...
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
global:
root-url: https://esup-signature.esup-portail.org
domain: esup-portail.org
nexu-url: http://localhost:9795
nexu-version: 1.22, 1.23 ou Esup-DSS-Client 1.0
hide-wizard: true
hide-auto-sign: true
hide-send-sign-request: true
hide-wizard-except-roles:
hide-auto-sign-except-roles:
hide-send-sign-except-roles:
enable-su: false
enable-splash: true
application-email: no-reply@esup-portail.org
hours-before-refresh-notif: 24
share-mode: 1
pdf-only: true
seal-certificat-pin: ******
# usage du driver propriétaire et pas d'OpenSC
# seal-certificat-type: OPENSC
seal-certificat-type: PKCS11
seal-certificat-driver: /usr/lib/pkcs11/libIDPrimePKCS11.so
infinite-scrolling: true
return-to-home-after-sign: false
naming-template: "[title]"
signed-suffix: "_signed"
trash-keep-delay: 15
disable-cert-storage: true
export-attachements: false
authorized-sign-types: certsign
tomcat:
ajp:
port: 8009
info:
app:
name: esup-signature
description: Instance de production
tags:
environment: PROD
management:
health:
ldap:
enabled: false
endpoints:
jmx:
exposure:
include: '*'
web:
exposure:
include: '*'
endpoint:
health:
show-details: ALWAYS
spring:
session:
jdbc:
initialize-schema: ALWAYS
datasource:
driver-class-name: org.postgresql.Driver
url: jdbc:postgresql://localhost:5432/esupsignature
password: *************
username: esupsignature
jdbc-url: ${spring.datasource.url}
hikari:
auto-commit: false
tomcat:
validation-query: SELECT 1;
jpa:
hibernate:
ddl-auto: update
properties:
hibernate:
jdbc:
lob:
non_contextual_creation: true
show-sql: false
open-in-view: false
mail:
host: smtp.univ-rouen.fr
messages:
basename: i18n/messages
encoding: UTF-8
fallback-to-system-locale: false
data:
ldap:
repositories:
enabled: false
thymeleaf:
cache: true
encoding: UTF-8
mode: HTML
servlet:
produce-partial-output-while-processing: false
web:
resources:
cache:
cachecontrol:
max-age: 1d
cache-public: true
static-locations: classpath:/static
mail:
from: no-reply@esup-portail.org
sms:
enable-sms : false
dss:
cache-data-source-driver-class-name: org.hsqldb.jdbc.JDBCDriver
cache-data-source-url: jdbc:hsqldb:mem:cachedb
cache-password:
cache-username: sa
default-validation-policy: policy/constraint.xml
server-signing-keystore-filename: validate_service.p12
server-signing-keystore-password: password
server-signing-keystore-type: PKCS12
tsp-server: http://tsa.belgium.be/connect
lotl-country-code: EU
lotl-url: https://ec.europa.eu/tools/lotl/eu-lotl.xml
oj-url: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.C_.2019.276.01.0001.01.ENG
fs:
vfs-test-uri: /tmp
pdf:
convert-to-pdf-a: true
pdf-a-level: 2
path-to-g-s: /usr/bin/gs
path-to-fonts : /usr/share/fonts
pdf-to-image-dpi: 72
security:
shib:
idp-url: https://idp.univ-rouen.fr
principal-request-header: REMOTE_USER
title: Fédération d'identité RENATER / Shibboleth
domains-white-list-url: https://eduspot.renater.fr/eduspot/whitelist-eduspot.txt
web:
group-to-role-filter-pattern: for.esup-signature.role.(\w*)
mapping-groups-roles:
for.esup-signature.admin: ROLE_ADMIN
for.esup-signature.user: ROLE_USER
for.esup-signature.create-sign-req: ROLE_CREATE_SIGNREQUEST
for.esup-signature.esup-coord: ROLE_CREATE_AUTOSIGN
for.esup-signature.seal: ROLE_SEAL
ws-access-authorize-ips: 127.0.0.1
group-mapping-spel:
for.esup-signature.admin: "#eppn == '*****@univ-rouen.fr' or #eppn == '*****@univ-rouen.fr'"
for.esup-signature.user: "true"
for.esup-signature.seal: "true"
for.esup-signature.create-sign-req: "#eppn == '****@univ-rouen.fr' or #eppn == '****@univ-rouen.fr' or #eppn == '*****@univ-lyon3.fr' or #eppn == '*****@uphf.fr' or #eppn == '****@univ-lorraine.fr' or #eppn == '****@toulouse-inp.fr'"
for.esup-signature.esup-coord: "#eppn == '****@univ-rouen.fr' or #eppn == '***@univ-rouen.fr' or #eppn == '****@univ-lyon3.fr' or #eppn == '****@toulouse-inp.fr'"
server:
servlet:
session:
tracking-modes: COOKIE
error:
include-stacktrace: always
port: 8080
tomcat:
mbeanregistry:
enabled: true
remoteip:
remote-ip-header: X-Forwarded-For
basedir: ./temp
max-swallow-size: -1
sign:
aes-key : "0000000000000000"
cades-digest-algorithm: SHA256
cades-signature-level: CAdES_BASELINE_LT
container-type: ASiC_E
default-signature-form: XAdES
pades-digest-algorithm: SHA256
pades-signature-level: PAdES_BASELINE_LT
password-timeout: 60000
signature-packaging: ENVELOPED
xades-digest-algorithm: SHA256
xades-signature-level: XAdES_BASELINE_LT
logging:
file:
name: /var/log/esup-signature/esup-signature.log
pattern:
console: "%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(%5p) %clr(${PID:- }){magenta} %clr(%X{userId:-system}){cyan} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n%wEx"
file: "%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(%5p) %clr(${PID:- }){magenta} %clr(%X{userId:-system}){cyan} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} %clr(:){faint} %m%n%wEx"
level:
root: warn
org.esupportail.esupsignature: info
org.verapdf: error
org.apache.pdfbox: error
eu.europa.esig.dss: error
org.springframework.web.filter.CommonsRequestLoggingFilter: error
springdoc:
api-docs:
enabled: true
path: /api-docs
swagger-ui:
enabled: true
supported-submit-methods: []
path: /swagger-ui.html
packages-to-scan: org.esupportail.esupsignature.web.ws
show-actuator: true |
...