#
# xnat-openid-auth-plugin: openid-provider-sample-AAF.properties
#
# Copy to $XNAT_HOME/config/auth as 'openid-provider.properties'
#
#
# Needs to be 'openid'
auth.method=openid
type=openid
visible=true
auto.enabled=true
auto.verified=true
# Name displayed in the UI
name=OpenID Authentication Provider
# Toggle username & password login visibility
disableUsernamePasswordLogin=false
# List of providers that appear on the login page, see options below.
enabled=aaf
# Site URL - the main domain, needed to build the pre-established URL below.
siteUrl=
preEstablishedRedirUri=/openid-login
# AAF OpenID
openid.aaf.clientId=
openid.aaf.clientSecret=
openid.aaf.scopes=openid,profile,email
openid.aaf.link=<p>To sign-in using your AAF credentials, please click on the button below.</p><p><a href="/openid-login?providerId=aaf"><img src="/images/aaf_service_223x54.png" /></a></p>
# Flag that sets if we should be checking email domains
openid.aaf.shouldFilterEmailDomains=true
# Domains below are allowed to login, only checked when 'shouldFilterEmailDomains' is true
# Flag to force the user creation process, normally this should be set to true
openid.aaf.forceUserCreate=true
# Flag to set the enabled property of new users, set to false to allow admins to manually enable users before allowing logins, set to true to allow access right away
openid.aaf.userAutoEnabled=false
# Flag to set the verified property of new users
openid.aaf.userAutoVerified=false
# Property names to use when creating users
openid.aaf.emailProperty=email
openid.aaf.givenNameProperty=name
openid.aaf.familyNameProperty=deliberately_unknown_property