Spotter-VM/opendatakit/srv/opendatakit/conf/security.properties

# Either basic or digest
security.server.deviceAuthentication=basic

# Choose whether to secure everything with https or allow http access.
#
# NOTE: changes also needed to:
# -- server.xml (Tomcat configuration file) to set up the secure channel
#
# issue 648 - REQUIRES_INSECURE_CHANNEL is now the default instead of ANY_CHANNEL
# there are various edge cases that have not been tested in the UI for
# allowing arbitrary accesses, as the session cookie and authentication
# do get set for a specific http: or https: scheme and are not transferrable.
#
# should be REQUIRES_SECURE_CHANNEL but can't unless SSL is available.
security.server.secureChannelType=REQUIRES_SECURE_CHANNEL

# either REQUIRES_INSECURE_CHANNEL to secure nothing
# or REQUIRES_SECURE_CHANNEL to secure everything
# or perhaps ANY_CHANNEL when running through a proxy server
security.server.channelType=ANY_CHANNEL

# When running under Tomcat, you need to set the hostname and port for
# the server so that the background tasks can generate properly-constructed
# links in their documents and in their publications to the
# external services.
#
# This is configured during install.  If blank, discovers an IP address
security.server.hostname=
security.server.port=8815
security.server.securePort=8415

wink.handlersFactoryClass=org.opendatakit.aggregate.odktables.impl.api.wink.AppEngineHandlersFactory

# e-mail of designated superuser. This must be a user that has an OAuth2
# login hosted by a remote server (i.e., this must be a gmail account).
# this should be of the form: 'mailto:user@gmail.com'
security.server.superUser=

# Define a superUserUsername to insert an ODK Aggregate username that can
# access the server.  The initial password for this username is 'aggregate'
security.server.superUserUsername=${OPENDATAKIT_ADMIN_USER}

# realm definition
# realmString -- what should be sent to users when BasicAuth or DigestAuth is done
security.server.realm.realmString=${OPENDATAKIT_ADMIN_REALM}
Add installation script + Dockerfile for OpenDataKit, closes #67 2018-03-16 16:08:18 +01:00			`# Either basic or digest`
			`security.server.deviceAuthentication=basic`

			`# Choose whether to secure everything with https or allow http access.`
			`#`
			`# NOTE: changes also needed to:`
			`# -- server.xml (Tomcat configuration file) to set up the secure channel`
			`#`
			`# issue 648 - REQUIRES_INSECURE_CHANNEL is now the default instead of ANY_CHANNEL`
			`# there are various edge cases that have not been tested in the UI for`
			`# allowing arbitrary accesses, as the session cookie and authentication`
			`# do get set for a specific http: or https: scheme and are not transferrable.`
			`#`
			`# should be REQUIRES_SECURE_CHANNEL but can't unless SSL is available.`
Fix OpenDataKit URL confusion, closes #224 2018-03-16 21:35:35 +01:00			`security.server.secureChannelType=REQUIRES_SECURE_CHANNEL`
Add installation script + Dockerfile for OpenDataKit, closes #67 2018-03-16 16:08:18 +01:00
			`# either REQUIRES_INSECURE_CHANNEL to secure nothing`
			`# or REQUIRES_SECURE_CHANNEL to secure everything`
			`# or perhaps ANY_CHANNEL when running through a proxy server`
Fix OpenDataKit URL confusion once more, related to #226 and others - Partially revert commit 955a178 - Move ODK Build to port 8x17 2018-03-17 16:13:16 +01:00			`security.server.channelType=ANY_CHANNEL`
Add installation script + Dockerfile for OpenDataKit, closes #67 2018-03-16 16:08:18 +01:00
			`# When running under Tomcat, you need to set the hostname and port for`
			`# the server so that the background tasks can generate properly-constructed`
			`# links in their documents and in their publications to the`
			`# external services.`
			`#`
			`# This is configured during install. If blank, discovers an IP address`
			`security.server.hostname=`
			`security.server.port=8815`
			`security.server.securePort=8415`

			`wink.handlersFactoryClass=org.opendatakit.aggregate.odktables.impl.api.wink.AppEngineHandlersFactory`

			`# e-mail of designated superuser. This must be a user that has an OAuth2`
			`# login hosted by a remote server (i.e., this must be a gmail account).`
			`# this should be of the form: 'mailto:user@gmail.com'`
			`security.server.superUser=`

			`# Define a superUserUsername to insert an ODK Aggregate username that can`
			`# access the server. The initial password for this username is 'aggregate'`
			`security.server.superUserUsername=${OPENDATAKIT_ADMIN_USER}`

			`# realm definition`
			`# realmString -- what should be sent to users when BasicAuth or DigestAuth is done`
			`security.server.realm.realmString=${OPENDATAKIT_ADMIN_REALM}`