Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To enable the Authorization Server, refer to the following steps:

  1. Examine the authorizationthe authorization-server.properties file and ensure that all the relevant parameters and values are set correctly. The authorization-server.properties The file is located in "<mz9>at $MZ_HOME/etc/authorization-server/authorization-server.properties".

    Code Blockenabled=false # -------------------------------------------------------------------------------- # Storage Properties # -------------------------------------------------------------------------------- # Only used when storage type is "database". PostgreSQL or Oracle DB only storage.database.profile-name=<Path.DBProfileName> storage.database.poolsize=8 # Only used when storage type is "file-based" storage.

    . Please note that if you are using ‘file-based’ as storage, you do not need to manually create the folder as specified in storage.file-based.storage-location

    =/path/to/file/storage # The storage type can be either "file-based" or "database" storage.type=file-based # -------------------------------------------------------------------------------- # Server Properties # -------------------------------------------------------------------------------- # Validity period in seconds for access token generated server.access-token-expiry=1800 # -------------------------------------------------------------------------------- # Management Api Properties # -------------------------------------------------------------------------------- management-api.enable-basic-auth=true # HTTP Basic Authentication Password management-api.password=<password> # HTTP Basic Authentication Username management-api.username=< # -------------------------------------------------------------------------------- # JSON Web Token (JWT) Properties # -------------------------------------------------------------------------------- jwt.key-id=jwt jwt.key-password=<password> jwt.keystore-location=/path/to/keystore jwt.keystore-password=<password> # Only RS256, RS384 and RS512 are supported jwt.signature-algorithm=RS256

    The following is an example of parameters that have been configured accordingly to the requirements. 

    Code Block
    enabled=true
    
    # --------------------------------------------------------------------------------
    # Storage Properties
    # --------------------------------------------------------------------------------
    # Only used when storage type is "database". PostgreSQL or Oracle DB only
    storage.database.profile-name=<Path.DBProfileName>
    storage.database.poolsize=8
    # Only used when storage type is "file-based"
    storage.file-based.storage-location=/Users/limyizhan/Workspace/mz9/mz-drx/mediationzone/storage/oauth2.storage
    # The storage type can be either "file-based" or "database"
    storage.type=file-based
    
    # --------------------------------------------------------------------------------
    # Server Properties
    # --------------------------------------------------------------------------------
    # Validity period in seconds for access token generated
    server.access-token-expiry=1800
    
    # --------------------------------------------------------------------------------
    # Management Api Properties
    # --------------------------------------------------------------------------------
    management-api.enable-basic-auth=true
    # HTTP Basic Authentication Password
    management-api.password=DR-4-6912EB66E4E5FDF6035DBF848195669A
    # HTTP Basic Authentication Username
    management-api.username=mzadmin
    
    # --------------------------------------------------------------------------------
    # JSON Web Token (JWT) Properties
    # --------------------------------------------------------------------------------
    jwt.key-id=selfsigned
    jwt.key-password=DR-4-6912EB66E4E5FDF6035DBF848195669A
    jwt.keystore-location=/Users/limyizhan/Downloads/keystore_server.jks
    jwt.keystore-password=DR-4-6912EB66E4E5FDF6035DBF848195669A
    # Only RS256, RS384 and RS512 are supported
    jwt.signature-algorithm=RS256
    }'

    , as it will be automatically created during platform startup.

    See Authorization Server Properties for an example of the parameters.

  2. Startup the platform to enable the Authorization Server.

    Code Block
    $ mzsh startup platform

To enable the https for Authorization Server, refer to see HTTP Encryption.