Ping Identity PingAuthorize Server - Console Web Application Extension

PingAuthorize Server Documentation Index
Configuration Reference Home

Console Web Application Extension

The Console Web Application Extension provides configuration for the hosted Administrative Console web application.

↓Parent Component
↓Relations from This Component
↓Properties
↓dsconfig Usage

Parent Component

The Console Web Application Extension component inherits from the Web Application Extension

Relations from This Component

The following components have a direct aggregation relation from Console Web Application Extensions:

Passphrase Provider

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	None
↓ base-context-path
↓ war-file
↓ document-root-directory
↓ deployment-descriptor-file
↓ temporary-directory
↓ init-parameter
↓ sso-enabled
↓ oidc-client-id
↓ oidc-client-secret
↓ oidc-client-secret-passphrase-provider
↓ oidc-issuer-url
↓ oidc-trust-store-file
↓ oidc-trust-store-type
↓ oidc-strict-hostname-verification
↓ oidc-trust-all
↓ ldap-server
↓ trust-store-file
↓ trust-store-type
↓ log-file
↓ complexity

Basic Properties

description

Description	A description for this Web Application Extension
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

base-context-path

Description	Specifies the base context path that should be used by HTTP clients to reference content. The value must start with a forward slash and at least one additional character and must represent a valid HTTP context path.
Default Value	None
Allowed Values	The value must start with a forward slash and at least one additional character and must represent a valid HTTP context path.
Multi-Valued	No
Required	Yes
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

war-file

Description	Specifies the path to a standard web application archive (WAR) file.
Default Value	None
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

document-root-directory

Description	Specifies the path to the directory on the local filesystem containing the files to be served by this Web Application Extension. The path must exist, and it must be a directory.
Default Value	None
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

deployment-descriptor-file

Description	Specifies the path to the deployment descriptor file when used with document-root-directory.
Default Value	Located under the document-root-directory at WEB-INF/web.xml.
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

temporary-directory

Description	Specifies the path to the directory that may be used to store temporary files such as extracted WAR files and compiled JSP files.
Default Value	A temporary directory will be chosen by the server based on environment settings.
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

init-parameter

Description	Specifies an initialization parameter to pass into the web application during startup.
Default Value	None
Allowed Values	A 'key=value' pair to specify as an init-parameter.
Multi-Valued	Yes
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

sso-enabled

Description	Indicates that SSO login into the Administrative Console is enabled.
Default Value	false
Allowed Values	true false
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-client-id

Description	The client ID to use when authenticating to the OpenID Connect provider.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-client-secret

Description	The client secret to use when authenticating to the OpenID Connect provider.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-client-secret-passphrase-provider

Description	A passphrase provider that may be used to obtain the client secret to use when authenticating to the OpenID Connect provider.
Default Value	None
Allowed Values	The DN of any Passphrase Provider.
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-issuer-url

Description	The issuer URL of the OpenID Connect provider.
Default Value	None
Allowed Values	An absolute URL, or a relative URL
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-trust-store-file

Description	Specifies the path to the truststore file used by this application to evaluate OIDC provider certificates. If this field is left blank, the default JVM trust store will be used.
Default Value	None
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-trust-store-type

Description	Specifies the format for the data in the OIDC trust store file. Valid values always include 'JKS' and 'PKCS12', but different implementations can allow other values as well. If no value is provided, then the JVM default, typically 'JKS' is used.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-strict-hostname-verification

Description	Controls whether or not hostname verification is performed, which checks if the hostname of the OIDC provider matches the name(s) stored inside the certificate it provides. This property should only be set to false for testing purposes.
Default Value	true
Allowed Values	true false
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

oidc-trust-all

Description	Controls whether or not this application will always trust any certificate that is presented to it, regardless of its contents. This property should only be set to true for testing purposes.
Default Value	false
Allowed Values	true false
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

ldap-server

Description	The LDAP URL used to connect to the managed server. When specified, the Administrative Console connects to this server during login. When not specified, the user is prompted for the LDAP server.
Default Value	The user is required to supply an LDAP URL at login time.
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

trust-store-file

Description	Specifies the path to the truststore file, which is used by this application to establish trust of managed servers.
Default Value	None
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

trust-store-type

Description	Specifies the format for the data in the trust store file. Valid values always include 'JKS' and 'PKCS12', but different implementations can allow other values as well. If no value is provided, then the JVM default, typically 'JKS' is used.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

log-file

Description	The path to the log file for the web application.
Default Value	No logging is performed.
Allowed Values	A filesystem path
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

complexity

Description	Specifies the maximum complexity level for managed configuration elements.
Default Value	advanced
Allowed Values	basic - Only basic configuration elements are shown. standard - Standard and basic configuration elements are shown. advanced - Advanced, standard, and basic configuration elements are shown. expert - All configuration is shown, including expert-level elements.
Multi-Valued	No
Required	No
Admin Action Required	For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

dsconfig Usage

To list the configured Web Application Extensions:

dsconfig list-web-application-extensions
     [--property {propertyName}] ...

To view the configuration for an existing Web Application Extension:

dsconfig get-web-application-extension-prop
     --extension-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Web Application Extension:

dsconfig set-web-application-extension-prop
     --extension-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...