Try OpenEdge Now
skip to main content
Administration
REST Administration : REST Management Agent and REST Web Application Security Configurations : Using Single Point of Authentication security configurations : Configure the SPA security configuration model : OERealmUserDetails properties
 
OERealmUserDetails properties
OERealmUserDetails is a bean that you configure to set how the authenticated OpenEdge users connect to a state-free AppServer. By configuring this bean, you describe how a user account's details must be passed between Spring Security framework and the OpenEdge AppServer.
Set the properties of OERealmUserDetails using the following information:
Table 92. OERealmUserDetails properties
Spring property
Default value
Range of accepted values
Description
realmURL
"Appserver://localhost:51
62/oerealm"
"valid URL"
Specifies the URL to connect users to the state-free AppServer.
Note: oerealm is the name of the OpenEdge State-free AppServer where you deploy the OpenEdge realm. Refer to Configure an OERealm service on an AppServer.
realmClass
"OpenEdge.Security.Realm.
IHybridRealm"
"valid OOABL
path"
Specifies the realm service interface's class path. SPA security implementation for the REST Web application must specify the IHybridRealm interface class.
grantedAuthorities
"ROLE_PSCUser"
"ROLE_XXXX"
Specifies the static Spring roles granted for the user if the AppServer realm service interface does not support roles.
rolePrefix
"ROLE_"
"valid
string"
Specifies the role name's prefix that the Spring security framework must use when converting external role names into Spring roles names.
roleAttrName
"ATTR_ROLES"
"valid
string"
Specifies the string name supported by the realm service interface to return a comma-separated list of roles names.
enabledAttrName
"ATTR_ENABLED"
"valid
string"
Specifies the string name supported by the realm service interface to return an account's enabled state.
lockedAttrName
"ATTR_LOCKED"
"valid
string"
Specifies the string name supported by the realm service interface to return an account's locked state.
expiredAttrName
"ATTR_EXPIRED"
"valid
string"
Specifies the string name supported by the realm service interface to return an account's expired state.
realmPwdAlg
"0"
"0" |
"3"
Specifies the format of the password passed to the realm service interface for validation.Specify:
*0 for clear-text passwords.
*3 for HTTP digest passwords.
realmTokenFile
""
"" | "valid
token file"
If a valid token file is provided, it specifies a file name that holds a serialized ClientPrincipal used to authenticate the realm service interface.
Note: Configure this parameter if you have implemented an extra layer of security, for OERealm, using C-P file and link. The C-P token is generated using genspacp utility
Note: The values that you set for the roleAttrName, enabledAttrName, lockedAttrName, and expiredAttrName properties must match the values of the respective attributes that are used by the OERealm service interface class.