Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:application_configuration:dev:backend [2020/09/08 12:20]
tomiskar [Bulk actions] 		devel:documentation:application_configuration:dev:backend [2021/02/08 08:29]
tomiskar [Connector server]
Line 60: Line 60:
 # Public properties - available for frontend without authentication (show information about app, decorators etc.). # Public properties - available for frontend without authentication (show information about app, decorators etc.).
 # #
-# Application stage - development, test, production+# Application stage - development, test, production.
 idm.pub.app.stage= idm.pub.app.stage=
 # Application instance / server id - is used for scheduler etc. # Application instance / server id - is used for scheduler etc.
Line 71: Line 71:
 # Show identifiers (uuid) in frontend application. Empty value by default => identifier is shown, when application 'idm.pub.app.stage' is set to 'development'. # Show identifiers (uuid) in frontend application. Empty value by default => identifier is shown, when application 'idm.pub.app.stage' is set to 'development'.
 idm.pub.app.show.id= idm.pub.app.show.id=
-# Show transaction identifiers (uuid) in frontend application +# Show transaction identifiers (uuid) in frontend application.
 idm.pub.app.show.transactionId=false idm.pub.app.show.transactionId=false
-# Show role environment in frontend application for roles (table, role detail, niceLabel, info components, role select) +# Show role environment in frontend application for roles (table, role detail, niceLabel, info components, role select).
 idm.pub.app.show.environment=true idm.pub.app.show.environment=true
-# Show role baseCode in frontend application for roles (table, role detail, niceLabel, info components, role select) +# Show role baseCode in frontend application for roles (table, role detail, niceLabel, info components, role select).
 idm.pub.app.show.role.baseCode=true idm.pub.app.show.role.baseCode=true
 +# Number of items (pagination) in role catalogue tree in root level.
 +idm.pub.app.show.roleCatalogue.tree.pagination.root.size=25
 +# Number of items (pagination) in role catalogue tree in other levels.
 +idm.pub.app.show.roleCatalogue.tree.pagination.node.size=25
 +# Number of items (pagination) in tree node structure in root level.
 +idm.pub.app.show.treeNode.tree.pagination.root.size=50
 +# Number of items (pagination) in tree node structure in other levels.
 +idm.pub.app.show.treeNode.tree.pagination.node.size=50
 # Available size options for tables in frontend application # Available size options for tables in frontend application
 idm.pub.app.show.sizeOptions=10, 25, 50, 100 idm.pub.app.show.sizeOptions=10, 25, 50, 100
Line 87: Line 95:
 # Number of selected record is shown in drop down select header. # Number of selected record is shown in drop down select header.
 idm.pub.app.show.table.quickButton.menuIncluded=true idm.pub.app.show.table.quickButton.menuIncluded=true
-show default form for newly created user  +Show default form for newly created user. 
-default form can be disabled => at least one configured form projection is needed+Default form can be disabled => at least one configured form projection is needed.
 idm.pub.app.show.identity.formProjection.default=true idm.pub.app.show.identity.formProjection.default=true
 # If is true, then role-request description will be show on the detail. # If is true, then role-request description will be show on the detail.
Line 97: Line 105:
 # Private properties - used on backend only. # Private properties - used on backend only.
 # #
-create demo data at application start+Create demo data at application start.
 idm.sec.core.demo.data.enabled=true idm.sec.core.demo.data.enabled=true
-demo data was created - prevent to create demo data duplicitly+Demo data was created - prevent to create demo data duplicitly.
 idm.sec.core.demo.data.created=false idm.sec.core.demo.data.created=false
 # Create init data at application start. Init data (product provided roles) are updated automatically with pruct updates. # Create init data at application start. Init data (product provided roles) are updated automatically with pruct updates.
Line 608: Line 616:
  
 ==== Bulk actions ==== ==== Bulk actions ====
 +
 +@since 10.6.0
  
 In the application profile (''application.properties'') - overloadable via ''ConfigurationService''. In the application profile (''application.properties'') - overloadable via ''ConfigurationService''.
Line 685: Line 695:
  
 <code properties> <code properties>
-# Enable / disable check filter is properly registered, when filter is used (by entity and property name). Throw exeption, when unrecognised filter is used.+# Enable / disable check filter is properly registered, when filter is used (by entity and property name).  
 +# Throws exception, when unrecognized filter is used.
 idm.sec.core.filter.check.supported.enabled=true idm.sec.core.filter.check.supported.enabled=true
 +# Check count of values exceeded given maximum. 
 +# Related to database count of query parameters (e.g. Oracle = {@code 1000}, MSSql = {@code 2100}).
 +# Throws exception, when size is exceeded. Set to {@code -1} to disable this check.
 +idm.sec.core.filter.check.size.maximum=500
 </code> </code>
  
Line 785: Line 800:
 This authentication filter reuses SSO authentication filter behavior above (''uid-suffixes'', ''forbidden-uids''), but application administrator can be logged by this filter (identity with ''APP_ADMIN'' authority). This authentication filter reuses SSO authentication filter behavior above (''uid-suffixes'', ''forbidden-uids''), but application administrator can be logged by this filter (identity with ''APP_ADMIN'' authority).
  
 +=== Two-factor authentication ===
 +
 +[[..:..:security:dev:security#two-factor_authentication|Two-factor authentication]] can be configured in the application profile (application.properties) with following properties:
 +
 +<code properties>
 +# Verification secret length
 +totp.secret.length=32
 +# Time Period ~ period to generate new authentication code
 +totp.time.period=30
 +# Time Discrepancy - number of past (but still valid) authentication codes (e.g. when code is sent by notification, then user could need more time to fill it into CzechIdM)
 +totp.time.discrepancy=1
 +
 +</code>
 ==== Backup ==== ==== Backup ====
 If you want to use redeploy and backup for example in agenda (notification templates, scripts), you must define default backup folder. If you want to use redeploy and backup for example in agenda (notification templates, scripts), you must define default backup folder.
Line 790: Line 818:
  
 <code properties> <code properties>
-configuration property for default backup +Configuration property for backup files. 
 +# Configured attachment storage patrh ( see 'idm.sec.core.attachment.storagePath') is used as default.
 idm.sec.core.backups.default.folder.path=/tmp/backup idm.sec.core.backups.default.folder.path=/tmp/backup
 </code> </code>
Line 830: Line 859:
  
 You can disable long polling for all types of entites with use value `false`. You can disable long polling for all types of entites with use value `false`.
 +
 +
  
 ==== Provisioning ==== ==== Provisioning ====
  • by chalupat