#---------------------------------------------------------------# #----------ENABLED AUTHENTICATION METHODS/PLUGINS---------------# #---------------------------------------------------------------# # This configuration setting contains the listing of all # # currently enabled authentication plugins. DSpace supports an # # Authentication "stack" which allows you to enable multiple # # forms of Authentication at the same time. Enabled # # Authentication plugins are invoked in order until one of them # # succeeds. # #---------------------------------------------------------------# # Out-of-the-box DSpace Authentication Plugins include: # * Authentication by Password # Plugin class: org.dspace.authenticate.PasswordAuthentication # Configuration file: authentication-password.cfg # * Shibboleth Authentication # Plugin class: org.dspace.authenticate.ShibAuthentication # Configuration file: authentication-shibboleth.cfg # * LDAP Authentication # LDAP Plugin class: org.dspace.authenticate.LDAPAuthentication # Configuration file: authentication-ldap.cfg # * IP Address Authentication # Plugin class: org.dspace.authenticate.IPAuthentication # Configuration file: authentication-ip.cfg # * X.509 Certificate Authentication # Plugin class: org.dspace.authenticate.X509Authentication # Configuration file: authentication-x509.cfg # * ORCID certificate authentication. # Plugin class: org.dspace.authenticate.OrcidAuthentication # Configuration file: orcid.cfg # * OIDC Authentication # Plugin class: org.dspace.authenticate.OidcAuthentication # Configuration file: authentication-oidc.cfg # # One or more of the above plugins can be enabled by listing its plugin class in # the below setting. To configure the enabled plugin(s) visit the configuration file(s) # listed above. See the DSpace Configuration Documentation for more details. # # Uncomment any of the below plugins to enable them (or copy to your local.cfg). # You may also reorder them by simply changing their order within this file, or # defining a new order in local.cfg. # IP-based authentication/authorization. See authentication-ip.cfg for default configuration. #plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.IPAuthentication # LDAP authentication/authorization. See authentication-ldap.cfg for default configuration. #plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.LDAPAuthentication # Shibboleth authentication/authorization. See authentication-shibboleth.cfg for default configuration. #plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.ShibAuthentication # X.509 certificate authentication. See authentication-x509.cfg for default configuration. #plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.X509Authentication # ORCID certificate authentication. # plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.OrcidAuthentication # OIDC authentication. See authentication-oidc.cfg for default configuration. #plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.OidcAuthentication # Authentication by Password (encrypted in DSpace's database). See authentication-password.cfg for default configuration. # Enabled by default (to disable, either comment out, or define a new list of AuthenticationMethod plugins in your local.cfg) plugin.sequence.org.dspace.authenticate.AuthenticationMethod = org.dspace.authenticate.PasswordAuthentication #---------------------------------------------------------------# #---------------Stateless JWT Authentication--------------------# #---------------------------------------------------------------# # Server key part that is a part of the key used to sign the authentication tokens. # If this property is not set or empty, DSpace will generate a random key on startup. # IF YOU ARE RUNNING DSPACE IN A CLUSTER, you need to set a value for this property here or as an environment variable # jwt.login.token.secret = # This property enables/disables encryption of the payload in a stateless token. Enabling this makes the data encrypted # and unreadable by the receiver, but makes the token larger in size. false by default jwt.login.encryption.enabled = false # Encryption key to use when JWT token encryption is enabled (JWE). Note that encrypting tokens might required additional # configuration in the REST clients # jwt.login.encryption.secret = # This enables compression of the payload of a jwt, enabling this will make the jwt token a little smaller at the cost # of some performance, this setting WILL ONLY BE used when encrypting the jwt. jwt.login.compression.enabled = true # Expiration time of a token in milliseconds jwt.login.token.expiration = 1800000 #---------------------------------------------------------------# #---Stateless JWT Authentication for downloads of bitstreams----# #----------------------among other things-----------------------# #---------------------------------------------------------------# # Server key part that is a part of the key used to sign the authentication tokens. # If this property is not set or empty, DSpace will generate a random key on startup. # IF YOU ARE RUNNING DSPACE IN A CLUSTER, you need to set a value for this property here or as an environment variable # jwt.shortLived.token.secret = # This property enables/disables encryption of the payload in a stateless token. Enabling this makes the data encrypted # and unreadable by the receiver, but makes the token larger in size. false by default jwt.shortLived.encryption.enabled = false # Encryption key to use when JWT token encryption is enabled (JWE). Note that encrypting tokens might required additional # configuration in the REST clients # jwt.shortLived.encryption.secret = # This enables compression of the payload of a jwt, enabling this will make the jwt token a little smaller at the cost # of some performance, this setting WILL ONLY BE used when encrypting the jwt. jwt.shortLived.compression.enabled = true # Expiration time of a token in milliseconds jwt.shortLived.token.expiration = 2000