diff options
Diffstat (limited to 'src/OAuth/OAuthResourceServer/Web.config')
| -rw-r--r-- | src/OAuth/OAuthResourceServer/Web.config | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/src/OAuth/OAuthResourceServer/Web.config b/src/OAuth/OAuthResourceServer/Web.config new file mode 100644 index 0000000..1ab8dfa --- /dev/null +++ b/src/OAuth/OAuthResourceServer/Web.config @@ -0,0 +1,117 @@ +<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+ <configSections>
+ <section name="uri" type="System.Configuration.UriSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
+ <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
+ <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth.Core">
+ <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth.OpenId" requirePermission="false" allowLocation="true" />
+ <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth.OAuth" requirePermission="false" allowLocation="true" />
+ <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
+ <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth.Core" requirePermission="false" allowLocation="true" />
+ </sectionGroup>
+ </configSections>
+ <!-- The uri section is necessary to turn on .NET 3.5 support for IDN (international domain names),
+ which is necessary for OpenID urls with unicode characters in the domain/host name.
+ It is also required to put the Uri class into RFC 3986 escaping mode, which OpenID and OAuth require. -->
+ <uri>
+ <idn enabled="All" />
+ <iriParsing enabled="true" />
+ </uri>
+ <system.net>
+ <defaultProxy enabled="true" />
+ <settings>
+ <!-- This setting causes .NET to check certificate revocation lists (CRL)
+ before trusting HTTPS certificates. But this setting tends to not
+ be allowed in shared hosting environments. -->
+ <!--<servicePointManager checkCertificateRevocationList="true"/>-->
+ </settings>
+ </system.net>
+ <!-- this is an optional configuration section where aspects of dotnetopenauth can be customized -->
+ <dotNetOpenAuth>
+ <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
+ <reporting enabled="true" />
+ <!-- Relaxing SSL requirements is useful for simple samples, but NOT a good idea in production. -->
+ <messaging relaxSslRequirements="true">
+ <untrustedWebRequest>
+ <whitelistHosts>
+ <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
+ <!--<add name="localhost" />-->
+ </whitelistHosts>
+ </untrustedWebRequest>
+ </messaging>
+ </dotNetOpenAuth>
+ <appSettings />
+ <connectionStrings>
+ <add name="DatabaseConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\Database.mdf;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient" />
+ </connectionStrings>
+ <system.web>
+ <!--
+ Set compilation debug="true" to insert debugging
+ symbols into the compiled page. Because this
+ affects performance, set this value to true only
+ during development.
+ -->
+ <compilation debug="true" targetFramework="4.0">
+ <assemblies>
+ <remove assembly="DotNetOpenAuth.Contracts" />
+ <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
+ </assemblies>
+ </compilation>
+ <authentication mode="Forms">
+ <forms name="oauthSP" />
+ </authentication>
+ <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID" />
+ </system.web>
+ <!--
+ The system.webServer section is required for running ASP.NET AJAX under Internet
+ Information Services 7.0. It is not necessary for previous version of IIS.
+ -->
+ <log4net>
+ <appender name="TracePageAppender" type="OAuthResourceServer.Code.TracePageAppender, OAuthResourceServer">
+ <layout type="log4net.Layout.PatternLayout">
+ <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
+ </layout>
+ </appender>
+ <!-- Setup the root category, add the appenders and set the default level -->
+ <root>
+ <level value="INFO" />
+ <!--<appender-ref ref="RollingFileAppender" />-->
+ <appender-ref ref="TracePageAppender" />
+ </root>
+ <!-- Specify the level for some specific categories -->
+ <logger name="DotNetOpenAuth">
+ <level value="ALL" />
+ </logger>
+ </log4net>
+ <system.serviceModel>
+ <behaviors>
+ <serviceBehaviors>
+ <behavior name="DataApiBehavior">
+ <serviceMetadata httpGetEnabled="true" />
+ <serviceDebug includeExceptionDetailInFaults="true" />
+ <serviceAuthorization serviceAuthorizationManagerType="OAuthResourceServer.Code.OAuthAuthorizationManager, OAuthResourceServer" principalPermissionMode="Custom" />
+ </behavior>
+ </serviceBehaviors>
+ <endpointBehaviors>
+ <behavior name="DataApiWebBehavior">
+ <webHttp />
+ </behavior>
+ </endpointBehaviors>
+ </behaviors>
+ <services>
+ <service behaviorConfiguration="DataApiBehavior" name="OAuthResourceServer.DataApi">
+ <endpoint address="" binding="wsHttpBinding" contract="OAuthResourceServer.Code.IDataApi">
+ <identity>
+ <dns value="localhost" />
+ </identity>
+ </endpoint>
+ <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
+ <endpoint address="web" binding="webHttpBinding" contract="OAuthResourceServer.Code.IDataApi" behaviorConfiguration="DataApiWebBehavior" />
+ </service>
+ </services>
+ </system.serviceModel>
+ <runtime>
+ <!-- This prevents the Windows Event Log from frequently logging that HMAC1 is being used (when the other party needs it). -->
+ <legacyHMACWarning enabled="0" />
+ </runtime>
+</configuration>
\ No newline at end of file |