#   Licensed to the Apache Software Foundation (ASF) under one or more
#   contributor license agreements.  See the NOTICE file distributed with
#   this work for additional information regarding copyright ownership.
#   The ASF licenses this file to You under the Apache License, Version 2.0
#   (the "License"); you may not use this file except in compliance with
#   the License.  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#   Unless required by applicable law or agreed to in writing, software
#   distributed under the License is distributed on an "AS IS" BASIS,
#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#   See the License for the specific language governing permissions and
#   limitations under the License.

[main]
# Development
ssl.enabled = false

plainMatcher=org.apache.shiro.authc.credential.SimpleCredentialsMatcher
#iniRealm=org.apache.shiro.realm.text.IniRealm
iniRealm.credentialsMatcher = $plainMatcher

#localhost=org.apache.jena.fuseki.authz.LocalhostFilter

[users]
# Implicitly adds "iniRealm =  org.apache.shiro.realm.text.IniRealm"
# The admin password will be replaced by value of ADMIN_PASSWORD
# variable by docker-entrypoint.sh on FIRST start up.
admin=${ADMIN_PASSWORD}

[roles]

[urls]
## Control functions open to anyone
/$/status = anon
/$/ping   = anon

## and the rest are restricted
/$/** = authcBasic,user[admin]

## Sparql update is restricted
/*/update/** = authcBasic,user[admin]


## If you want simple, basic authentication user/password
## on the operations,
##    1 - set a password in [users]
##    2 - change the line above to:
## /$/** = authcBasic,user[admin]
## and set a better

## or to allow any access.
##/$/** = anon

# Everything else
/**=anon