Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:application_configuration:dev:backend [2020/03/06 12:00]
tomiskar [Scheduler] 		devel:documentation:application_configuration:dev:backend [2020/04/21 11:24]
tomiskar [Identity]
Line 12: Line 12:
   * if the name of a configuration item contains the''password'' or ''token'' chain, the value of the configuration item is hidden in the rest interface listing (or rather replaced with substitute characters).   * if the name of a configuration item contains the''password'' or ''token'' chain, the value of the configuration item is hidden in the rest interface listing (or rather replaced with substitute characters).
   * It is better to use constants for keys, e.g. ''ConfigurationService.IDM\_PUBLIC\_PROPERTY\_PREFIX + "core.identity.delete"'' - using seperator constant in key name suffix is not preferred - constant can be simply found by key suffix ("ctrl-f" + "core.identity.delete").    * It is better to use constants for keys, e.g. ''ConfigurationService.IDM\_PUBLIC\_PROPERTY\_PREFIX + "core.identity.delete"'' - using seperator constant in key name suffix is not preferred - constant can be simply found by key suffix ("ctrl-f" + "core.identity.delete"). 
- 
-Cache is used for reading configuration values - default spring boot cache (ConcurrentHashMap) is configured for now. Value in cache is cleared by an active (save, delete) operation. 
- 
-<note tip> 
-If you are debugging some of code and are you figuring, something is wrong with the cache, then you can turn the cache off with property (in application.properties) 
-<code properties> 
-spring.cache.type=none 
-</code> 
-</note> 
  
 ==== Configure environment properties ==== ==== Configure environment properties ====
Line 95: Line 86:
 # Available size options for tables in frontend application # Available size options for tables in frontend application
 idm.pub.app.show.sizeOptions=10, 25, 50, 100 idm.pub.app.show.sizeOptions=10, 25, 50, 100
 +# show default form for newly created user 
 +# default form can be disabled => at least one configured form projection is needed
 +idm.pub.app.show.identity.formProjection.default=true
 # #
 # Private properties - used on backend only. # Private properties - used on backend only.
Line 206: Line 200:
 </code> </code>
  
 +==== Cache ====
  
-==== Attachment storage ===+Cache is used for reading configuration values. Value in cache is cleared by an active (save, delete) operation. 
 + 
 +In the application profile (application.properties): 
 + 
 + 
 + 
 +<code properties> 
 +# Disable cache 
 +# If you are debugging some of code and are you figuring, something is wrong with the cache, then you can turn the cache off with property. 
 +#spring.cache.type=none 
 +
 +# Clusterred cache settings 
 +#idm.sec.cache.terracota.url=localhost:9410,localhost:9420 
 +idm.sec.cache.terracota.resource.name=main 
 +idm.sec.cache.terracota.resource.pool.name=resource-pool 
 +# Size in MB 
 +idm.sec.cache.terracota.resource.pool.size=32 
 +</code> 
 + 
 + 
 +==== Attachment storage ====
  
 ''DefaultAttachmentManager'' stores binary files on file system. Binary files can be attached to any entity, which implements ''AttachableEntity'' interface, [[..:..:modules_rpt:dev:attachment_manager| read more]]. ''DefaultAttachmentManager'' stores binary files on file system. Binary files can be attached to any entity, which implements ''AttachableEntity'' interface, [[..:..:modules_rpt:dev:attachment_manager| read more]].
  
-In the application profile (application.properties) and overloadable via ''ConfigurationService''+In the application profile (application.properties): 
 + 
 +<code properties> 
 +# Max file size of uploaded file. Values can use the suffixed "MB" or "KB" to indicate a Megabyte or Kilobyte size. 
 +# Application server (e.g. Tomcat "maxSwallowSize" connector parameter) has to be set properly too (e.g. <Connector port="8080" maxSwallowSize="-1" ...) 
 +spring.servlet.multipart.max-file-size=100MB 
 +spring.servlet.multipart.max-request-size=100MB 
 + 
 +</code> 
 + 
 +In the application profile (application.properties) and overloadable via ''ConfigurationService'':
  
 <code properties> <code properties>
Line 232: Line 257:
 </code> </code>
  
-In the application profile (application.properties). +==== Activiti workflow ====
- +
-<code properties> +
-+
-# Max file size of uploaded file. Values can use the suffixed "MB" or "KB" to indicate a Megabyte or Kilobyte size. +
-multipart.max-file-size=100Mb +
- +
-</code> +
- +
-==== Activiti workflow ===+
 <code properties> <code properties>
 # String boot properties for Activiti workflow engine # String boot properties for Activiti workflow engine
Line 278: Line 294:
 # - recaptchaservice endpoint  # - recaptchaservice endpoint 
 idm.sec.security.recaptcha.url=https://www.google.com/recaptcha/api/siteverify idm.sec.security.recaptcha.url=https://www.google.com/recaptcha/api/siteverify
-# - secret key, can be generated here https://www.google.com/recaptcha/admin+# - secret key, can be generated here https://www.google.com/recaptcha/admin (generate V2 checkbox)
 # - test secret key: https://developers.google.com/recaptcha/docs/faq#id-like-to-run-automated-tests-with-recaptcha-v2-what-should-i-do # - test secret key: https://developers.google.com/recaptcha/docs/faq#id-like-to-run-automated-tests-with-recaptcha-v2-what-should-i-do
 idm.sec.security.recaptcha.secretKey=xxx idm.sec.security.recaptcha.secretKey=xxx
Line 420: Line 436:
 # Waiting tasks to be processed. Uses 20 as default. {@link LinkedBlockingQueue} is used for queue => capacity is initialized dynamically. # Waiting tasks to be processed. Uses 20 as default. {@link LinkedBlockingQueue} is used for queue => capacity is initialized dynamically.
 # {@link AbotrPolicy} is set for rejected tasks - reject exception has to be processed by a caller ({@link LongRunningTaskManager}). # {@link AbotrPolicy} is set for rejected tasks - reject exception has to be processed by a caller ({@link LongRunningTaskManager}).
-scheduler.task.executor.queueCapacity=+scheduler.task.executor.queueCapacity=20
 # Thread priority for threads in event executor pool - 5 by default (normal). # Thread priority for threads in event executor pool - 5 by default (normal).
 scheduler.task.executor.threadPriority= scheduler.task.executor.threadPriority=
Line 453: Line 469:
 # CUSTOM - users can choose for which accounts change password # CUSTOM - users can choose for which accounts change password
 # Needed on FE (=> public)  # Needed on FE (=> public) 
-idm.pub.core.identity.passwordChange=ALL_ONLY+idm.pub.core.identity.passwordChange=CUSTOM
 # #
 # required old password for change password. # required old password for change password.
Line 472: Line 488:
 # Needed on FE (=> public)  # Needed on FE (=> public) 
 idm.pub.core.identity.dashboard.skip= idm.pub.core.identity.dashboard.skip=
-# 
-# supports authorization policies for extended form definitions and their values for identities 
-# Default is false (backward compatibility) - all form definitions and attributes will be shown (controlled by permissions for identity - IDENTITY_READ / IDENTITY_UPDATE). 
-# true - authorization policies will be evaluated (see https://wiki.czechidm.com/devel/documentation/security/dev/authorization#secure_identity_form_extended_attribute_values) for form definitions (FORMDEFINITION_AUTOCOMPLETE is needed to show form definition) and for form values (FORMVALUE_UPDATE)  
-idm.sec.core.identity.formAttributes.secured=false 
  
 </code> </code>
Line 860: Line 871:
 ==== Logger ==== ==== Logger ====
  
-In the application profile (''application.properties''- overloadable via ''ConfigurationService''.+In the application profile (''application.properties'')
 + 
 +<code properties> 
 +# Show thread name configured by thread pools (task, event) in logs (generated name is shown otherwise) 
 +# Two appenders 'consoleand 'fileare provided by product. Same configuration is needed for your custom appenders (added in logback.xml). 
 +logging.pattern.console=%d{yyyy-MM-dd HH:mm:ss.SSS} %5level %relative --- [%thread] %logger{36}.%M : %msg%n 
 +logging.pattern.file=%d{yyyy-MM-dd HH:mm:ss.SSS} %5level %relative --- [%thread] %logger{36}.%M : %msg%n 
 +</code>
  
 Logger levels can be configured programmatically (override ''logback.xml'' file with default logger levels configuration). Logger levels can be configured programmatically (override ''logback.xml'' file with default logger levels configuration).
 +
 +In the application profile (''application.properties'') - overloadable via ''ConfigurationService'':
  
 <code properties> <code properties>
  • by chalupat