Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(233)

Side by Side Diff: components/policy/resources/policy_templates.json

Issue 1128043007: Support Kerberos on Android (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix mistake in previous Windows fixes Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 { 1 {
2 # policy_templates.json - Metafile for policy templates 2 # policy_templates.json - Metafile for policy templates
3 # 3 #
4 # The content of this file is evaluated as a Python expression. 4 # The content of this file is evaluated as a Python expression.
5 # 5 #
6 # This file is used as input to generate the following policy templates: 6 # This file is used as input to generate the following policy templates:
7 # ADM, ADMX+ADML, MCX/plist and html documentation. 7 # ADM, ADMX+ADML, MCX/plist and html documentation.
8 # 8 #
9 # Policy templates are user interface definitions or documents about the 9 # Policy templates are user interface definitions or documents about the
10 # policies that can be used to configure Chrome. Each policy is a name-value 10 # policies that can be used to configure Chrome. Each policy is a name-value
(...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after
116 # templates and documentation. The policy definition list that Chrome sees 116 # templates and documentation. The policy definition list that Chrome sees
117 # will include policies marked with 'future'. If a WIP policy isn't meant to 117 # will include policies marked with 'future'. If a WIP policy isn't meant to
118 # be seen by the policy providers either, the 'supported_on' key should be set 118 # be seen by the policy providers either, the 'supported_on' key should be set
119 # to an empty list. 119 # to an empty list.
120 # 120 #
121 # IDs: 121 # IDs:
122 # Since a Protocol Buffer definition is generated from this file, unique and 122 # Since a Protocol Buffer definition is generated from this file, unique and
123 # persistent IDs for all fields (but not for groups!) are needed. These are 123 # persistent IDs for all fields (but not for groups!) are needed. These are
124 # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, 124 # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs,
125 # because doing so would break the deployed wire format! 125 # because doing so would break the deployed wire format!
126 # For your editing convenience: highest ID currently used: 301 126 # For your editing convenience: highest ID currently used: 302
127 # 127 #
128 # Placeholders: 128 # Placeholders:
129 # The following placeholder strings are automatically substituted: 129 # The following placeholder strings are automatically substituted:
130 # $1 -> Google Chrome / Chromium 130 # $1 -> Google Chrome / Chromium
131 # $2 -> Google Chrome OS / Chromium OS 131 # $2 -> Google Chrome OS / Chromium OS
132 # $3 -> Google Chrome Frame / Chromium Frame 132 # $3 -> Google Chrome Frame / Chromium Frame
133 # $6 is reserved for doc_writer 133 # $6 is reserved for doc_writer
134 # 134 #
135 # Device Policy: 135 # Device Policy:
136 # An additional flag device_only (optional, defaults to False) indicates 136 # An additional flag device_only (optional, defaults to False) indicates
(...skipping 1497 matching lines...) Expand 10 before | Expand all | Expand 10 after
1634 { 1634 {
1635 'name': 'HTTPAuthentication', 1635 'name': 'HTTPAuthentication',
1636 'type': 'group', 1636 'type': 'group',
1637 'caption': '''Policies for HTTP Authentication''', 1637 'caption': '''Policies for HTTP Authentication''',
1638 'desc': '''Policies related to integrated HTTP authentication.''', 1638 'desc': '''Policies related to integrated HTTP authentication.''',
1639 'policies': [ 1639 'policies': [
1640 { 1640 {
1641 'name': 'AuthSchemes', 1641 'name': 'AuthSchemes',
1642 'type': 'string', 1642 'type': 'string',
1643 'schema': { 'type': 'string' }, 1643 'schema': { 'type': 'string' },
1644 'supported_on': ['chrome.*:9-'], 1644 'supported_on': ['chrome.*:9-','android:44-'],
1645 'features': { 1645 'features': {
1646 'dynamic_refresh': False, 1646 'dynamic_refresh': False,
1647 'per_profile': False, 1647 'per_profile': False,
1648 }, 1648 },
1649 'example_value': 'basic,digest,ntlm,negotiate', 1649 'example_value': 'basic,digest,ntlm,negotiate',
1650 'id': 26, 1650 'id': 26,
1651 'caption': '''Supported authentication schemes''', 1651 'caption': '''Supported authentication schemes''',
1652 'desc': '''Specifies which HTTP Authentication schemes are supported b y <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph>. 1652 'desc': '''Specifies which HTTP Authentication schemes are supported b y <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph>.
1653 1653
1654 Possible values are 'basic', 'digest', 'ntlm' and 'negotiate'. Separat e multiple values with commas. 1654 Possible values are 'basic', 'digest', 'ntlm' and 'negotiate'. Separat e multiple values with commas.
1655 1655
1656 If this policy is left not set, all four schemes will be used.''', 1656 If this policy is left not set, all four schemes will be used.''',
1657 }, 1657 },
1658 { 1658 {
1659 'name': 'DisableAuthNegotiateCnameLookup', 1659 'name': 'DisableAuthNegotiateCnameLookup',
1660 'type': 'main', 1660 'type': 'main',
1661 'schema': { 'type': 'boolean' }, 1661 'schema': { 'type': 'boolean' },
1662 'supported_on': ['chrome.*:9-'], 1662 'supported_on': ['chrome.*:9-','android:44-'],
1663 'features': { 1663 'features': {
1664 'dynamic_refresh': False, 1664 'dynamic_refresh': False,
1665 'per_profile': False, 1665 'per_profile': False,
1666 }, 1666 },
1667 'example_value': False, 1667 'example_value': False,
1668 'id': 27, 1668 'id': 27,
1669 'caption': '''Disable CNAME lookup when negotiating Kerberos authentic ation''', 1669 'caption': '''Disable CNAME lookup when negotiating Kerberos authentic ation''',
1670 'desc': '''Specifies whether the generated Kerberos SPN is based on th e canonical DNS name or the original name entered. 1670 'desc': '''Specifies whether the generated Kerberos SPN is based on th e canonical DNS name or the original name entered.
1671 1671
1672 If you enable this setting, CNAME lookup will be skipped and the serve r name will be used as entered. 1672 If you enable this setting, CNAME lookup will be skipped and the serve r name will be used as entered.
(...skipping 15 matching lines...) Expand all
1688 'desc': '''Specifies whether the generated Kerberos SPN should include a non-standard port. 1688 'desc': '''Specifies whether the generated Kerberos SPN should include a non-standard port.
1689 1689
1690 If you enable this setting, and a non-standard port (i.e., a port othe r than 80 or 443) is entered, it will be included in the generated Kerberos SPN. 1690 If you enable this setting, and a non-standard port (i.e., a port othe r than 80 or 443) is entered, it will be included in the generated Kerberos SPN.
1691 1691
1692 If you disable this setting or leave it not set, the generated Kerbero s SPN will not include a port in any case.''', 1692 If you disable this setting or leave it not set, the generated Kerbero s SPN will not include a port in any case.''',
1693 }, 1693 },
1694 { 1694 {
1695 'name': 'AuthServerWhitelist', 1695 'name': 'AuthServerWhitelist',
1696 'type': 'string', 1696 'type': 'string',
1697 'schema': { 'type': 'string' }, 1697 'schema': { 'type': 'string' },
1698 'supported_on': ['chrome.*:9-'], 1698 'supported_on': ['chrome.*:9-','android:44-'],
1699 'features': { 1699 'features': {
1700 'dynamic_refresh': False, 1700 'dynamic_refresh': False,
1701 'per_profile': False, 1701 'per_profile': False,
1702 }, 1702 },
1703 'example_value': '*example.com,foobar.com,*baz', 1703 'example_value': '*example.com,foobar.com,*baz',
1704 'id': 29, 1704 'id': 29,
1705 'caption': '''Authentication server whitelist''', 1705 'caption': '''Authentication server whitelist''',
1706 'desc': '''Specifies which servers should be whitelisted for integrate d authentication. Integrated authentication is only enabled when <ph name="PRODU CT_NAME">$1<ex>Google Chrome</ex></ph> receives an authentication challenge from a proxy or from a server which is in this permitted list. 1706 'desc': '''Specifies which servers should be whitelisted for integrate d authentication. Integrated authentication is only enabled when <ph name="PRODU CT_NAME">$1<ex>Google Chrome</ex></ph> receives an authentication challenge from a proxy or from a server which is in this permitted list.
1707 1707
1708 Separate multiple server names with commas. Wildcards (*) are allowed. 1708 Separate multiple server names with commas. Wildcards (*) are allowed.
1709 1709
1710 If you leave this policy not set <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> will try to detect if a server is on the Intranet and only then will it respond to IWA requests. If a server is detected as Internet then IWA requests from it will be ignored by <ph name="PRODUCT_NAME">$1<ex>Google Chrome< /ex></ph>.''', 1710 If you leave this policy not set <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> will try to detect if a server is on the Intranet and only then will it respond to IWA requests. If a server is detected as Internet then IWA requests from it will be ignored by <ph name="PRODUCT_NAME">$1<ex>Google Chrome< /ex></ph>.''',
1711 }, 1711 },
1712 { 1712 {
1713 'name': 'AuthNegotiateDelegateWhitelist', 1713 'name': 'AuthNegotiateDelegateWhitelist',
1714 'type': 'string', 1714 'type': 'string',
1715 'schema': { 'type': 'string' }, 1715 'schema': { 'type': 'string' },
1716 'supported_on': ['chrome.*:9-'], 1716 'supported_on': ['chrome.*:9-','android:44-'],
1717 'features': { 1717 'features': {
1718 'dynamic_refresh': False, 1718 'dynamic_refresh': False,
1719 'per_profile': False, 1719 'per_profile': False,
1720 }, 1720 },
1721 'example_value': 'foobar.example.com', 1721 'example_value': 'foobar.example.com',
1722 'id': 30, 1722 'id': 30,
1723 'caption': '''Kerberos delegation server whitelist''', 1723 'caption': '''Kerberos delegation server whitelist''',
1724 'desc': '''Servers that <ph name="PRODUCT_NAME">$1<ex>Google Chrome</e x></ph> may delegate to. 1724 'desc': '''Servers that <ph name="PRODUCT_NAME">$1<ex>Google Chrome</e x></ph> may delegate to.
1725 1725
1726 Separate multiple server names with commas. Wildcards (*) are allowed. 1726 Separate multiple server names with commas. Wildcards (*) are allowed.
(...skipping 10 matching lines...) Expand all
1737 'per_profile': False, 1737 'per_profile': False,
1738 }, 1738 },
1739 'example_value': 'libgssapi_krb5.so.2', 1739 'example_value': 'libgssapi_krb5.so.2',
1740 'id': 31, 1740 'id': 31,
1741 'caption': '''GSSAPI library name''', 1741 'caption': '''GSSAPI library name''',
1742 'desc': '''Specifies which GSSAPI library to use for HTTP Authenticati on. You can set either just a library name, or a full path. 1742 'desc': '''Specifies which GSSAPI library to use for HTTP Authenticati on. You can set either just a library name, or a full path.
1743 1743
1744 If no setting is provided, <ph name="PRODUCT_NAME">$1<ex>Google Chrome </ex></ph> will fall back to using a default library name.''', 1744 If no setting is provided, <ph name="PRODUCT_NAME">$1<ex>Google Chrome </ex></ph> will fall back to using a default library name.''',
1745 }, 1745 },
1746 { 1746 {
1747 'name': 'AuthAndroidNegotiateAccountType',
1748 'type': 'string',
1749 'schema': { 'type': 'string' },
1750 'supported_on': ['android:44-'],
1751 'features': {
1752 'dynamic_refresh': False,
1753 'per_profile': False,
1754 },
1755 'example_value': 'com.example.kerberos',
1756 'id': 302,
1757 'caption': '''Account Type for Negotiate Authentication''',
1758 'desc': '''Specifies the account type of the accounts provided by the Android authentication app that supports HTTP Negotiate authentication (e.g. Ker beros authentication).
1759
1760 If no setting is provided then Negotiate Authentication will be disabl ed on Android.''',
1761 },
1762 {
1747 'name': 'AllowCrossOriginAuthPrompt', 1763 'name': 'AllowCrossOriginAuthPrompt',
1748 'type': 'main', 1764 'type': 'main',
1749 'schema': { 'type': 'boolean' }, 1765 'schema': { 'type': 'boolean' },
1750 'supported_on': ['chrome.*:13-'], 1766 'supported_on': ['chrome.*:13-'],
1751 'features': { 1767 'features': {
1752 'dynamic_refresh': True, 1768 'dynamic_refresh': True,
1753 'per_profile': False, 1769 'per_profile': False,
1754 }, 1770 },
1755 'example_value': False, 1771 'example_value': False,
1756 'id': 89, 1772 'id': 89,
(...skipping 5727 matching lines...) Expand 10 before | Expand all | Expand 10 after
7484 'desc': '''Text appended in parentheses next to the policies top-level con tainer to indicate that those policies are of the Recommended level''', 7500 'desc': '''Text appended in parentheses next to the policies top-level con tainer to indicate that those policies are of the Recommended level''',
7485 'text': 'Default Settings (users can override)', 7501 'text': 'Default Settings (users can override)',
7486 }, 7502 },
7487 'doc_complex_policies_on_windows': { 7503 'doc_complex_policies_on_windows': {
7488 'desc': '''Text pointing the user to a help article for complex policies o n Windows''', 7504 'desc': '''Text pointing the user to a help article for complex policies o n Windows''',
7489 'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POL ICIES_URL">http://www.chromium.org/administrators/complex-policies-on-windows<ex >http://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>''' , 7505 'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POL ICIES_URL">http://www.chromium.org/administrators/complex-policies-on-windows<ex >http://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>''' ,
7490 }, 7506 },
7491 }, 7507 },
7492 'placeholders': [], 7508 'placeholders': [],
7493 } 7509 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698