Task 4: Configuring and Starting Authorization Service
- Procedure
-
Before starting the Authorization service, configure the application properties from the following table in
$OPE_HOME/roles/authorization-service/standalone/config/application.properties
file. To update the properties, you can refer to the sample file present under$OPE_HOME/samples/authorization-services
directory for Oracle and PostgreSQL as per your requirement. The default values are set for PostgreSQL.Category Element Default Value General server.port 9091 amPluggableCache Relational default.tenant.id TIBCO auth.superuser.appId auth auth.superuser.appKey ENC(P2yXphz4OVM=)
Note: It is a good practice to change this default value and set your own key in an encrypted value. Refer 'Encrypt Password Utility' section in TIBCO® Offer and Price Engine Security Guidelines.allowedUserRoles ROLE_ADMIN,ROLE_USER Relational Database Connection Properties datasourceDriverClassName org.postgresql.Driver adminDsUrl jdbc:postgresql://localhost:5432/admindbll?currentSchema=adminschemall adminDsUsername adminuserll adminDsPassword ENC(O4UrXXgTEmyecFyHLo+Ivw==) hibernateDialect org.hibernate.dialect.PostgreSQLDialect hibernateDsDefaults false adminHibernateShowSql
false adminDsInitialSize= 10 adminDsMaxWait
30000 adminDsMaxActive
100 adminDsMaxIdle 100 adminDsMinIdle
10 datasourceValidationQuery
SELECT 1 adminDsTestOnBorrow true adminDsValidationInterval 5000 Directory Service Configurations directoryServiceDomainName testad.com directoryServiceRootDistinguishedName DC=testad,DC=com ldapURLForDirectoryService ldap://localhost:389 Actuator Endpoints Properties management.endpoints.web.exposure.include health,ready,loggers Authentication Token Generation Configuration authentication.token.signing.key ENC(nSa0k6lmjPPN8ZA5SO6BpQ==) authorization.access.token.validity 43200 authorization.refresh.token.validity 2592000 authorized.client.id order-management-client authorized.client.secret ENC(ggsmFvh5HBbeSD1j+l5Y0rP4qv0rJvEm) allowedCorsOrigins http://localhost:9091,http://localhost:9090,http://localhost:9092,http://localhost:9094,
http://localhost:9099,http://localhost:9095,http://localhost:9102,http://localhost:9100,
http://localhost:9093,http://localhost:9089,http://localhost:9104,http://localhost:8090,
http://localhost:8093,http://localhost:8090 - Start the authorization service by running the
start.sh
script from the$OPE_HOME/roles/authorization-service/standalone/bin
location.