This tutorial gives an overview of the most important configuration concepts. There are separate tutorials describing specific aspects in more detail.
This tutorial is about how Airlock IAM is configured in general and not about how to configure specific features.
The Config Editor
The most important tool to configure almost everything is the Config Editor.
The Config Editor has the following main features:
- ●Almost all behavior of all Airlock IAM components are configured in it.
- ●All changes can be applied at run-time without session loss.
- ●It allows to edit, save, restore, apply and reset configurations.
- ●It offers features for staging, context-dependent configuration elements, and storing secret values externally.
To access the Config Editor:
- ●Log on to the Adminapp as administrator: click on the link "Config Editor" in the Admintool
- ●The administrator must have the right to view or edit the configuration (if you accessed this tutorial from the Adminapp, you should have enough rights for the Config Editor)
The following table explains the most important icons of the Config Editor:
Icon(s) | Description |
Activate configuration changes. | |
Display the currently active (running) configuration. | |
Upload a configuration from a file / download as a file (XML format). | |
Save a working copy / restore from a working copy. | |
Opens a dialog used to manage sensitive configuration values stored in an external key store. | |
Display context help. Hint: Click on an info icon, to see the documentation in the "Docs" panel at the bottom. | |
Go to the details page of the linked plugin. | |
Add/remove row in a list. | |
Creates a new sub-plugin configuration. | |
Opens a regular expression tester. Properties which allow the use of regular expressions have this icon. | |
Opens a dialog to change a secret value, e.g. a password. | |
Test the configuration (e.g. try to open specified connection or verify the entered username and password). | |
Indicates that this property is using the default value (because no different value has been specified by the user). | |
Resets a value (may result in the default value being displayed and used). |
For a more detailed tutorial, please consult the 9.4. IAM Config Editor (UI).
Airlock IAM instance configuration
Some fundamental settings of an instance cannot be configured in the Config Editor. These are referred to as "application parameters". They are configured in the instance properties file or using the environment. It is also worth noting that application parameters are only applied on start-up and changing those values requires Airlock IAM to be restarted.
The file instance.properties can be found in the instance directory (e.g. <configuration-dir>/instances/auth/instance.properties).
Most importantly, these parameters can be configured:
- ●Log directory and level (see 8.5. Logging configuration)
- ●Activated modules (see 3.3. IAM modules and databases/directories)
- ●Web server ports, URL paths, and TLS settings (see 8.3.3. Securing Airlock IAM with HTTPS)
- ●Environment-ID (see 9.1. Configuration environments)
Please refer to the documentation in the file for detailed information. See also 8.1. Application parameters.
To get an up-to-date template including documentation and current default values run:
iam default-parameters