User Community Service Desk Downloads
If you can't find the product or version you're looking for, visit support.ataccama.com/downloads

ONE Web Application Configuration

The following properties configure ONE Web Application and are provided either through the Configuration Service User Guide, in the ONE Web Application (mmm-fe) deployment, or in the fe/etc/application.properties file.

In addition, the following properties can be specified for ONE Web Application as well:

General settings

Property Data type Description

server.port

Number

The HTTP port where ONE Web Application is running. Default value: 8023.

Keycloak authentication

Properties Data type Description

ataccama.authentication.keycloak.server-url

String

The URL of the server where Keycloak is running.

Default value: http://localhost:8080/auth.

ataccama.authentication.keycloak.realm

String

The name of the Keycloak realm.

Default value: ataccamaone.

ataccama.authentication.keycloak.token.client-id

String

The client identifier. Used to verify a user’s authorization token and to log in a user.

Default value: one-webapp-token-client.

ataccama.authentication.keycloak.token.secret

String

The secret key of the client. Secret keys can be generated using Keycloak. Used for BASIC and SECRET_JWT strategies.

Default value: one-webapp-token-client-s3cret.

ataccama.authentication.keycloak.token.issuer

String

Specifies the issuer of the JWT token. Typically, Keycloak uses the URL of the realm as the token issuer.

Default value: ${ataccama.authentication.keycloak.server-url}/realms/${ataccama.authentication.keycloak.realm}.

ataccama.authentication.keycloak.token.type

String

The type of client token authentication. Possible values: BASIC, SIGNED_JWT, SECRET_JWT.

Default value: BASIC.

ataccama.authentication.keycloak.token.key-store.file

String

Points to the keystore used for SIGNED_JWT authentication.

ataccama.authentication.keycloak.token.key-store.format

String

The type of the keystore used for SIGNED_JWT authentication. Possible values: JKS, PKCS12.

Default value: JKS.

ataccama.authentication.keycloak.token.key-store.password

String

The password of the keystore used for SIGNED_JWT authentication. Used if the keystore is encrypted.

ataccama.authentication.keycloak.token.key-store.key-alias

String

The private key name specified in the keystore used for SIGNED_JWT authentication.

The default value is the client identifier.

ataccama.authentication.keycloak.token.key-store.key-password

String

The password for recovering the key. Used for SIGNED_JWT authentication if the private key is encrypted.

The default value is the keystore password.

ataccama.authentication.keycloak.admin.enable

Boolean

Enables creating an administration client for Keycloak.

Default value: false.

ataccama.authentication.keycloak.token.token-expiration

String

Specifies for how long the JWT token used for authentication in Keycloak remains valid. Used for SIGNED_JWT and SECRET_JWT authentication strategies.

Default value: 15s. For a full list of accepted units, see Duration units.

ataccama.authentication.keycloak.token.audience

String

The expected recipients of the JWT token. Used for validating the token.

ataccama.authentication.keycloak.token.key-cache-ttl

String

Defines for how long public keys retrieved from Keycloak are cached.

Default value: 5m. For a full list of accepted units, see Duration units.

ataccama.authentication.keycloak.token.key-cache-min-time-between-request

String

Defines the minimum time interval between two requests for retrieving new public keys from Keycloak. This helps prevent Denial-of-Service (DoS) attacks.

Default value: 10s. For a full list of accepted units, see Duration units.

Single sign-on

Property Data type Description `

ataccama.one.webserver.sso.realm

String

The name of the Keycloak realm used for single sign-on (SSO).

Default value: ${ataccama.authentication.keycloak.realm}.

ataccama.one.webserver.sso.base-url

String

The base URL where Keycloak is available. Used as a prefix for other SSO URLs.

Default value: ${ataccama.authentication.keycloak.server-url}.

ataccama.one.webserver.sso.auth-url

String

The URL where users are redirected to provide authentication credentials.

Default value: ${ataccama.one.webserver.sso.base-url}/realms/${ataccama.one.webserver.sso.realm}/protocol/openid-connect/auth.

ataccama.one.webserver.sso.token-url

String

The URL used to obtain authentication tokens from Keycloak.

Default value:`${ataccama.one.webserver.sso.base-url}/realms/${ataccama.one.webserver.sso.realm}/protocol/openid-connect/token`.

ataccama.one.webserver.sso.logout-url

String

The URL used for logging users out.

Default value: ${ataccama.one.webserver.sso.base-url}/realms/${ataccama.one.webserver.sso.realm}/protocol/openid-connect/logout.

ataccama.one.webserver.sso.client-id

String

The client identifier used for verifying user authorization tokens and for logging in.

Default value: one-webapp-public-client.

GraphQL

Property Data type Description

ataccama.one.webserver.backend.mmm.api-url

String

The URL of the GraphQL endpoint that is used by MMM Server.

Default value: http://localhost:8021/graphql.

ataccama.one.webserver.backend.mmm.subscription-url

String

The URL of the subscription endpoint of MMM Server.

Default value: ws://localhost:8021/subscriptions.

ataccama.one.webserver.backend.audit.api-url

String

The URL of the GraphQL endpoint that is used by the Audit module.

Default value: http://localhost:8071/graphql.

logging.filter.on

Boolean

To log requests made to GraphQL endpoints, set to true.

Default value: false.

logging.filter.includeHeaders

Boolean

Defines if logs for GraphQL endpoints store the request’s HTTP headers. To log headers, set the value to true.

Default value: false.

logging.filter.includePayload

Boolean

Defines if logs for GraphQL endpoints store the request’s payload. To log payloads, set the value to true.

Default value: false.

logging.filter.maxPayloadLength

Number

Sets the maximum length of the request’s payload expressed in characters. When the request’s payload exceeds this number, the payload is truncated and logs store only the characters within the limit.

Default value: 50.

logging.filter.includeQueryString

Boolean

Defines if logs for GraphQL endpoints store the query string parameters sent with the request. To log query string parameters, set the value to true.

Default value: false.

logging.filter.includeClientInfo

Boolean

Defines if logs for GraphQL endpoints store information about the client that made the request. To log client information, set the value to true.

Default value: false.

Event storage

Properties Data type Description

ataccama.one.event.storage.frontend.global.create

Boolean

Defines whether the module should create an event storage client for storing UI events for the AI Core. Default value: true.

Accepted units

Duration

Accepted units for time duration are as follows:

  • ns (nanoseconds)

  • us (microseconds)

  • ms (milliseconds)

  • s (seconds)

  • m (minutes)

  • h (hours)

  • d (days)

Was this page useful?