WORKERS AHEAD!
You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.
Spring Cloud Configuration Server - Spring Cloud Default
The Spring Cloud Configuration Server is able to handle git
or svn
based repositories that host CAS configuration.
Such repositories can either be local to the deployment, or they could be on the cloud in form of GitHub/Bitbucket. Access to
cloud-based repositories can either be in form of a username/password, or via SSH so as long the appropriate keys are configured in the
CAS deployment environment which is really no different than how one would normally access a git repository via SSH.
The following settings and properties are available from the CAS configuration catalog:
- Required
- Optional
- Signing & Encryption
- Hibernate & JDBC
- Email Servers
- Groovy Scripting
- LDAP & Active Directory
- Authentication
- Password Encoding
- Principal Transformation
- Password Policy
- Third Party
- Notes
spring.cloud.config.server.git.basedir=
Base directory for local working copy of repository.
CAS Property:
|
1 |
spring.cloud.config.server.git.basedir=... |
1
spring:
cloud:
config:
server:
git:
basedir: "..."
1
java -Dspring.cloud.config.server.git.basedir="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_BASEDIR="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.basedir="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.clone-on-start=false
Flag to indicate that the repository should be cloned on startup (not on demand). Generally leads to slower startup but faster first query.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.clone-on-start
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.clone-on-start=...
1
spring:
cloud:
config:
server:
git:
clone-on-start: "..."
1
java -Dspring.cloud.config.server.git.clone-on-start="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_CLONE_ON_START="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.clone-on-start="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.clone-submodules=false
Flag to indicate that the submodules in the repository should be cloned.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.clone-submodules
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.clone-submodules=...
1
spring:
cloud:
config:
server:
git:
clone-submodules: "..."
1
java -Dspring.cloud.config.server.git.clone-submodules="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_CLONE_SUBMODULES="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.clone-submodules="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.default-label=
The default label to be used with the remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.default-label
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.default-label=...
1
spring:
cloud:
config:
server:
git:
default-label: "..."
1
java -Dspring.cloud.config.server.git.default-label="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_DEFAULT_LABEL="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.default-label="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.delete-untracked-branches=false
Flag to indicate that the branch should be deleted locally if it's origin tracked branch was removed.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.delete-untracked-branches
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.delete-untracked-branches=...
1
spring:
cloud:
config:
server:
git:
delete-untracked-branches: "..."
1
java -Dspring.cloud.config.server.git.delete-untracked-branches="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_DELETE_UNTRACKED_BRANCHES="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.delete-untracked-branches="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.force-pull=false
Flag to indicate that the repository should force pull. If true discard any local changes and take from remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.force-pull
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.force-pull=...
1
spring:
cloud:
config:
server:
git:
force-pull: "..."
1
java -Dspring.cloud.config.server.git.force-pull="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_FORCE_PULL="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.force-pull="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.host-key=
Valid SSH host key. Must be set if hostKeyAlgorithm is also set.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.host-key
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.host-key=...
1
spring:
cloud:
config:
server:
git:
host-key: "..."
1
java -Dspring.cloud.config.server.git.host-key="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_HOST_KEY="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.host-key="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.host-key-algorithm=
One of ssh-dss, ssh-rsa, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521. Must be set if hostKey is also set.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.host-key-algorithm
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.host-key-algorithm=...
1
spring:
cloud:
config:
server:
git:
host-key-algorithm: "..."
1
java -Dspring.cloud.config.server.git.host-key-algorithm="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_HOST_KEY_ALGORITHM="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.host-key-algorithm="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.ignore-local-ssh-settings=false
If true, use property-based instead of file-based SSH config.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.ignore-local-ssh-settings
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.ignore-local-ssh-settings=...
1
spring:
cloud:
config:
server:
git:
ignore-local-ssh-settings: "..."
1
java -Dspring.cloud.config.server.git.ignore-local-ssh-settings="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_IGNORE_LOCAL_SSH_SETTINGS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.ignore-local-ssh-settings="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.known-hosts-file=
Location of custom .known_hosts file.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.known-hosts-file
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.known-hosts-file=...
1
spring:
cloud:
config:
server:
git:
known-hosts-file: "..."
1
java -Dspring.cloud.config.server.git.known-hosts-file="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_KNOWN_HOSTS_FILE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.known-hosts-file="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.order=
The order of the environment repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.order
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.order=...
1
spring:
cloud:
config:
server:
git:
order: "..."
1
java -Dspring.cloud.config.server.git.order="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_ORDER="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.order="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.passphrase=
Passphrase for unlocking your ssh private key.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.passphrase
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.passphrase=...
1
spring:
cloud:
config:
server:
git:
passphrase: "..."
1
java -Dspring.cloud.config.server.git.passphrase="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PASSPHRASE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.passphrase="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.password=
Password for authentication with remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.password
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.password=...
1
spring:
cloud:
config:
server:
git:
password: "..."
1
java -Dspring.cloud.config.server.git.password="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.password="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.preferred-authentications=
Override server authentication method order. This should allow for evading login prompts if server has keyboard-interactive authentication before the publickey method.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.preferred-authentications
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.preferred-authentications=...
1
spring:
cloud:
config:
server:
git:
preferred-authentications: "..."
1
java -Dspring.cloud.config.server.git.preferred-authentications="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PREFERRED_AUTHENTICATIONS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.preferred-authentications="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.private-key=
Valid SSH private key. Must be set if ignoreLocalSshSettings is true and Git URI is SSH format.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.private-key
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.private-key=...
1
spring:
cloud:
config:
server:
git:
private-key: "..."
1
java -Dspring.cloud.config.server.git.private-key="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PRIVATE_KEY="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.private-key="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.proxy=
HTTP proxy configuration.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.proxy
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.proxy=...
1
spring:
cloud:
config:
server:
git:
proxy: "..."
1
java -Dspring.cloud.config.server.git.proxy="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PROXY="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.proxy="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.refresh-rate=0
Time (in seconds) between refresh of the git repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.refresh-rate
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.refresh-rate=0
1
spring:
cloud:
config:
server:
git:
refresh-rate: "0"
1
java -Dspring.cloud.config.server.git.refresh-rate="0" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_REFRESH_RATE="0"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.refresh-rate="0"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.repos=
Map of repository identifier to location and other properties.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.repos
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.repos=...
1
spring:
cloud:
config:
server:
git:
repos: "..."
1
java -Dspring.cloud.config.server.git.repos="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_REPOS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.repos="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.search-paths=
Search paths to use within local working copy. By default searches only the root.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.search-paths
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.search-paths=...
1
spring:
cloud:
config:
server:
git:
search-paths: "..."
1
java -Dspring.cloud.config.server.git.search-paths="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_SEARCH_PATHS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.search-paths="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.skip-ssl-validation=false
Flag to indicate that SSL certificate validation should be bypassed when communicating with a repository served over an HTTPS connection.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.skip-ssl-validation
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.skip-ssl-validation=...
1
spring:
cloud:
config:
server:
git:
skip-ssl-validation: "..."
1
java -Dspring.cloud.config.server.git.skip-ssl-validation="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_SKIP_SSL_VALIDATION="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.skip-ssl-validation="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.strict-host-key-checking=true
If false, ignore errors with host key.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.strict-host-key-checking
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.strict-host-key-checking=true
1
spring:
cloud:
config:
server:
git:
strict-host-key-checking: "true"
1
java -Dspring.cloud.config.server.git.strict-host-key-checking="true" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_STRICT_HOST_KEY_CHECKING="true"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.strict-host-key-checking="true"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.timeout=5
Timeout (in seconds) for obtaining HTTP or SSH connection (if applicable), defaults to 5 seconds.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.timeout
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.timeout=5
1
spring:
cloud:
config:
server:
git:
timeout: "5"
1
java -Dspring.cloud.config.server.git.timeout="5" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_TIMEOUT="5"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.timeout="5"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.try-master-branch=true
To maintain compatibility we will try the master branch in addition to main when we try to fetch the default branch.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.try-master-branch
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.try-master-branch=true
1
spring:
cloud:
config:
server:
git:
try-master-branch: "true"
1
java -Dspring.cloud.config.server.git.try-master-branch="true" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_TRY_MASTER_BRANCH="true"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.try-master-branch="true"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.uri=
URI of remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.uri
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.uri=...
1
spring:
cloud:
config:
server:
git:
uri: "..."
1
java -Dspring.cloud.config.server.git.uri="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_URI="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.uri="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.username=
Username for authentication with remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.username
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.username=...
1
spring:
cloud:
config:
server:
git:
username: "..."
1
java -Dspring.cloud.config.server.git.username="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_USERNAME="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.username="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.basedir=
Base directory for local working copy of repository.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.basedir
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.basedir=...
1
spring:
cloud:
config:
server:
svn:
basedir: "..."
1
java -Dspring.cloud.config.server.svn.basedir="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_BASEDIR="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.basedir="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.default-label=
The default label to be used with the remote repository.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.default-label
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.default-label=...
1
spring:
cloud:
config:
server:
svn:
default-label: "..."
1
java -Dspring.cloud.config.server.svn.default-label="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_DEFAULT_LABEL="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.default-label="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.order=
The order of the environment repository.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.order
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.order=...
1
spring:
cloud:
config:
server:
svn:
order: "..."
1
java -Dspring.cloud.config.server.svn.order="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_ORDER="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.order="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.passphrase=
Passphrase for unlocking your ssh private key.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.passphrase
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.passphrase=...
1
spring:
cloud:
config:
server:
svn:
passphrase: "..."
1
java -Dspring.cloud.config.server.svn.passphrase="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_PASSPHRASE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.passphrase="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.password=
Password for authentication with remote repository.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.password
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.password=...
1
spring:
cloud:
config:
server:
svn:
password: "..."
1
java -Dspring.cloud.config.server.svn.password="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_PASSWORD="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.password="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.search-paths=
Search paths to use within local working copy. By default searches only the root.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.search-paths
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.search-paths=...
1
spring:
cloud:
config:
server:
svn:
search-paths: "..."
1
java -Dspring.cloud.config.server.svn.search-paths="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_SEARCH_PATHS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.search-paths="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.strict-host-key-checking=true
Reject incoming SSH host keys from remote servers not in the known host list.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.strict-host-key-checking
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.strict-host-key-checking=true
1
spring:
cloud:
config:
server:
svn:
strict-host-key-checking: "true"
1
java -Dspring.cloud.config.server.svn.strict-host-key-checking="true" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_STRICT_HOST_KEY_CHECKING="true"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.strict-host-key-checking="true"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.uri=
URI of remote repository.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.uri
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.uri=...
1
spring:
cloud:
config:
server:
svn:
uri: "..."
1
java -Dspring.cloud.config.server.svn.uri="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_URI="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.uri="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.svn.username=
Username for authentication with remote repository.
org.springframework.cloud.config.server.environment.SvnKitEnvironmentProperties.
CAS Property: spring.cloud.config.server.svn.username
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.svn.username=...
1
spring:
cloud:
config:
server:
svn:
username: "..."
1
java -Dspring.cloud.config.server.svn.username="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_SVN_USERNAME="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.svn.username="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
Configuration Metadata
The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.
Be Selective
This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.
YAGNI
Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.
Naming Convention
Property names can be specified in very relaxed terms. For instance cas.someProperty
, cas.some-property
, cas.some_property
are all valid names. While all
forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where
this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those
that might be presented to the system via an external library or framework such as Spring Boot, etc.
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas
. All other settings are controlled and provided
to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with
the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition
or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the
way you intend.
Validation
Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.
Indexed Settings
CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value
. The index [0]
is meant to be
incremented by the adopter to allow for distinct multiple configuration blocks.
The configuration modules provided here may also be used verbatim inside a CAS server overlay and do not exclusively belong to a Spring Cloud Configuration server. While this module is primarily useful when inside the Spring Cloud Configuration server, it nonetheless may also be used inside a CAS server overlay directly to fetch settings from a source.
Needless to say, the repositories could use both YAML and properties syntax to host configuration files.
The default profile is activated using spring.profiles.active=default
.
Again, in all of the above strategies, an adopter is encouraged to only keep and maintain properties needed for their particular deployment. It is UNNECESSARY to grab a copy of all CAS settings and move them to an external location. Settings that are defined by the external configuration location or repository are able to override what is provided by CAS as a default.
Load settings from external properties/yaml configuration files.
The following settings and properties are available from the CAS configuration catalog:
- Required
- Optional
- Signing & Encryption
- Hibernate & JDBC
- Email Servers
- Groovy Scripting
- LDAP & Active Directory
- Authentication
- Password Encoding
- Principal Transformation
- Password Policy
- Third Party
- Notes
spring.cloud.config.server.default-application-name=application
Default application name when incoming requests do not have a specific one.
CAS Property:
|
1 |
spring.cloud.config.server.default-application-name=application |
1
spring:
cloud:
config:
server:
default-application-name: "application"
1
java -Dspring.cloud.config.server.default-application-name="application" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_DEFAULT_APPLICATION_NAME="application"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.default-application-name="application"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.default-label=
Default repository label when incoming requests do not have a specific label.
org.springframework.cloud.config.server.config.ConfigServerProperties.
CAS Property: spring.cloud.config.server.default-label
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.default-label=...
1
spring:
cloud:
config:
server:
default-label: "..."
1
java -Dspring.cloud.config.server.default-label="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_DEFAULT_LABEL="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.default-label="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.default-profile=default
Default application profile when incoming requests do not have a specific one.
org.springframework.cloud.config.server.config.ConfigServerProperties.
CAS Property: spring.cloud.config.server.default-profile
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.default-profile=default
1
spring:
cloud:
config:
server:
default-profile: "default"
1
java -Dspring.cloud.config.server.default-profile="default" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_DEFAULT_PROFILE="default"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.default-profile="default"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.profiles.active=
Comma-separated list of active profiles. Can be overridden by a command line switch.
org.springframework.boot.context.config.Profiles.
CAS Property: spring.profiles.active
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.profiles.active=...
1
spring:
profiles:
active: "..."
1
java -Dspring.profiles.active="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_PROFILES_ACTIVE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.profiles.active="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
Configuration Metadata
The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.
Be Selective
This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.
YAGNI
Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.
Naming Convention
Property names can be specified in very relaxed terms. For instance cas.someProperty
, cas.some-property
, cas.some_property
are all valid names. While all
forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where
this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those
that might be presented to the system via an external library or framework such as Spring Boot, etc.
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas
. All other settings are controlled and provided
to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with
the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition
or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the
way you intend.
Validation
Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.
Indexed Settings
CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value
. The index [0]
is meant to be
incremented by the adopter to allow for distinct multiple configuration blocks.
Git Repository
Allow the CAS Spring Cloud configuration server to load settings from an internal/external Git repository. This then allows CAS to become a client of the configuration server, consuming settings over HTTP where needed.
The following settings and properties are available from the CAS configuration catalog:
- Required
- Optional
- Signing & Encryption
- Hibernate & JDBC
- Email Servers
- Groovy Scripting
- LDAP & Active Directory
- Authentication
- Password Encoding
- Principal Transformation
- Password Policy
- Third Party
- Notes
spring.cloud.config.server.git.basedir=
Base directory for local working copy of repository.
CAS Property:
|
1 |
spring.cloud.config.server.git.basedir=... |
1
spring:
cloud:
config:
server:
git:
basedir: "..."
1
java -Dspring.cloud.config.server.git.basedir="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_BASEDIR="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.basedir="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.clone-on-start=false
Flag to indicate that the repository should be cloned on startup (not on demand). Generally leads to slower startup but faster first query.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.clone-on-start
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.clone-on-start=...
1
spring:
cloud:
config:
server:
git:
clone-on-start: "..."
1
java -Dspring.cloud.config.server.git.clone-on-start="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_CLONE_ON_START="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.clone-on-start="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.clone-submodules=false
Flag to indicate that the submodules in the repository should be cloned.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.clone-submodules
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.clone-submodules=...
1
spring:
cloud:
config:
server:
git:
clone-submodules: "..."
1
java -Dspring.cloud.config.server.git.clone-submodules="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_CLONE_SUBMODULES="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.clone-submodules="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.default-label=
The default label to be used with the remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.default-label
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.default-label=...
1
spring:
cloud:
config:
server:
git:
default-label: "..."
1
java -Dspring.cloud.config.server.git.default-label="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_DEFAULT_LABEL="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.default-label="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.delete-untracked-branches=false
Flag to indicate that the branch should be deleted locally if it's origin tracked branch was removed.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.delete-untracked-branches
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.delete-untracked-branches=...
1
spring:
cloud:
config:
server:
git:
delete-untracked-branches: "..."
1
java -Dspring.cloud.config.server.git.delete-untracked-branches="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_DELETE_UNTRACKED_BRANCHES="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.delete-untracked-branches="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.force-pull=false
Flag to indicate that the repository should force pull. If true discard any local changes and take from remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.force-pull
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.force-pull=...
1
spring:
cloud:
config:
server:
git:
force-pull: "..."
1
java -Dspring.cloud.config.server.git.force-pull="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_FORCE_PULL="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.force-pull="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.host-key=
Valid SSH host key. Must be set if hostKeyAlgorithm is also set.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.host-key
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.host-key=...
1
spring:
cloud:
config:
server:
git:
host-key: "..."
1
java -Dspring.cloud.config.server.git.host-key="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_HOST_KEY="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.host-key="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.host-key-algorithm=
One of ssh-dss, ssh-rsa, ssh-ed25519, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521. Must be set if hostKey is also set.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.host-key-algorithm
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.host-key-algorithm=...
1
spring:
cloud:
config:
server:
git:
host-key-algorithm: "..."
1
java -Dspring.cloud.config.server.git.host-key-algorithm="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_HOST_KEY_ALGORITHM="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.host-key-algorithm="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.ignore-local-ssh-settings=false
If true, use property-based instead of file-based SSH config.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.ignore-local-ssh-settings
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.ignore-local-ssh-settings=...
1
spring:
cloud:
config:
server:
git:
ignore-local-ssh-settings: "..."
1
java -Dspring.cloud.config.server.git.ignore-local-ssh-settings="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_IGNORE_LOCAL_SSH_SETTINGS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.ignore-local-ssh-settings="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.known-hosts-file=
Location of custom .known_hosts file.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.known-hosts-file
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.known-hosts-file=...
1
spring:
cloud:
config:
server:
git:
known-hosts-file: "..."
1
java -Dspring.cloud.config.server.git.known-hosts-file="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_KNOWN_HOSTS_FILE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.known-hosts-file="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.order=
The order of the environment repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.order
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.order=...
1
spring:
cloud:
config:
server:
git:
order: "..."
1
java -Dspring.cloud.config.server.git.order="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_ORDER="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.order="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.passphrase=
Passphrase for unlocking your ssh private key.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.passphrase
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.passphrase=...
1
spring:
cloud:
config:
server:
git:
passphrase: "..."
1
java -Dspring.cloud.config.server.git.passphrase="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PASSPHRASE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.passphrase="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.password=
Password for authentication with remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.password
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.password=...
1
spring:
cloud:
config:
server:
git:
password: "..."
1
java -Dspring.cloud.config.server.git.password="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PASSWORD="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.password="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.preferred-authentications=
Override server authentication method order. This should allow for evading login prompts if server has keyboard-interactive authentication before the publickey method.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.preferred-authentications
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.preferred-authentications=...
1
spring:
cloud:
config:
server:
git:
preferred-authentications: "..."
1
java -Dspring.cloud.config.server.git.preferred-authentications="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PREFERRED_AUTHENTICATIONS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.preferred-authentications="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.private-key=
Valid SSH private key. Must be set if ignoreLocalSshSettings is true and Git URI is SSH format.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.private-key
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.private-key=...
1
spring:
cloud:
config:
server:
git:
private-key: "..."
1
java -Dspring.cloud.config.server.git.private-key="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PRIVATE_KEY="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.private-key="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.proxy=
HTTP proxy configuration.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.proxy
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.proxy=...
1
spring:
cloud:
config:
server:
git:
proxy: "..."
1
java -Dspring.cloud.config.server.git.proxy="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_PROXY="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.proxy="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.refresh-rate=0
Time (in seconds) between refresh of the git repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.refresh-rate
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.refresh-rate=0
1
spring:
cloud:
config:
server:
git:
refresh-rate: "0"
1
java -Dspring.cloud.config.server.git.refresh-rate="0" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_REFRESH_RATE="0"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.refresh-rate="0"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.repos=
Map of repository identifier to location and other properties.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.repos
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.repos=...
1
spring:
cloud:
config:
server:
git:
repos: "..."
1
java -Dspring.cloud.config.server.git.repos="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_REPOS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.repos="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.search-paths=
Search paths to use within local working copy. By default searches only the root.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.search-paths
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.search-paths=...
1
spring:
cloud:
config:
server:
git:
search-paths: "..."
1
java -Dspring.cloud.config.server.git.search-paths="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_SEARCH_PATHS="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.search-paths="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.skip-ssl-validation=false
Flag to indicate that SSL certificate validation should be bypassed when communicating with a repository served over an HTTPS connection.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.skip-ssl-validation
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.skip-ssl-validation=...
1
spring:
cloud:
config:
server:
git:
skip-ssl-validation: "..."
1
java -Dspring.cloud.config.server.git.skip-ssl-validation="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_SKIP_SSL_VALIDATION="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.skip-ssl-validation="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.strict-host-key-checking=true
If false, ignore errors with host key.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.strict-host-key-checking
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.strict-host-key-checking=true
1
spring:
cloud:
config:
server:
git:
strict-host-key-checking: "true"
1
java -Dspring.cloud.config.server.git.strict-host-key-checking="true" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_STRICT_HOST_KEY_CHECKING="true"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.strict-host-key-checking="true"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.timeout=5
Timeout (in seconds) for obtaining HTTP or SSH connection (if applicable), defaults to 5 seconds.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.timeout
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.timeout=5
1
spring:
cloud:
config:
server:
git:
timeout: "5"
1
java -Dspring.cloud.config.server.git.timeout="5" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_TIMEOUT="5"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.timeout="5"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.try-master-branch=true
To maintain compatibility we will try the master branch in addition to main when we try to fetch the default branch.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.try-master-branch
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.try-master-branch=true
1
spring:
cloud:
config:
server:
git:
try-master-branch: "true"
1
java -Dspring.cloud.config.server.git.try-master-branch="true" -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_TRY_MASTER_BRANCH="true"
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.try-master-branch="true"
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.uri=
URI of remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.uri
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.uri=...
1
spring:
cloud:
config:
server:
git:
uri: "..."
1
java -Dspring.cloud.config.server.git.uri="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_URI="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.uri="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.cloud.config.server.git.username=
Username for authentication with remote repository.
org.springframework.cloud.config.server.environment.MultipleJGitEnvironmentProperties.
CAS Property: spring.cloud.config.server.git.username
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.cloud.config.server.git.username=...
1
spring:
cloud:
config:
server:
git:
username: "..."
1
java -Dspring.cloud.config.server.git.username="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_CLOUD_CONFIG_SERVER_GIT_USERNAME="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.cloud.config.server.git.username="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
spring.profiles.active=
Comma-separated list of active profiles. Can be overridden by a command line switch.
org.springframework.boot.context.config.Profiles.
CAS Property: spring.profiles.active
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
.properties
files:
1
spring.profiles.active=...
1
spring:
profiles:
active: "..."
1
java -Dspring.profiles.active="..." -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory. Note the placement of the system property which must be
specified before the CAS web application is launched.
1
2
3
export SPRING_PROFILES_ACTIVE="..."
java -jar build/libs/cas.war
cas.war
with an embedded server container and can be found in the build/libs
directory.
1
java -jar build/libs/cas.war --spring.profiles.active="..."
cas.war
with an embedded server container and can be found in the build/libs
directory.
Configuration Metadata
The collection of configuration properties listed in this section are automatically generated from the CAS source and components that contain the actual field definitions, types, descriptions, modules, etc. This metadata may not always be 100% accurate, or could be lacking details and sufficient explanations.
Be Selective
This section is meant as a guide only. Do NOT copy/paste the entire collection of settings into your CAS configuration; rather pick only the properties that you need. Do NOT enable settings unless you are certain of their purpose and do NOT copy settings into your configuration only to keep them as reference. All these ideas lead to upgrade headaches, maintenance nightmares and premature aging.
YAGNI
Note that for nearly ALL use cases, declaring and configuring properties listed here is sufficient. You should NOT have to explicitly massage a CAS XML/Java/etc configuration file to design an authentication handler, create attribute release policies, etc. CAS at runtime will auto-configure all required changes for you. If you are unsure about the meaning of a given CAS setting, do NOT turn it on without hesitation. Review the codebase or better yet, ask questions to clarify the intended behavior.
Naming Convention
Property names can be specified in very relaxed terms. For instance cas.someProperty
, cas.some-property
, cas.some_property
are all valid names. While all
forms are accepted by CAS, there are certain components (in CAS and other frameworks used) whose activation at runtime is conditional on a property value, where
this property is required to have been specified in CAS configuration using kebab case. This is both true for properties that are owned by CAS as well as those
that might be presented to the system via an external library or framework such as Spring Boot, etc.
When possible, properties should be stored in lower-case kebab format, such as cas.property-name=value
.
The only possible exception to this rule is when naming actuator endpoints; The name of the
actuator endpoints (i.e. ssoSessions
) MUST remain in camelCase mode.
Settings and properties that are controlled by the CAS platform directly always begin with the prefix cas
. All other settings are controlled and provided
to CAS via other underlying frameworks and may have their own schemas and syntax. BE CAREFUL with
the distinction. Unrecognized properties are rejected by CAS and/or frameworks upon which CAS depends. This means if you somehow misspell a property definition
or fail to adhere to the dot-notation syntax and such, your setting is entirely refused by CAS and likely the feature it controls will never be activated in the
way you intend.
Validation
Configuration properties are automatically validated on CAS startup to report issues with configuration binding, specially if defined CAS settings cannot be recognized or validated by the configuration schema. Additional validation processes are also handled via Configuration Metadata and property migrations applied automatically on startup by Spring Boot and family.
Indexed Settings
CAS settings able to accept multiple values are typically documented with an index, such as cas.some.setting[0]=value
. The index [0]
is meant to be
incremented by the adopter to allow for distinct multiple configuration blocks.
The above configuration also applies to online git-based repositories such as GitHub, Bitbucket, etc.