Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:application_configuration:dev:backend [2019/06/11 05:43]
tomiskar [Application/ Server] 		devel:documentation:application_configuration:dev:backend [2019/11/29 14:32]
tomiskar [Authentication]
Line 38: Line 38:
   * ''default'' - the default profile - configured to db h2. If a developer downloads the project from Git, the application will run without any other configuration over h2 database with demo data (by admin user ...). Default profile is used for issuing a demo.   * ''default'' - the default profile - configured to db h2. If a developer downloads the project from Git, the application will run without any other configuration over h2 database with demo data (by admin user ...). Default profile is used for issuing a demo.
   * ''dev'' - developing profile configured to postgresql. In the future, we can move the configuration itself to special profiles - their combinations (e.g. test+ postgresql or dev + mysql). We will be able to cover more variants of environment versus database.   * ''dev'' - developing profile configured to postgresql. In the future, we can move the configuration itself to special profiles - their combinations (e.g. test+ postgresql or dev + mysql). We will be able to cover more variants of environment versus database.
-  * ''test'' - test profile - configured to db h2 and **it's used for unit and intergartion testing only**. Don't use this profile for test environment - create your own profiles (testing / production).+  * ''test'' - test profile - configured to db h2 and **it's used for unit and intergration testing only**. Don't use this profile for test environment - create your own profiles (testing / production).
   * ''release'' - release profile - all modules in CzechIdM repository are included, they are released together under one version.    * ''release'' - release profile - all modules in CzechIdM repository are included, they are released together under one version. 
  
Line 91: Line 91:
 # Show transaction identifiers (uuid) in frontend application  # Show transaction identifiers (uuid) in frontend application 
 idm.pub.app.show.transactionId=false idm.pub.app.show.transactionId=false
 +# Show role environmnent in frontend application for roles (table, role detail, niceLabel, info components, role select) 
 +idm.pub.app.show.environment=true
 # #
 # Private properties - used on backend only. # Private properties - used on backend only.
Line 679: Line 681:
 idm.sec.core.authentication-filter.core-sso-authentication-filter.forbidden-uids= idm.sec.core.authentication-filter.core-sso-authentication-filter.forbidden-uids=
 </code> </code>
 +
 +=== Remote user authentication filter ===
 +Login into IdM by preset request remote user by servlet container can be configured with following properties:
 +<code properties>
 +# Allow remote user authentication
 +idm.sec.core.authentication-filter.core-remote-user-authentication-filter.enabled=false
 +# The suffixes to remove from the login - usually domains
 +idm.sec.core.authentication-filter.core-remote-user-authentication-filter.uid-suffixes=
 +# The uids that can't be authenticated by SSO
 +idm.sec.core.authentication-filter.core-remote-user-authentication-filter.forbidden-uids=
 +</code>
 +
 +This authentication filter reuses SSO authentication filter behavior above (''uid-suffixes'', ''forbidden-uids''), but application administrator can be logged by this filter (identity with ''APP_ADMIN'' authority).
  
 ==== Backup ==== ==== Backup ====
-If you want to use redeploy and backup for example in agenda (notification template), you must define default backup folder see:+If you want to use redeploy and backup for example in agenda (notification templates, scripts), you must define default backup folder
 +When redploy is used, then actual templates (or scripsts) are loaded from classpath by configuration (for templates or scripts) and deployed into application. Previous templates (or scripts) are backup too. 
 <code properties> <code properties>
 # configuration property for default backup  # configuration property for default backup 
Line 714: Line 731:
 idm.sec.vs.role.default=<some-code-of-role> idm.sec.vs.role.default=<some-code-of-role>
 </code> </code>
 +
 +==== Long polling ====
 +
 +<code properties>
 +# Long polling
 +idm.pub.app.long-polling.enabled=true
 +</code>
 +
 +You can disable long polling for all types of entites with use value `false`.
  
 ==== Provisioning ==== ==== Provisioning ====
Line 818: Line 844:
 Common configuration properties for all renderers: Common configuration properties for all renderers:
   * ''enabled'' - on / off   * ''enabled'' - on / off
 +
 +==== Logger ====
 +
 +In the application profile (''application.properties'') - overloadable via ''ConfigurationService''.
 +
 +Logger levels can be configured programmatically (override ''logback.xml'' file with default logger levels configuration).
 +
 +<code properties>
 +idm.sec.core.logger.<packageName>=<level>
 +</code>
 +
 +Where ''<packageName>'' is package name to set logger ''<level>''.
 +
 +Example:
 +<code properties>
 +idm.sec.core.logger.eu.bcvsolutions=DEBUG
 +</code>
  • by chalupat