accessmanager

This configuration is required.

  • Documentation

  • YAML Format

  • XML Format

Fill relevant inputs (blue boxes) and click the blue bars on the left to copy XML configuration snippets.
<userRegistry
>
required
<userNameHandling
>
optional
string

Username transformation settings:

  • toUpperCase - The username will be automatically transformed to upper case before login

  • toLowerCase - The username will be automatically transformed to lower case before login

  • default - The username will not be transformed. Thus, it is handled by Cadenza in a case-sensitive way

Note: The password is always case-sensitive.

</userNameHandling>
<userSuggestion
<providers
<provider
xsd:string
OIDC
LDAP
Embedded
>
optionalmax. unbounded

A user provider type to include in suggestions.

</provider>
>
optional

List of user providers to include in user suggestions.

</providers>
>
optional

Specifies the user providers whose users will be shown in user pickers. Default: all user providers; if empty: no user provider.

</userSuggestion>
<userPrintNameSuggestion
<providers
<provider
xsd:string
OIDC
LDAP
Embedded
>
optionalmax. unbounded

A user provider type to include in suggestions.

</provider>
>
optional

List of user providers to include in user suggestions.

</providers>
>
optional

Specifies the user providers whose users will be shown with their real names in user pickers. (User providers must also be listed in userSuggestion.) Default: all user providers; if empty: no user provider.

</userPrintNameSuggestion>
<changelog
enabled
optional
=
boolean

true to activate the change log. false to deactivate the change log.

Default: false

>
optionalmax. 1

Settings for authorization change logging. Changes to authorizations, both on system level (role definitions, group variables, etc.) and on individual repository items can be logged to the respective schema.

</changelog>
<authenticators
>
required

Settings for authenticators. Defines the methods used for the authentication, group mapping and property mapping and their order. Multiple authenticators can be defined. If a user is not known by an authenticator, authentication is attempted with the next authenticator in the order. If the password is wrong, login fails.

Some rules should be observed when configuring these authenticators as having the wrong order may cause an authenticator to never trigger:

  • Non-interactive authenticators must come before interactive ones

  • OIDC must be named as the last SSO procedure

guestsAllowed
optional
=
boolean

true to enable guest logins, false to disable.

Default: false

disableLoginButton
optional
=
boolean

true to disable login button, false to enable. Applicable only when guestsAllowed is true.

Default: false

<authenticator
>
optionalmax. unbounded

Settings for an authenticator. They are mandatory if guest login is not used (but also can be used in combination with guest login).

refid
optional
=
string

Method or protocol for authentication. Current possible values:

  • LDAP

  • JWT

  • SPNEGO

  • OIDC

  • autologin-httpheader

  • Embedded

  • apikey-httpheader

<groupMapping
>
requiredmax. unbounded

A mapping of a user to user groups after successful authentication. Several group mapping variants can be specified. If assignment was not possible with the first group mapping variant, the next one will be tried. The first successful assignment will be used. If assignment was not possible with any group mapping variant, login fails.

xsd:string
refid
optional
=
string

Method or protocol for mapping. Current possible values:

  • LDAP

  • JWT

  • OIDC

  • Embedded

  • apikey-httpheader

</groupMapping>
<propertyMapping
>
optionalmax. unbounded

User properties that should be passed to Cadenza as user variable after successful authentication. If several propertyMappings are defined, the results of all are considered. Current possible values:

  • LDAP

  • JWT

  • OIDC

  • Embedded

  • UserName

xsd:string
refid
optional
=
string
</propertyMapping>
</authenticator>
</authenticators>
</userRegistry>
This is a generated sample file with fake data and all the possible options shown, refer to the Documentation tab for what combinations are valid and what is required or not. 
cadenzaconfig:
  settings:
    accessmanager:
      userNameHandling: "text"
      userSuggestion:
        providers:
        - "OIDC"
        - "OIDC"
      userPrintNameSuggestion:
        providers:
        - "OIDC"
        - "OIDC"
      changelog:
        enabled: true
      authenticators:
        guestsAllowed: true
        disableLoginButton: true
        authenticator:
        - refid: "text"
          groupMapping:
          - refid: "text"
            value: "text"
          - refid: "text"
            value: "text"
          propertyMapping:
          - refid: "text"
            value: "text"
          - refid: "text"
            value: "text"
        - refid: "text"
          groupMapping:
          - refid: "text"
            value: "text"
          - refid: "text"
            value: "text"
          propertyMapping:
          - refid: "text"
            value: "text"
          - refid: "text"
            value: "text"

Filename: accessmanager-config.xml

This is a generated sample file with fake data and all the possible options shown, refer to the Documentation tab for what combinations are valid and what is required or not. 
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<userRegistry>
  <userNameHandling>text</userNameHandling>
  <userSuggestion>
    <providers>
      <provider>OIDC</provider>
      <provider>OIDC</provider>
    </providers>
  </userSuggestion>
  <userPrintNameSuggestion>
    <providers>
      <provider>OIDC</provider>
      <provider>OIDC</provider>
    </providers>
  </userPrintNameSuggestion>
  <changelog enabled="true"/>
  <authenticators guestsAllowed="true" disableLoginButton="true">
    <authenticator refid="text">
      <groupMapping refid="text">text</groupMapping>
      <groupMapping refid="text">text</groupMapping>
      <propertyMapping refid="text">text</propertyMapping>
      <propertyMapping refid="text">text</propertyMapping>
    </authenticator>
    <authenticator refid="text">
      <groupMapping refid="text">text</groupMapping>
      <groupMapping refid="text">text</groupMapping>
      <propertyMapping refid="text">text</propertyMapping>
      <propertyMapping refid="text">text</propertyMapping>
    </authenticator>
  </authenticators>
</userRegistry>