...
- The variable compile.dir is the base directory of the Ubisecure SSO installation, e.g., C:\Program Files\Ubisecure\ubilogin-sso\ubilogin.
Processing suffixes
Variable suffixes in the macro language may or may not contain special processing rules. If a variable ends with a special processing suffix, the preceding string is evaluated recursively and then the final processing suffix is applied to the current value. Processing suffixes are, as follows:
| Suffix | Description | Example | Produces |
|---|---|---|---|
| .host.dn | This can be appended to a variable that contains a fully qualified domain name (FQDN). Appending the suffix will transform the variable to a X.509 Distinguished Name. | uas.url = https://www.example.org:8443/ | uas.url.host.dn→ dc=www,dc=example,dc=org |
| .url.host | This can be appended to a URL and it will parse the FQDN from the URL string. | uas.url = https://www.example.org:8443/ example = @uas.url.host@ | example → www.example.org |
| .base64 | This suffix can be appended to any text string. It will take the original text and base64 encode it. | uas.url = https://www.example.org:8443/ example = @uas.url.base64@ | example → aHR0cHM6Ly93d3cuZXhhbXBsZS5vcmc6ODQ0My8= |
| .password | Appending this suffix to any variable, will cause the value to be autogenerated if it is left empty. Non-empty variables will be preserved as-is. Generation will ensure that the generated 24-character string will hold following character classes:
The generated passwords are reduced so that the do not contain letters or numbers that can easily be mistaken for one-another. | example.password = | example.password → aB123cD4ffZZ |
| .secret | Appending this suffix to any variable will cause the value to be automatically generated if it is left empty. Non-empty variables will be preserved as-is. Generation will ensure that the generated 24-character string will hold following character classes .
| example.password = | example.password → )aesw-r46AA&a1a2BDKjAQQ! |
| .encrypt | Appending this suffix to any variable, will encrypt the preceding, evaluated value with the shared secret from the master.secret variable. | example.password = secret example = @example.password.encrypt@ | example → {3DES}jq7UmTE7iUs= |
| .digest | Appending this suffix to any variable, will creates a digested value of the preceding evaluated variable. | example.secret = secret example = @example.secret.digest@ | example → {SSHA}DuOQ/St6IjMHWXkvS3jQ7SETSNg5CUCc6Qkbmw== |
| .password.encoding | This suffix can be appended to a variable ending with ".password", this will ensure that a certain algorithm be applied to the .digest or .password suffixes. Possible values are:
| example.password.encoding={MD4} example.password = secret example.password2.encoding={3DES} | @example.password.digest@ → {MD4}h42AFGBs2ilnekTvoTU/xw== @example.password.encrypt@ → {3DES}bk8jbCfyChU= |
| .uuid | Appending this suffix to a variable name - that has no existing function nor value - will cause an uuid to be generated. | example.uuid = | example.uuid → abcd1234:ab12:ab12:ab12:abcd1234abcd |
| .urn:uuid | Similar as the ".uuid" suffix, but in this case the generated value will be prefixed by a "urn:uuid:" string | example.urn\:uuid = | example.urn:uuid → urn:uuid:abcd1234:ab12:ab12:ab12:abcd1234abcd |
| .esc | Appending this to a variable will cause the underlying generated value to have its following characters escaped with a "\" character.
| example = http://example.com?one=two | @example.esc@ → http\://example.com?one\=two |
| ./ | Appending this suffix to a variable will cause the value to have all its backslashes replaced with forward slashes. | example = something\else | @example./@ → something/else |
| .& | Appending this suffix to a variable will cause the value to have all its "&", "<" and ">" characters to be XML encoded. | example = <element>&</element> | @example.&@ → <element>&</element> |
| .% | Appending this suffix to a variable will cause the value to be URL encoded. | example = http://www.example.com?one=two | @example.%@ → http%3A%2F%2Fwww.example.com%3Done%3Dtwo |
| .cmd | Appending this suffix to a variable will cause the value to be escaped to be suitable for use in Windows cmd scripts | example = &ecre_t | @example.cmd@→ ^&ecre_t |
| .cmd! | Appending this suffix to a variable will cause the value to be escaped to be suitable for use in Windows cmd scripts with delayedexpansion enabled | example = secre_! | @example.cmd!@ → secret_^^^! |
| .url.port | Appending this suffix to a variable containing a URL, will cause the value to be the port associated with the URL. Default port is determined based on scheme. | example.url = ldaps://localhost/dc=localhost | @example.url.port@ → 636 |
| .url.scheme | Appending this suffix to a variable containing a URL will cause the value to be the scheme associated with the URL. | example.url = ldaps://localhost/dc=localhost | @example.url.scheme@ → ldaps |
| .url.secure | Appending this suffix to a variable containing a URL will cause the value to be the boolean value denoting if the protocol is expected to be secure. | example.url = ldaps://localhost/dc=localhost | @example.url.secure@ → true |
| .name | Appending this suffix to a variable containing a distinguished name, will cause the output to be omitted if the input value would be an invalid x.509 Distinguished Name.. | example = cn=person | @example.name@ → cn=person |
| .toURI | Appending this suffix to a variable containing a file path will cause the value to be converted to a URI representation of the path.. | example = C:\Windows | @example.toURI@ → file:/C:/Windows |
| .toFile | Appending this suffix to a variable containing a URI representation of a file path will cause the value to be converted to a path. | example = file:/C:/Windows | @example.toFile@ → C:\Windows |
| Note |
|---|
NOTE: The individual Ubisecure applications below are using the default @uas.url@ parameter. This means that all of the required applications are installed to the same address. Each application will have its name appended to the url address. In demonstration and development environments, no changes are typically required. If you wish to install components to different addresses, you must change the value to match the desired destination. For example, the applications:
are typically public applications available to all end users. The applications
however are for system administrators. To publish system administrator tools at a different address (e.g., an intranet domain), adjust the application URLs accordingly, e.g.:
See below for settings uas.url, password.url, ubilogin.url, logviewer.url and search.url. |
...
This field is a placeholder for the key pair required in SAML signing operations. A base64 encoded PKCS#12 file will be generated to this field by the setup script in Configuration and Setup Application to Create Configurationssetup application to create configurations. The file is protected by the master.secret. Leave this field empty during initial installation.
...