If you can't find the product or version you're looking for, visit support.ataccama.com/downloads

MDM Server Application Properties

This article is intended to serve as a reference point for MDM server configuration. As such, it provides an overview of the available properties and, when applicable, refers users to more comprehensive sources. The properties described here are defined in the mdm-server/etc/application.properties file. For each property, you will find information about the required data type, its default value, and a short description. The Mandatory column specifies whether a property is required for the application to run and function as expected.

MDM Solution Configuration

The following properties point to files containing additional MDM settings. The paths are relative to the mdm.serverConfig file.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.one.mdm.mda.config-file`	String	`mda-config.xml`	Yes	The path to the MDM Web App configuration file (see mdm-web-app-backend-component.adoc).
`ataccama.one.mdm.nme.config-file`	String	`nme-config.xml`	Yes	The path to the MDM Engine configuration file (see MDM Engine Configuration File).
`ataccama.one.mdm.dqit.config-file`	String	`issue_management/config.xml`	Yes	The path to the DQIT configuration file.

ataccama.one.mdm.mda.config-file

String

mda-config.xml

Yes

The path to the MDM Web App configuration file (see mdm-web-app-backend-component.adoc).

ataccama.one.mdm.nme.config-file

String

nme-config.xml

Yes

The path to the MDM Engine configuration file (see MDM Engine Configuration File).

ataccama.one.mdm.dqit.config-file

String

issue_management/config.xml

Yes

The path to the DQIT configuration file.

User Settings Configuration

You can configure how and where MDM Web App user settings are stored. User settings include, for example, which columns users have chosen not to display, filter settings, column width settings, and others.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.one.mdm.user-settings.type`	String	`jdbc`	Yes	`inmemory` - When the in-memory persistence is used, user settings are stored in the web server memory and are lost on server restart. `jdbc` - When the database persistence is used, users settings are permanently stored in a database. The component creates all the necessary tables when the server is started for the first time.
`ataccama.one.mdm.user-settings.datasource`	String	`mdc_db`	Yes	The name of the database.
`ataccama.one.mdm.user-settings.table-prefix`	String	`us_`	Yes	The tables created by the server have this prefix to distinguish them from other tables in the database.

ataccama.one.mdm.user-settings.type

String

jdbc

Yes

inmemory - When the in-memory persistence is used, user settings are stored in the web server memory and are lost on server restart.
jdbc - When the database persistence is used, users settings are permanently stored in a database. The component creates all the necessary tables when the server is started for the first time.

ataccama.one.mdm.user-settings.datasource

String

mdc_db

Yes

The name of the database.

ataccama.one.mdm.user-settings.table-prefix

String

us_

Yes

The tables created by the server have this prefix to distinguish them from other tables in the database.

MDM Features

Use these properties to configure specific MDM features and specify links to other applications.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.one.mdm.ai-matching.enabled`	Boolean	`false`	No	Enables AI Matching in MDM Web App.
`ataccama.client.connection.ai.host`	String	`localhost`	No	The IP address or the hostname of the server where AI Matching microservices are running.
`ataccama.client.connection.ai.grpc.port`	String	`8640`	No	The number of the AI Matching gRPC port.
`ataccama.one.mdm.mmm.enabled`	Boolean	`false`	No	Enables the communication between MDM and Metadata Management Module (MMM). If set to `true`, the Glossary button and the link to ONE in MDM Web App navigation are shown.
`ataccama.one.mdm.mmm.server-url`	String	`localhost:8021`	No	The URL for MMM (`mmm-be`).
`ataccama.one.mdm.mmm.webapp-url`	String	`localhost:8020`	No	The URL to the ONE Web Application (accessible from the left navigation panel).
`ataccama.one.mdm.mmm.cleaning-period`	String	`24`	No	Defines how often the MMM node structure is updated. Accepted units: `ns` (nanoseconds), us `(microseconds), `ms `(milliseconds), `s (seconds), `m` (minutes), `h` (hours), `d` (days). If not specified, the unit is `h`.
`ataccama.one.mdm.rdm.webapp-url`	Number	`8060`	No	The URL shown as the RDM link in the MDM Web App navigation.
`ataccama.one.mdm.notifications.enabled`	Boolean	`true`	No	Enables MDM notifications.
`ataccama.one.mdm.dqit.enabled `	Boolean	`true`	No	Enables DQIT.

ataccama.one.mdm.ai-matching.enabled

Boolean

false

Enables AI Matching in MDM Web App.

ataccama.client.connection.ai.host

String

localhost

The IP address or the hostname of the server where AI Matching microservices are running.

ataccama.client.connection.ai.grpc.port

String

8640

The number of the AI Matching gRPC port.

ataccama.one.mdm.mmm.enabled

Boolean

false

Enables the communication between MDM and Metadata Management Module (MMM). If set to true, the Glossary button and the link to ONE in MDM Web App navigation are shown.

ataccama.one.mdm.mmm.server-url

String

localhost:8021

The URL for MMM (mmm-be).

ataccama.one.mdm.mmm.webapp-url

String

localhost:8020

The URL to the ONE Web Application (accessible from the left navigation panel).

ataccama.one.mdm.mmm.cleaning-period

String

24

Defines how often the MMM node structure is updated. Accepted units: ns (nanoseconds), us `(microseconds), `ms `(milliseconds), `s (seconds), m (minutes), h (hours), d (days). If not specified, the unit is h.

ataccama.one.mdm.rdm.webapp-url

Number

8060

The URL shown as the RDM link in the MDM Web App navigation.

ataccama.one.mdm.notifications.enabled

Boolean

true

Enables MDM notifications.

`ataccama.one.mdm.dqit.enabled `

Boolean

true

Enables DQIT.

Keycloak Configuration

The following properties configure Keycloak. See 13.5.0@one-runtime-server:ROOT:encrypting-passwords.adoc for information about how to encrypt passwords.

Name Data type Default Value Mandatory Description

ataccama.authentication.keycloak.realm

String

ataccamaone

Yes

The name of the Keycloak realm.

ataccama.authentication.keycloak.base-url

String

localhost:8083

Yes

The Keycloak base URL.

Do not use / in the end of the URL.

ataccama.authentication.keycloak.server-url

String

${ataccama.authentication.keycloak.base-url}/auth

Yes

The URL of the server where Keycloak is running.

ataccama.authentication.keycloak.admin.client-id

String

mdm-admin-client

Yes

The client identifier used to verify the admin user authorization token.

ataccama.authentication.keycloak.admin.secret

String

mdm-admin-client-s3cret

Yes

The secret key of the client identifier for the admin account. Secret keys can be generated using Keycloak. Used by BASIC and SECRET_JWT strategies.

ataccama.authentication.keycloak.token.client-id

String

mdm-token-client

Yes

The client identifier. Used to verify a user authorization token and to log in a user.

ataccama.authentication.keycloak.token.secret

String

mdm-token-client-s3cret

Yes

The secret key of the client. Secret keys can be generated using Keycloak. Used by BASIC and SECRET_JWT strategies.

ataccama.authentication.keycloak.token.issuer

String

${ataccama.authentication.keycloak.server-url}/realms/${ataccama.authentication.keycloak.realm}

Yes

Specifies the issuer of the JWT token. Typically, Keycloak uses the URL of the realm as the token issuer.

SSL

Use these properties to set up SSL.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`server.ssl.enabled`	Boolean	`true`	No	Enables SSL.
`server.ssl.key-store`	String	/	No	The full path to the keystore.
`server.ssl.key-store-password`	String	/	No The password for decrypting the keystore. Used if the keystore is encrypted (recommended).	`server.ssl.key-password`
String	/	No	The password for the private key. Used if the private key is encrypted.	`server.ssl.trust-store`
String	/	No	The full path to the truststore.	`server.ssl.trust-store-password`

server.ssl.enabled

Boolean

true

Enables SSL.

server.ssl.key-store

String

The full path to the keystore.

server.ssl.key-store-password

String

No The password for decrypting the keystore. Used if the keystore is encrypted (recommended).

server.ssl.key-password

String

The password for the private key. Used if the private key is encrypted.

server.ssl.trust-store

String

The full path to the truststore.

server.ssl.trust-store-password

Endpoints for Monitoring

To set up monitoring for MDM, specify the following properties. For more information, see 13.5.0@one:ROOT:configuring-monitoring.adoc.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`management.endpoints.enabled-by-default`	Boolean	`false`	No	Enables all actuator endpoints. If set to `false`, it is possible to configure individually which endpoints should be enabled.
`management.endpoint.info.enabled`	Boolean	`true`	No	Enables`/info` monitoring endpoint.
`management.endpoint.health.enabled`	Boolean	`true`	No	Enables `/health` monitoring endpoint.
`management.endpoint.prometheus.enabled`	Boolean	`true`	No	Enables `/prometheus` monitoring endpoint.
`management.endpoints.web.exposure.include`	String	`health,info,prometheus`	No	A comma-separated list of exposed actuator endpoints that should provide information about the application. These endpoints track the following: `health` - The health status of the application. `info` - Other information about the application. `prometheus` - Provides all metrics from the application in a format that Prometheus can scrape.
`management.endpoint.health.show-details`	String	`always`	No	Specifies how much information is provided by the `health` monitoring endpoint. The following values are available: `never` - Health details are never displayed to any user. `when-authorized` - Only authorized users have access to health information. `always` - All users can see health details.
`management.endpoint.health.show-components`	String	`always`	No	Specifies how much detail the `health` monitoring endpoint provides about the application components. You can also define which components are shown. The following values are available: `never` - Component information is never displayed to any user. `when-authorized` - Only authorized users have access to information about components. `always` - All users can see component details.
`management.endpoint.health.status.order`	String	`down,out-of-service,reloading,unknown,up`	No	A comma-separated list that determines how the `/actuator/health` monitoring endpoint prioritizes application health statuses.
`management.info.git.mode`	String	`full`	No	Configures how much information the `/actuator/info` monitoring endpoint retrieves from Git about the application source code repository. To show all available information from the `git.properties` file, set the value to `full`. To display only basic information, such as the name of the branch, the commit identifier, and the time the commit was made, set the value to `simple`.
`management.endpoint.health.probes.enabled`	Boolean	`true`	No	Enables `/actuator/health/liveness` and `/actuator/health/readiness` endpoints.
`management.endpoint.health.group.liveness.include`	String	`diskSpace,ping`	No	Defines which components are covered by the liveness probe. These components are a subset of `/health` components.
`management.endpoint.health.group.readiness.include`	String	`db`	No	Defines which components are covered by the readiness probe. These components are a subset of `/health` components.
`ataccama.authentication.http.public-endpoint-restriction-filter`	String	/	No	Specifies restricted endpoints that cannot be accessed. Accepts a list of URL patterns as a value.
`ataccama.authentication.http.public-endpoints.<key>.endpoint-filter`	String	`/actuator/health/liveness,/actuator/health/readiness`	No	Specifies public endpoints that are excluded from authentication. Accepts a list of URL patterns as a value. The `<key>` serves for identification only. By default, the key name is `actuator`.
`ataccama.authentication.http.acl.endpoints.<key>.endpoint-filter`	String	`/actuator/info,/actuator/health,/actuator/prometheus`	No	Specifies ACL-secured endpoints. Accepts a list of URL strings (not patterns) as a value. The `<key>` serves for identification only. By default, the key name is `actuator`.
`ataccama.authentication.http.acl.endpoints.<key>.allowed-roles`	String	`ONE_PLATFORM_MONITORING`	No	A comma-separated list of user roles allowed to access the ACL-secured endpoints. The `<key>` serves for identification only. By default, the key name is `actuator`.
`management.metrics.web.server.request.autotime.enabled`	Boolean	`false`	No	Enables timing metrics to all Spring endpoints.

management.endpoints.enabled-by-default

Boolean

false

Enables all actuator endpoints. If set to false, it is possible to configure individually which endpoints should be enabled.

management.endpoint.info.enabled

Boolean

true

Enables`/info` monitoring endpoint.

management.endpoint.health.enabled

Boolean

true

Enables /health monitoring endpoint.

management.endpoint.prometheus.enabled

Boolean

true

Enables /prometheus monitoring endpoint.

management.endpoints.web.exposure.include

String

health,info,prometheus

A comma-separated list of exposed actuator endpoints that should provide information about the application. These endpoints track the following:

health - The health status of the application.
info - Other information about the application.
prometheus - Provides all metrics from the application in a format that Prometheus can scrape.

management.endpoint.health.show-details

String

always

Specifies how much information is provided by the health monitoring endpoint. The following values are available:

never - Health details are never displayed to any user.
when-authorized - Only authorized users have access to health information.
always - All users can see health details.

management.endpoint.health.show-components

String

always

Specifies how much detail the health monitoring endpoint provides about the application components. You can also define which components are shown. The following values are available:

never - Component information is never displayed to any user.
when-authorized - Only authorized users have access to information about components.
always - All users can see component details.

management.endpoint.health.status.order

String

down,out-of-service,reloading,unknown,up

A comma-separated list that determines how the /actuator/health monitoring endpoint prioritizes application health statuses.

management.info.git.mode

String

full

Configures how much information the /actuator/info monitoring endpoint retrieves from Git about the application source code repository. To show all available information from the git.properties file, set the value to full. To display only basic information, such as the name of the branch, the commit identifier, and the time the commit was made, set the value to simple.

management.endpoint.health.probes.enabled

Boolean

true

Enables /actuator/health/liveness and /actuator/health/readiness endpoints.

management.endpoint.health.group.liveness.include

String

diskSpace,ping

Defines which components are covered by the liveness probe. These components are a subset of /health components.

management.endpoint.health.group.readiness.include

String

db

Defines which components are covered by the readiness probe. These components are a subset of /health components.

ataccama.authentication.http.public-endpoint-restriction-filter

String

Specifies restricted endpoints that cannot be accessed. Accepts a list of URL patterns as a value.

ataccama.authentication.http.public-endpoints.<key>.endpoint-filter

String

/actuator/health/liveness,/actuator/health/readiness

Specifies public endpoints that are excluded from authentication. Accepts a list of URL patterns as a value. The <key> serves for identification only. By default, the key name is actuator.

ataccama.authentication.http.acl.endpoints.<key>.endpoint-filter

String

/actuator/info,/actuator/health,/actuator/prometheus

Specifies ACL-secured endpoints. Accepts a list of URL strings (not patterns) as a value. The <key> serves for identification only. By default, the key name is actuator.

ataccama.authentication.http.acl.endpoints.<key>.allowed-roles

String

ONE_PLATFORM_MONITORING

A comma-separated list of user roles allowed to access the ACL-secured endpoints. The <key> serves for identification only. By default, the key name is actuator.

management.metrics.web.server.request.autotime.enabled

Boolean

false

Enables timing metrics to all Spring endpoints.

MDM HTTP Server

The following properties configure the MDM HTTP server.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.server.http.default.port`	Number	`8051`	Yes	The number of the default server port.
`ataccama.server.http.{listener_name}.path.exclude`	String	/	No	Specifies the paths that are not available on the defined listener port.
`ataccama.server.http.{listener_name}.path.include`	String	/	No	Specifies the paths available on the defined port (for example, HA Admin Console, see ha-admin-console.adoc, or REST API, see REST API).
`ataccama.server.http.{listener_name}.port`	Number	/	No	Defines the port for other added custom listener.

ataccama.server.http.default.port

Number

8051

Yes

The number of the default server port.

ataccama.server.http.{listener_name}.path.exclude

String

Specifies the paths that are not available on the defined listener port.

ataccama.server.http.{listener_name}.path.include

String

Specifies the paths available on the defined port (for example, HA Admin Console, see ha-admin-console.adoc, or REST API, see REST API).

ataccama.server.http.{listener_name}.port

Number

Defines the port for other added custom listener.

HA Configuration

To enable high availability (HA) mode, specify the following properties. For more information about HA, see mdm-high-availability-overview.adoc.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.one.mdm.ha.load-balancer.port`	Number	`8058`	No	The number of the port where the HA load balancer is running.
`ataccama.one.mdm.ha.local-target-server.name`	String	`default`	No	The name of the server where the MDM server instance is running.

ataccama.one.mdm.ha.load-balancer.port

Number

8058

The number of the port where the HA load balancer is running.

ataccama.one.mdm.ha.local-target-server.name

String

default

The name of the server where the MDM server instance is running.

AI Core setup

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.one.platform.deployments.ai.uri`	String	`localhost:8640`	Yes	The number of the port where AI Matching microservices are running.
`ataccama.one.platform.deployments.ai.name`	String	`AI deployment`
`ataccama.one.platform.deployments.ai.module`	String	`ai`	Yes	The name of the module type.
`ataccama.one.platform.deployments.ai.environment`	String	`dev`	Yes	The name of the environment.
`ataccama.one.platform.deployments.ai.security.jwt-keys.key1.name`	String	`AI`	Yes	The name of the public key.
`ataccama.one.platform.deployments.ai.security.jwt-keys.key1.fingerprint`	String	/	Yes	The key identifier (`kid`) value from the file containing the Public and Private Keypair.
`ataccama.one.platform.deployments.ai.security.jwt-keys.key1.content`	String	/	Yes	The value of the public key. Must use JSON syntax and be provided on a single line.
`ataccama.one.platform.deployments.ai.security.jwt-keys.key1.isRevoked`	Boolean	`false`	Yes	Specifies if the public key is valid. If set to `true`, the key is rejected.
`ataccama.one.platform.deployments.ai.security.roles`	String	`IMPERSONATION`	Yes	The user role used to create the service identity during authentication.

ataccama.one.platform.deployments.ai.uri

String

localhost:8640

Yes

The number of the port where AI Matching microservices are running.

ataccama.one.platform.deployments.ai.name

String

AI deployment

ataccama.one.platform.deployments.ai.module

String

ai

Yes

The name of the module type.

ataccama.one.platform.deployments.ai.environment

String

dev

Yes

The name of the environment.

ataccama.one.platform.deployments.ai.security.jwt-keys.key1.name

String

AI

Yes

The name of the public key.

ataccama.one.platform.deployments.ai.security.jwt-keys.key1.fingerprint

String

Yes

The key identifier (kid) value from the file containing the Public and Private Keypair.

ataccama.one.platform.deployments.ai.security.jwt-keys.key1.content

String

Yes

The value of the public key. Must use JSON syntax and be provided on a single line.

ataccama.one.platform.deployments.ai.security.jwt-keys.key1.isRevoked

Boolean

false

Yes

Specifies if the public key is valid. If set to true, the key is rejected.

ataccama.one.platform.deployments.ai.security.roles

String

IMPERSONATION

Yes

The user role used to create the service identity during authentication.

DPM Setup

If your product suite includes ONE, configure DPM using the following properties. The JWT secret and the accompanying properties for DPM that are used for communication with ONE can be found in the /opt/ataccama/one/mmm-backend/etc/application.properties configuration file. If you want to generate a new key for the connection between DPM and MDM, follow the instructions in 13.5.0@one:ROOT:generate-jwt-keys.adoc.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.one.platform.deployments.dpm.uri`	String	`localhost:8031`	No	The number of the port where DPM is running.
`ataccama.one.platform.deployments.dpm.name`	String	`MMM`
`ataccama.one.platform.deployments.dpm.module`	String	`dpm`	No	The name of the module type.
`ataccama.one.platform.deployments.dpm.environment`	String	`dev`	No	The name of the environment.
`ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.name`	String	`dpm`	No	The name of the public key.
`ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.fingerprint`	String	/	No	The key identifier (`kid`) value from the file containing the Public and Private Keypair.
`ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.content`	String	/	No	The value of the public key. The value must use JSON syntax and be provided on a single line.
`ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.isRevoked`	Boolean	`false`	No	Specifies if the public key is valid. If set to `true`, the key is rejected.
`ataccama.one.platform.deployments.dpm.security.roles`	String	`IMPERSONATION`	No	The user role used to create the service identity during authentication.

ataccama.one.platform.deployments.dpm.uri

String

localhost:8031

The number of the port where DPM is running.

ataccama.one.platform.deployments.dpm.name

String

MMM

ataccama.one.platform.deployments.dpm.module

String

dpm

The name of the module type.

ataccama.one.platform.deployments.dpm.environment

String

dev

The name of the environment.

ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.name

String

dpm

The name of the public key.

ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.fingerprint

String

The key identifier (kid) value from the file containing the Public and Private Keypair.

ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.content

String

The value of the public key. The value must use JSON syntax and be provided on a single line.

ataccama.one.platform.deployments.dpm.security.jwt-keys.key1.isRevoked

Boolean

false

Specifies if the public key is valid. If set to true, the key is rejected.

ataccama.one.platform.deployments.dpm.security.roles

String

IMPERSONATION

The user role used to create the service identity during authentication.

MDM gRPC Server

The following property configures the MDM gRPC server.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.server.grpc.port`	Number	`8551`	Yes	The number of the port where the gRPC server is running. Authentication depends on the Keycloak configuration.

ataccama.server.grpc.port

Number

8551

Yes

The number of the port where the gRPC server is running. Authentication depends on the Keycloak configuration.

Configuration Service

The following property sets whether the Configuration Service is used.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.config-service.runtime`	String	`off`	Yes	Enables using the Configuration Service. Valid values: `off`, `optional`, `mandatory`. If set to `mandatory`, the module fails when there is an error connecting to the Configuration Service.

ataccama.config-service.runtime

String

off

Yes

Enables using the Configuration Service. Valid values: off, optional, mandatory. If set to mandatory, the module fails when there is an error connecting to the Configuration Service.

Service Private Key

Provide the service private key for MDM using the following property. The key must be set if your instance uses any of the following modules: Configuration Service, AI Matching, ONE Platform.

Name Data Type Default Value Mandatory Description

Name	Data Type	Default Value	Mandatory	Description
`ataccama.authentication.internal.jwt.generator.key`	String	/	No	The key generated for internal JWT authentication.

ataccama.authentication.internal.jwt.generator.key

String

The key generated for internal JWT authentication.

Was this page useful?