In GateIn, the gadget container is using three security files for authentication and authorization gadgets:
key.txt
oauthkey.pem
oauthkey_pub.pem
By default, they are located in:
For JBoss: $PLATFORM_JBOSS_HOME/standalone/configuration/gatein/gadgets.
This folder is configured by system variables in $PLATFORM_JBOSS_HOME/standalone/configuration/gatein/exo.properties.
For Tomcat: $PLATFORM_TOMCAT_HOME/gatein/conf/gadgets.
This folder is configured by system variables in $PLATFORM_TOMCAT_HOME/gatein/conf/exo.properties.
See Configuration overview for the exo.properties file.
gatein.gadgets.securitytokenkeyfile=${exo.conf.dir}/gadgets/key.txt
gatein.gadgets.signingkeyfile=${exo.conf.dir}/gadgets/oauthkey.pemIn case you have other files, you can change these variables to point to them.
The key.txt file contains a secret key used to encrypt the security token used for the user authentication.
When starting GateIn, this file is read via the gatein.gadgets.securitytokenkeyfile path.
In case the key.txt file is not found, GateIn automatically generates a new key.txt one and save it to the
gatein.gadgets.securitytokenkeyfile path.
oauthkey.pem and oauthkey_pub.pem are a key pair of RSA cryptography standard.
oauthkey.pem is known as a private key and oauthkey_pub.pem is a public key.
They are the default keys of the gadget container which OAuth gadgets will use to authorize with external service providers.