USER {
- com.sun.security.auth.module.Krb5LoginModule required clearPass=true;
- org.argeo.cms.auth.IpaLoginModule requisite;
+ org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+ org.argeo.cms.auth.SpnegoLoginModule optional;
+ com.sun.security.auth.module.Krb5LoginModule optional tryFirstPass=true;
+ org.argeo.cms.auth.UserAdminLoginModule sufficient;
};
ANONYMOUS {
- org.argeo.cms.auth.UserAdminLoginModule requisite anonymous=true;
+ org.argeo.cms.auth.HttpSessionLoginModule sufficient;
+ org.argeo.cms.auth.AnonymousLoginModule sufficient;
};
DATA_ADMIN {
- org.argeo.cms.auth.DataAdminLoginModule requisite;
+ org.argeo.node.DataAdminLoginModule requisite;
+};
+
+NODE {
+ com.sun.security.auth.module.Krb5LoginModule optional
+ keyTab="${osgi.instance.area}node/krb5.keytab"
+ useKeyTab=true
+ storeKey=true;
+ org.argeo.node.DataAdminLoginModule requisite;
};
KEYRING {
org.argeo.cms.auth.KeyringLoginModule required;
};
+SINGLE_USER {
+ com.sun.security.auth.module.Krb5LoginModule optional
+ principal="${user.name}"
+ storeKey=true
+ useTicketCache=true
+ debug=true;
+ org.argeo.cms.auth.SingleUserLoginModule requisite;
+};
+
Jackrabbit {
org.argeo.security.jackrabbit.SystemJackrabbitLoginModule requisite;
};