Skip to content
This repository has been archived by the owner on Oct 12, 2022. It is now read-only.

Using jans cli for Janssen Configuration

HemantKMehta edited this page Jan 22, 2021 · 1 revision

Janssen project introduces jans-cli, a Command Line Interface (CLI) for configuration. This interface supports the following two modes to configure  Janssen:

  1. Interactive Mode (Menu Driven) and
  2. Command Line Argument Mode

This will be a series of pages focusing on using jans-cli to configure Janssen. This is a simple interface, and its operations are intuitive. To make it further easier, this page mainly discusses the common details applicable to all configuration settings.    

  1. jans-cli has two levels of the menu and at the level one, it has the following configuration option:      

    Main Menu

    ------- -------

     1 Attribute
    
     2 Default Authentication Method
    
     3 Cache Configuration
    
     4 Cache Configuration – Memcached
    
     5 Cache Configuration – Redis
    
     6 Cache Configuration – in-Memory
    
     7 Cache Configuration – Native-Persistence
    
     8 Configuration – Properties
    
     9 Configuration – Fido2
    
     10 Configuration – SMTP
    
     11 Configuration – Logging
    
     12 Configuration – JWK - JSON Web Key (JWK)
    
     13 Custom Scripts
    
     14 Database - LDAP configuration
    
     15 Database - Couchbase configuration
    
     16 OAuth - OpenID Connect - Clients
    
     17 OAuth - OpenID Connect - Sector Identifiers
    
     18 OAuth - UMA Resources
    
     19 OAuth - Scopes
    
  2. On the next level, each of these categories has a smaller sub-menu to manage (retrieve, add, update and/ or delete) configuration settings related to the particular category. Each option has a number in the menu, and to select a particular option, the user should input the corresponding number.

  3. The brief description and expected datatype (string, boolean, integer etc.) of each prompted value are displayed for the user’s information.

  4. There will be several fields that will accept any value of a given type for the input field, like name, description. In contrast, some fields will accept values from a predefined set of values, like the script's programming language can only be either PYTHON or JAVASCRIPT. The correct value of the dataType field of an attribute should be one of the STRING, NUMERIC, BOOLEAN, BINARY, CERTIFICATE, DATE, and JSON. Similarly scriptType field can only have any one value out of the PERSON_AUTHENTICATION, INTROSPECTION, RESOURCE_OWNER_PASSWORD_CREDENTIALS, APPLICATION_SESSION, CACHE_REFRESH, UPDATE_USER, USER_REGISTRATION, CLIENT_REGISTRATION, ID_GENERATOR, UMA_RPT_POLICY, UMA_RPT_CLAIMS, UMA_CLAIMS_GATHERING, CONSENT_GATHERING, DYNAMIC_SCOPE, SPONTANEOUS_SCOPE, END_SESSION, POST_AUTHN, SCIM, CIBA_END_USER_NOTIFICATION, PERSISTENCE_EXTENSION and IDP.

    Note: These fields are case sensitive, and correct values will be in uppercase. There is no need to remember these values, jans-cli will display all the correct possible values if a user inputs a wrong value for any of these fields.

  5. A boolean value may take _true or _false as value (note the underscore before true/ false).

  6. There is a special option to read value for a question from a file using _file tag. This option is the most suitable choice to input the large text (e.g., interception script source code or JSON file content). To use this option input _file /path/of/file e.g. _file /home/user/interceptionscript.py.

  7. jans-cli will display the Default value (if any)  of the input fields after the field name and before the colon symbol.

    «Script level. Type: integer»

    level  [1]:

    «boolean value indicating if script enabled. Type: boolean»

    enabled  [false]: To accept the default value, press enter key and input a new value followed by enter key to change it.

  8. Just after completion of an operation from sub-menu the user can select further operations from the sub-menu and there may be up to three additional choices q, b, and w. Where q stands for Quit, b for back to the previous menu, and w to write the displayed information to a file. Upon selecting the w choice, the file name will be prompted.

  9. While adding or updating a configuration setting after getting answers to all the questions, jans-cli will display all the input values and ask for the user’s confirmation to continue the selected operation with these values.

  10. If you select to delete any configuration setting, you will be asked for its inum and then prompted for confirmation of the deletion (only once), and then the deletion will be performed.