Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:application_configuration:dev:backend [2019/02/14 12:56]
tomiskar [Attachment storage] 		devel:documentation:application_configuration:dev:backend [2019/06/11 05:43]
tomiskar [Application/ Server]
Line 75: Line 75:
 <code properties> <code properties>
 # Application stage (development, test, production (default)) # Application stage (development, test, production (default))
 +#
 +# Public properties - available for frontend without authentication (show information about app, decorators etc.).
 +#
 +# Application stage - development, test, production
 idm.pub.app.stage= idm.pub.app.stage=
 # Application instance / server id - is used for scheduler etc. # Application instance / server id - is used for scheduler etc.
 # Should be defined in property file only # Should be defined in property file only
 idm.pub.app.instanceId=idm-primary idm.pub.app.instanceId=idm-primary
-# Enable forest index for tree structures 
-idm.sec.app.forest.index.enabled=true 
 # global date format on BE. Used in notification templates, logs, etc. FE uses localization key 'core:format.date'. # global date format on BE. Used in notification templates, logs, etc. FE uses localization key 'core:format.date'.
 idm.pub.app.format.date=dd.MM.yyyy idm.pub.app.format.date=dd.MM.yyyy
 # global datetime format on BE. Used in notification templates, logs, etc. FE uses localization key 'core:format.datetime'. # global datetime format on BE. Used in notification templates, logs, etc. FE uses localization key 'core:format.datetime'.
 idm.pub.app.format.datetime=dd.MM.yyyy HH:mm idm.pub.app.format.datetime=dd.MM.yyyy HH:mm
 +# Show identifiers (uuid) in frontend application. Empty value by default => identifier is shown, when application 'idm.pub.app.stage' is set to 'development'.
 +idm.pub.app.show.id=
 +# Show transaction identifiers (uuid) in frontend application 
 +idm.pub.app.show.transactionId=false
 +#
 +# Private properties - used on backend only.
 +#
 # create demo data at application start # create demo data at application start
 idm.sec.core.demo.data.enabled=true idm.sec.core.demo.data.enabled=true
 # demo data was created - prevent to create demo data duplicitly # demo data was created - prevent to create demo data duplicitly
 idm.sec.core.demo.data.created=false idm.sec.core.demo.data.created=false
 +# Enable forest index for tree structures
 +idm.sec.app.forest.index.enabled=true
 </code> </code>
  
Line 402: Line 413:
 # Thread priority for threads in event executor pool - 5 by default (normal). # Thread priority for threads in event executor pool - 5 by default (normal).
 scheduler.task.executor.threadPriority= scheduler.task.executor.threadPriority=
-# Event queue processing period (ms). Default 1000ms+# Event queue processing period (ms). Period to read prepared (~created) asynchronous entity events from queue.  
-scheduler.event.queue.process=1000+# Events are processed in batch configured by property 'idm.sec.core.event.asynchronous.batchSize'. If you events are processed quickly (~provisioning on your environment is quick), then batch size can be higher or this property can be lower. 
 +Default 500ms
 +scheduler.event.queue.process=500
 # Event executor core pool size. Uses CPU count + 1 as default. # Event executor core pool size. Uses CPU count + 1 as default.
 scheduler.event.executor.corePoolSize= scheduler.event.executor.corePoolSize=
Line 410: Line 423:
 # When queueCapacity is full, then new threads are created from corePoolSize to maxPoolSize. # When queueCapacity is full, then new threads are created from corePoolSize to maxPoolSize.
 scheduler.event.executor.maxPoolSize= scheduler.event.executor.maxPoolSize=
-# Waiting events to be processed. Uses 1000 as default - prevent to prepare events repetitively and use additional threads till maxPoolSize. {@link LinkedBlockingQueue} is used for queue => capacity is initialized dynamically.+# Waiting events to be processed. Uses 50 as default - prevent to prepare events repetitively and use additional threads till maxPoolSize. {@link LinkedBlockingQueue} is used for queue => capacity is initialized dynamically.
 # {@link AbotrPolicy} is set for rejected tasks. # {@link AbotrPolicy} is set for rejected tasks.
-scheduler.event.executor.queueCapacity=1000+scheduler.event.executor.queueCapacity=50
 # Thread priority for threads in event executor pool - 6 by default (a little higher priority than normal 5). # Thread priority for threads in event executor pool - 6 by default (a little higher priority than normal 5).
 scheduler.event.executor.threadPriority=6 scheduler.event.executor.threadPriority=6
Line 516: Line 529:
 # Asynchronous events will be executed on server instance with id. Default is the same as {@link ConfigurationService#getInstanceId()} (current server instance). # Asynchronous events will be executed on server instance with id. Default is the same as {@link ConfigurationService#getInstanceId()} (current server instance).
 idm.sec.core.event.asynchronous.instanceId= idm.sec.core.event.asynchronous.instanceId=
 +# Asynchronous events will be executed in batch - batch will be split for event with HIGH / NORMAL priority in 70% HIGH / 30% NORMAL.
 +# If you events are processed quickly (~provisioning on your environment is quick), then batch size can be higher (in combination with higher 'scheduler.event.queue.process' property).
 +idm.sec.core.event.asynchronous.batchSize=15
 </code> </code>
  
Line 564: Line 580:
 # In the request to create new role is also used. # In the request to create new role is also used.
 idm.sec.core.wf.approval.role-change.role= idm.sec.core.wf.approval.role-change.role=
 +#
 +# Default main WF for approve all roles.
 +idm.sec.core.processor.role-request-approval-processor.wf=approve-identity-change-permissions
 </code> </code>
  
Line 711: Line 730:
 # - Default value is 'true' # - Default value is 'true'
 idm.sec.acc.provisioning.allowedAutoMappingOnExistingAccount=true idm.sec.acc.provisioning.allowedAutoMappingOnExistingAccount=true
 +</code>
 +
 +==== Provisioning global break ====
 +<note tip>For enable global provisioning break you must set configurations properties defined below, otherwise global provisioning break will not be active.</note>
 +
 +<code properties>
 +# Global break for update disabled/enabled (values: true/false)
 +idm.sec.acc.provisioning.break.update.disabled
 +# Global break for update checked period (integer values)
 +idm.sec.acc.provisioning.break.update.period
 +# Global break for update disable limit (integer values)
 +idm.sec.acc.provisioning.break.update.disableLimit
 +# Global break for update disabled template (ID of template, if will by null default template will be used)
 +idm.sec.acc.provisioning.break.update.templateDisable
 +# Global break for update warning limit (integer values)
 +idm.sec.acc.provisioning.break.update.warningLimit
 +# Global break for update warning template (ID of template, if will by null default template will be used)
 +idm.sec.acc.provisioning.break.update.templateWarning
 +# Global break for update. Existing identity recipients (identity username or id, split by ',')
 +idm.sec.acc.provisioning.break.update.identityRecipients
 +# Global break for update. Recipient will be solved as identities that has assigned defined role/s (role code or id, split by ',')
 +idm.sec.acc.provisioning.break.update.roleRecipients
 +#
 +#
 +# Global break for create disabled/enabled (values: true/false)
 +idm.sec.acc.provisioning.break.create.disabled
 +# Global break for create checked period (integer values)
 +idm.sec.acc.provisioning.break.create.period
 +# Global break for create disable limit (integer values)
 +idm.sec.acc.provisioning.break.create.disableLimit
 +# Global break for create disabled template (ID of template, if will by null default template will be used)
 +idm.sec.acc.provisioning.break.create.templateDisable
 +# Global break for create warning limit (integer values)
 +idm.sec.acc.provisioning.break.create.warningLimit
 +# Global break for create warning template (ID of template, if will by null default template will be used)
 +idm.sec.acc.provisioning.break.create.templateWarning
 +# Global break for create. Existing identity recipients (identity username or id, split by ',')
 +idm.sec.acc.provisioning.break.create.identityRecipients
 +# Global break for create. Recipient will be solved as identities that has assigned defined role/s (role code or id, split by ',')
 +idm.sec.acc.provisioning.break.create.roleRecipients
 +#
 +#
 +#
 +# Global break for delete disabled/enabled (values: true/false)
 +idm.sec.acc.provisioning.break.delete.disabled
 +# Global break for delete checked period (integer values)
 +idm.sec.acc.provisioning.break.delete.period
 +# Global break for delete disable limit (integer values)
 +idm.sec.acc.provisioning.break.delete.disableLimit
 +# Global break for delete disabled template (ID of template, if will by null default template will be used)
 +idm.sec.acc.provisioning.break.delete.templateDisable
 +# Global break for delete warning limit (integer values)
 +idm.sec.acc.provisioning.break.delete.warningLimit
 +# Global break for delete warning template (ID of template, if will by null default template will be used)
 +idm.sec.acc.provisioning.break.delete.templateWarning
 +# Global break for delete. Existing identity recipients (identity username or id, split by ',')
 +idm.sec.acc.provisioning.break.delete.identityRecipients
 +# Global break for delete. Recipient will be solved as identities that has assigned defined role/s (role code or id, split by ',')
 +idm.sec.acc.provisioning.break.delete.roleRecipients
 </code> </code>
  
  • by chalupat