn =
#ldap.personLdap.validateOnCheckOut =
#ldap.personLdap.validatePeriodically =
#ldap.personLdap.validateTimerPeriod =
#ldap.personLdap.pruneTimerPeriod =
#if connections expire after a certain amount of time, this is it, in millis, defaults to 300000 (5 minutes)
#ldap.personLdap.expirationTime =

#make the paths fully qualified and not relative to the loader group.
loader.ldap.requireTopStemAsStemFromConfigGroup=false


db.sis.user = sis_user
db.sis.pass = 49321420423
db.sis.url = jdbc:mysql://sources:3306/sis
db.sis.driver = com.mysql.jdbc.Driver


#####################################
## Messaging integration with change log
#####################################
changeLog.consumer.rabbitMqMessagingSample.quartzCron = 0 * * * * ?

# note, change "messagingSample" in key to be the name of the consumer. e.g. changeLog.consumer.someNameAnyName.class
changeLog.consumer.rabbitMqMessagingSample.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbConsumer

changeLog.consumer.rabbitMqMessagingSample.publisher.class = edu.internet2.middleware.grouper.changeLog.esb.consumer.EsbMessagingPublisher
changeLog.consumer.rabbitMqMessagingSample.publisher.messagingSystemName = rabbitmq
# note, routingKey property is valid only for rabbitmq. For other messaging systems, it is ignored.
changeLog.consumer.rabbitMqMessagingSample.publisher.routingKey =
## queue or topic
changeLog.consumer.rabbitMqMessagingSample.publisher.messageQueueType = queue
changeLog.consumer.rabbitMqMessagingSample.publisher.queueOrTopicName = sampleQueue
## this is optional if not using "id" for subjectId, need to be a subject attribute in the sources.xml
#changeLog.consumer.rabbitMqMessagingSample.publisher.addSubjectAttributes = email
@@ -0,0 +1,112 @@
#
# Copyright 2014 Internet2
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

#
# Grouper client configuration
# $Id: grouper.client.example.properties,v 1.24 2009-12-30 04:23:02 mchyzer Exp $
#

# The grouper client uses Grouper Configuration Overlays (documented on wiki)
# By default the configuration is read from grouper.client.base.properties
# (which should not be edited), and the grouper.client.properties overlays
# the base settings. See the grouper.client.base.properties for the possible
# settings that can be applied to the grouper.client.properties

########################################
## LDAP connection settings
########################################

# url of directory, including the base DN (distinguished name)
# e.g. ldap://server.school.edu/dc=school,dc=edu
# e.g. ldaps://server.school.edu/dc=school,dc=edu
grouperClient.ldap.url =

# kerberos principal used to connect to ldap
grouperClient.ldap.login =

# password for shared secret authentication to ldap
# or you can put a filename with an encrypted password
grouperClient.ldap.password =

########################################
## Web service Connection settings
########################################

# url of web service, should include everything up to the first resource to access
# e.g. http://groups.school.edu:8090/grouper-ws/servicesRest
# e.g. https://groups.school.edu/grouper-ws/servicesRest
grouperClient.webService.url = https://grouper_ws/grouper-ws/servicesRest

# kerberos principal used to connect to web service
grouperClient.webService.login = banderson

# password for shared secret authentication to web service
# or you can put a filename with an encrypted password
grouperClient.webService.password.elConfig = ${java.lang.System.getenv().get('GROUPER_CLIENT_WEBSERVICE_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('GROUPER_CLIENT_WEBSERVICE_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('GROUPER_CLIENT_WEBSERVICE_PASSWORD') }


################################
## Grouper Messaging System
################################

# name of messaging system which is the default
grouper.messaging.default.name.of.messaging.system = rabbitmq

# name of a messaging system. note, "grouperBuiltinMessaging" can be arbitrary
# grouper.messaging.system.grouperBuiltinMessaging.name = grouperBuiltinMessaging

# class that implements edu.internet2.middleware.grouperClient.messaging.GrouperMessagingSystem
# grouper.messaging.system.grouperBuiltinMessaging.class = edu.internet2.middleware.grouper.messaging.GrouperBuiltinMessagingSystem

# name of a messaging system. note, "grouperBuiltinMessaging" can be arbitrary
grouper.messaging.system.rabbitmqSystem.name = rabbitmqSystem

# class that implements edu.internet2.middleware.grouperClient.messaging.GrouperMessagingSystem
grouper.messaging.system.rabbitmqSystem.class = edu.internet2.middleware.grouperMessagingRabbitmq.GrouperMessagingRabbitmqSystem

# host address of rabbitmq queue
grouper.messaging.system.rabbitmqSystem.host = mq

# virtual host of rabbitmq queue
grouper.messaging.system.rabbitmqSystem.virtualhost =

# port of rabbitmq queue
grouper.messaging.system.rabbitmqSystem.port =

grouper.messaging.system.rabbitmqSystem.defaultPageSize = 10

grouper.messaging.system.rabbitmqSystem.maxPageSize = 50


# name of a messaging system, required
grouper.messaging.system.rabbitmq.name = rabbitmq

# default system settings to this messaging system, note, there is only one level of inheritance
grouper.messaging.system.rabbitmq.defaultSystemName = rabbitmqSystem

grouper.messaging.system.rabbitmq.user = guest

#pass
grouper.messaging.system.rabbitmq.password.elConfig = ${java.lang.System.getenv().get('RABBITMQ_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('RABBITMQ_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('RABBITMQ_PASSWORD') }
# set the following three properties if you want to use TLS connection to rabbitmq. All three need to be populated.
# TLS Version
#grouper.messaging.system.rabbitmqSystem.tlsVersion = TLSv1.1

# path to trust store file
#grouper.messaging.system.rabbitmqSystem.pathToTrustStore =

# trust passphrase
#grouper.messaging.system.rabbitmqSystem.trustPassphrase =
@@ -0,0 +1,29 @@
#
# Grouper Hibernate Configuration
# $Id: grouper.hibernate.example.properties,v 1.9 2009-08-11 20:18:09 mchyzer Exp $
#

# The grouper hibernate config uses Grouper Configuration Overlays (documented on wiki)
# By default the configuration is read from grouper.hibernate.base.properties
# (which should not be edited), and the grouper.hibernate.properties overlays
# the base settings. See the grouper.hibernate.base.properties for the possible
# settings that can be applied to the grouper.hibernate.properties

########################################
## DB settings
########################################

# e.g. mysql: jdbc:mysql://localhost:3306/grouper
# e.g. p6spy (log sql): [use the URL that your DB requires]
# e.g. oracle: jdbc:oracle:thin:@server.school.edu:1521:sid
# e.g. hsqldb (a): jdbc:hsqldb:dist/run/grouper;create=true
# e.g. hsqldb (b): jdbc:hsqldb:hsql://localhost:9001/grouper
# e.g. postgres: jdbc:postgresql://localhost:5432/database
# e.g. mssql: jdbc:sqlserver://localhost:3280;databaseName=grouper
hibernate.connection.url = jdbc:mysql://grouper_data:3306/grouper?CharSet=utf8&useUnicode=true&characterEncoding=utf8

hibernate.connection.username = root
# If you are using an empty password, depending upon your version of
# Java and Ant you may need to specify a password of "".
# Note: you can keep passwords external and encrypted: https://bugs.internet2.edu/jira/browse/GRP-122
hibernate.connection.password.elConfig = ${java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD_FILE') != null ? org.apache.commons.io.FileUtils.readFileToString(java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD_FILE'), "utf-8") : java.lang.System.getenv().get('GROUPER_DATABASE_PASSWORD') }
@@ -0,0 +1,25 @@
#
# Grouper Configuration
# $Id: grouper.example.properties,v 1.48 2009-12-16 06:02:30 mchyzer Exp $
#

# Grouper uses Grouper Configuration Overlays (documented on wiki)
# By default the configuration is read from grouper.base.properties
# (which should not be edited), and the grouper.properties overlays
# the base settings. See the grouper.base.properties for the possible
# settings that can be applied to the grouper.properties

#if groups like the wheel group should be auto-created for convenience (note: check config needs to be on)
configuration.autocreate.system.groups = true

# A wheel group allows you to enable non-GrouperSystem subjects to act
# like a root user when interacting with the registry.
groups.wheel.use = true

# Set to the name of the group you want to treat as the wheel group.
# The members of this group will be treated as root-like users.
groups.wheel.group = etc:sysadmingroup

# Used to allow Include Exclude groups
grouperIncludeExclude.use = true
grouperIncludeExclude.requireGroups.use = true
@@ -0,0 +1 @@
guest

0 comments on commit f30d47e

Please sign in to comment.
You can’t perform that action at this time.