Security Configuration Reference
General
security.allow_anonymous_user
Since v0.8.8
Defines whether Bondy allows the anonymous user.
WARNING
We strongly recommend disabling anonymous for production use or at least restrict the network locations from which an anonymous connection can be established. See Source API documentation reference.
Notice that disabling the anonymous disables the anonymous authentication method as an option for Authentication and Authorization.
security.automatically_create_realms
Since v0.8.8
Defines whether Bondy creates a new realm when a session wants to attach to a non existing realm.
WARNING
We strongly recommend to disable this option and only enable it for development or testing purposes.
Password options
Options used by those authentication methods based on password.
security.password.protocol
Since v0.9.0
Defines the default password protocol to be used for new user password creation. Notice the user API allows a caller to define the protocol to be used. This default is used when the caller does not specify a protocol.
security.password.protocol.upgrade.enabled
Since v0.9.0
Controls whether a password protocol upgrade is performed during password migrations. A password migration occurs when Bondy changes the internal representation of the password object to accommodate new protocols, features or bug fixes. Normally some of this changes can be done without user input, but when these changes include a re-calculation of the salted hash they can only happened during authentication or when the user changes the password.
If this option is set to on, then Bondy will try to upgrade the password protocol of an existing password to the protocol defined by the security.password.protocol option using the default parameters defined in the security.password.{SelectedProtocol}.{Option} options.
security.password.min_length
Since v0.9.0
Defines the minimum length for newly created passwords. The value should be at least 6 and at most 254.
security.password.max_length
Since v0.9.0
Defines the maximum length for newly created passwords. The value should be at least 6 and at most 254.
security.password.scram.kdf
Since v0.9.0
Defines the default key derivation function (KDF) to be used with SCRAM.
security.password.cra.kdf
Since v0.9.0
Defines the default key derivation function (KDF) to be used with CRA. The only option is pbkdf2.
security.password.pbkdf2.iterations
Since v0.9.0
Defines the default number of iterations to be used with the pbkdf2 key derivation function. It should be an integer in the range 4096..65536.
security.password.argon2id13.iterations
Since v0.9.0
Defines the default iterations to be used with the argon2id13 key derivation function. It should be an integer in the range 4096..4294967295 or one of the following named alias configuration:
interactive(2)moderate(3)sensitive(4)
security.password.argon2id13.memory
Since v0.9.0
Defines the default memory to be used with the argon2id13 key derivation function. It should be an integer in the range 8192..1073741824 or a named alias configuration:
interactive(64MB)moderate(256MB)sensitive(1GB)
Notice
The underlying library allows up to 4398046510080 (3.9 TB) but we have restricted this value to avoid a configuration error to enable a DoS attack.
Authentication: OAuth2
oauth2.client_credentials_grant.duration
Since N/A
oauth2.code_grant.duration
Since N/A
oauth2.config_file
Since N/A
oauth2.password_grant.duration
Since N/A
oauth2.refresh_token.duration
Since N/A
oauth2.refresh_token.length
Since N/A
Authentication: Ticket
security.ticket.authmethods
Since v0.9.0
Defines the a comma separated list of authentication methods that a user can use to establish a session that is allowed to issue tickets to be used with 'ticket' authentication.
The possible values are the names of the authentication methods:
- "cryptosign"
- "password"
- "ticket"
- "tls"
- "trust"
- "wamp-scram"
- "wampcra"
The option also allows a single value "all" in which case all the methods above will be allowed.
Notice
"anonymous" and "oauth2" methods are NOT allowed in this list as they are incompatible with the idea of tickets.
security.ticket.allow_not_found
Since v0.9.0
Defines whether Bondy will allow a valid ticket to be used for authentication when a local copy of the ticket has not been found in storage. This might happen if the ticket data has not yet been synchronised to the node handling the authentication request.
security.ticket.expiry_time
Since v0.9.0
The default expiration time on or after which authentication ticket MUST NOT be accepted for processing.
security.ticket.max_expiry_time
Since v0.9.0
The maximum expiration time on or after which authentication ticket MUST NOT be accepted for processing.
security.ticket.scope.local.persistence
Since v0.9.0
Controls whether local scope tickets are persistent. If enabled the ticket will be stored in Bondy's database. Otherwise the ticket is not stored.
security.ticket.scope.sso.persistence
Since v0.9.0
Controls whether SSO scope tickets are persistent. If enabled the ticket will be stored in Bondy's database. Otherwise the ticket is not stored.
security.ticket.scope.client_local.persistence
Since v0.9.0
Controls whether client-local scope tickets are persistent. If enabled the ticket will be stored in Bondy's database. Otherwise the ticket is not stored.
security.ticket.scope.client_sso.persistence
Since v0.9.0
Controls whether client-SSO scope tickets are persistent. If enabled the ticket will be stored in Bondy's database. Otherwise the ticket is not stored.
Realm Static Configuration
security.config_file
Since v0.8.8
The filename of a security JSON configuration file, which allows you to statically configure realms and its users, groups, sources and permissions.
Bondy Security can be completely configured dynamically via API, read more about this in the Security section.
This options is for those cases when you want to ensure a given configuration is applied every time Bondy restarts.