DCD-352: Start of Confluence config role.

roles/confluence_config/templates/seraph-config.xml.j2

@@ -0,0 +1,71 @@
+<security-config>
+    <parameters>
+        <init-param>
+            <param-name>login.url</param-name>
+            <param-value>/login.action?os_destination=${originalurl}&amp;permissionViolation=true</param-value>
+        </init-param>
+        <init-param>
+            <param-name>link.login.url</param-name>
+            <param-value>/login.action</param-value>
+        </init-param>
+        <init-param>
+            <param-name>cookie.encoding</param-name>
+            <param-value>cNf</param-value>
+        </init-param>
+        <init-param>
+            <param-name>login.cookie.key</param-name>
+            <param-value>seraph.confluence</param-value>
+        </init-param>
+ 
+        {% if atl_autologin_cookie_age is defined and atl_autologin_cookie_age|length %}
+            <init-param>
+                <param-name>autologin.cookie.age</param-name>
+                <param-value>{{ atl_autologin_cookie_age }}</param-value>
+            </init-param>
+        {% endif %}
+
+        <!--only basic authentication available-->
+        <init-param>
+            <param-name>authentication.type</param-name>
+            <param-value>os_authType</param-value>
+        </init-param>
+
+        <!-- Invalidate session on login to prevent session fixation attack -->
+         <init-param>
+            <param-name>invalidate.session.on.login</param-name>
+            <param-value>true</param-value>
+        </init-param>
+        <!-- Add names for session attributes that must not be copied to a new session when the old one gets invalidated.
+          Currently it is empty (i.e. all attributes will be copied). -->
+        <init-param>
+            <param-name>invalidate.session.exclude.list</param-name>
+            <param-value></param-value>
+        </init-param>
+    </parameters>
+
+    <rolemapper class="com.atlassian.confluence.security.ConfluenceRoleMapper"/>
+    <controller class="com.atlassian.confluence.setup.seraph.ConfluenceSecurityController"/>
+
+    <!-- Default Confluence authenticator, which uses the configured user management for authentication. -->
+    <authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>
+
+    <!-- Custom authenticators appear below. To enable one of them, comment out the default authenticator above and uncomment the one below. -->
+
+    <!-- Authenticator with support for Crowd single-sign on (SSO). -->
+    <!-- <authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/> -->
+
+    <!-- Specialised version of the default authenticator which adds authenticated users to confluence-users if they aren't already a member. -->
+    <!-- <authenticator class="com.atlassian.confluence.user.ConfluenceGroupJoiningAuthenticator"/> -->
+
+    <services>
+        <service class="com.atlassian.seraph.service.PathService">
+            <init-param>
+                <param-name>config.file</param-name>
+                <param-value>seraph-paths.xml</param-value>
+            </init-param>
+        </service>
+    </services>
+
+    <elevatedsecurityguard class="com.atlassian.confluence.security.seraph.ConfluenceElevatedSecurityGuard"/>
+
+</security-config>