If you can't find the product or version you're looking for, visit support.ataccama.com/downloads

RDM Application Properties

This article is intended to serve as a reference point for RDM configuration. As such, it provides an overview of the available properties and, when applicable, refers users to more comprehensive sources. The properties described here are defined in the rdm/etc/application.properties file.

For each property, you will find information about the required data type, its default value, and a short description. The Mandatory column specifies whether a property is required for the application to run and function as expected.

RDM properties

Use the following properties to configure server settings for RDM, specify the type of the repository, and the path to the license.

Name Data Type Default value Mandatory Description

server.port

Number

8060

Yes

The number of the port where the RDM application is running.

server.servlet.context-path

String

/

Yes

The context path to the RDM application server. It is root by default.

ataccama.one.rdm.id

String

rdm

Yes

The RDM application ID. If not set, canonical_hostname:context_path is used.

ataccama.one.rdm.repository

String

database

Yes

The type of RDM repository. If set to database, the configuration set in the database is used.

ataccama.one.rdm.application.url

String

localhost:8060

Yes

The URL of the RDM application.

The value should not contain the HTTP protocol as it is often reused in some other properties.

ataccama.one.rdm.license-folder

String

/home/user.name/

Yes

The path to the folder that contains the license. By default, the application searches for the license in the home directory of the user.

ataccama.one.rdm.server.url

String

http://localhost:8061

Yes

The URL of the RDM (runtime) server.

ataccama.one.rdm.environment

String

""

The name of the environment used (available values are dev, prod). Can be used as a variable in email templates.

RDM data connection

Use the following properties to configure the connection to the RDM storage database. See Encrypt Passwords for information about how to encrypt passwords.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`ataccama.one.rdm.datasource.rdm-data.url`	String	/	Yes	The URL of the RDM storage database.
`ataccama.one.rdm.datasource.rdm-data.jdbcUrl`	String	/	Yes	The JDBC URL of the RDM storage database.
`ataccama.one.rdm.datasource.rdm-data.username`	String	/	Yes	The username for the RDM storage database.
`ataccama.one.rdm.datasource.rdm-data.password`	String	/	Yes	The password for the RDM storage database.
`ataccama.one.rdm.datasource.rdm-data.driverClassName`	String	/	Yes	The driver class name for the RDM storage database.

ataccama.one.rdm.datasource.rdm-data.url

String

Yes

The URL of the RDM storage database.

ataccama.one.rdm.datasource.rdm-data.jdbcUrl

String

Yes

The JDBC URL of the RDM storage database.

ataccama.one.rdm.datasource.rdm-data.username

String

Yes

The username for the RDM storage database.

ataccama.one.rdm.datasource.rdm-data.password

String

Yes

The password for the RDM storage database.

ataccama.one.rdm.datasource.rdm-data.driverClassName

String

Yes

The driver class name for the RDM storage database.

RDM metadata connection

The following properties configure the connection to the database where RDM metadata is stored. See Encrypt Passwords for information about how to encrypt passwords.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`ataccama.one.rdm.datasource.rdm-repo.url`	String	/	Yes	The URL of the RDM metadata database.
`ataccama.one.rdm.datasource.rdm-repo.jdbcUrl`	String	/	Yes	The JDBC URL of the RDM metadata database.
`ataccama.one.rdm.datasource.rdm-repo.username`	String	/	Yes	The username for the RDM metadata database.
`ataccama.one.rdm.datasource.rdm-repo.password`	String	/	Yes	The password for the RDM metadata database.
`ataccama.one.rdm.datasource.rdm-repo.driverClassName`	String	/	Yes	The driver class name for the RDM metadata database.

ataccama.one.rdm.datasource.rdm-repo.url

String

Yes

The URL of the RDM metadata database.

ataccama.one.rdm.datasource.rdm-repo.jdbcUrl

String

Yes

The JDBC URL of the RDM metadata database.

ataccama.one.rdm.datasource.rdm-repo.username

String

Yes

The username for the RDM metadata database.

ataccama.one.rdm.datasource.rdm-repo.password

String

Yes

The password for the RDM metadata database.

ataccama.one.rdm.datasource.rdm-repo.driverClassName

String

Yes

The driver class name for the RDM metadata database.

Keycloak

The following properties configure Keycloak. See Encrypt Passwords for information about how to encrypt passwords.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`ataccama.authentication.keycloak.server-url`	String	`http://localhost:8080/auth`	Yes	The URL of the server where Keycloak is running.
`ataccama.authentication.keycloak.realm`	String	`ataccamaone`	Yes	The name of the Keycloak realm.
`ataccama.authentication.keycloak.admin.client-id`	String	/	Yes	The client identifier used to verify the admin user’s authorization token.
`ataccama.authentication.keycloak.admin.secret`	String	/	Yes	The secret key of the client identifier for the admin account. Secret keys can be generated using Keycloak. Used by `BASIC` and `SECRET_JWT` strategies.
`ataccama.authentication.keycloak.token.client-id`	String	/	Yes	The client identifier. Used to verify a user’s authorization token and to log in a user.
`ataccama.authentication.keycloak.token.secret`	String	/	Yes	The secret key of the client. Secret keys can be generated using Keycloak. Used for `BASIC` and `SECRET_JWT` strategies.
`ataccama.authentication.keycloak.token.issuer`	String	/	Yes	Specifies the issuer of the JWT token. Typically, Keycloak uses the URL of the realm as the token issuer.
`ataccama.authentication.keycloak.public.client-id`	String	/	Yes	Keycloak public client ID for web application browsing.
`ataccama.client.connection.keycloak.http.enabled`	Boolean	`true`	Yes	Specifies whether the HTTP protocol is being used with Keycloak.
`ataccama.client.connection.keycloak.http.tls.enabled`	Boolean	`false`	Yes	Specifies whether the TLS protocol is being used with Keycloak.
`ataccama.one.rdm.user-synchronization-schedule`	String	/	No	The schedule for automatic synchronization of user or role mapping with Keycloak. The value is a Cron expression that consists of six fields representing, in this order, second, minute, hour, day, month, weekday. For more information, see the official Spring documentation.

ataccama.authentication.keycloak.server-url

String

http://localhost:8080/auth

Yes

The URL of the server where Keycloak is running.

ataccama.authentication.keycloak.realm

String

ataccamaone

Yes

The name of the Keycloak realm.

ataccama.authentication.keycloak.admin.client-id

String

Yes

The client identifier used to verify the admin user’s authorization token.

ataccama.authentication.keycloak.admin.secret

String

Yes

The secret key of the client identifier for the admin account. Secret keys can be generated using Keycloak. Used by BASIC and SECRET_JWT strategies.

ataccama.authentication.keycloak.token.client-id

String

Yes

The client identifier. Used to verify a user’s authorization token and to log in a user.

ataccama.authentication.keycloak.token.secret

String

Yes

The secret key of the client. Secret keys can be generated using Keycloak. Used for BASIC and SECRET_JWT strategies.

ataccama.authentication.keycloak.token.issuer

String

Yes

Specifies the issuer of the JWT token. Typically, Keycloak uses the URL of the realm as the token issuer.

ataccama.authentication.keycloak.public.client-id

String

Yes

Keycloak public client ID for web application browsing.

ataccama.client.connection.keycloak.http.enabled

Boolean

true

Yes

Specifies whether the HTTP protocol is being used with Keycloak.

ataccama.client.connection.keycloak.http.tls.enabled

Boolean

false

Yes

Specifies whether the TLS protocol is being used with Keycloak.

ataccama.one.rdm.user-synchronization-schedule

String

The schedule for automatic synchronization of user or role mapping with Keycloak. The value is a Cron expression that consists of six fields representing, in this order, second, minute, hour, day, month, weekday. For more information, see the official Spring documentation.

SSL

Use these properties to set up SSL.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`server.ssl.enabled`	Boolean	`true`	No	Enables SSL.
`server.ssl.key-store`	String	/	No	The full path to the keystore.
`server.ssl.key-store-password`	String	/	No	The password for decrypting the keystore. Used if the keystore is encrypted (recommended).
`server.ssl.key-password`	String	/	No	The password for the private key. Used if the private key is encrypted.
`server.ssl.trust-store`	String	/	No	The full path to the truststore.
`server.ssl.trust-store-password`	String	/	No	The password for the trusstore. Used if the truststore is encrypted.

server.ssl.enabled

Boolean

true

Enables SSL.

server.ssl.key-store

String

The full path to the keystore.

server.ssl.key-store-password

String

The password for decrypting the keystore. Used if the keystore is encrypted (recommended).

server.ssl.key-password

String

The password for the private key. Used if the private key is encrypted.

server.ssl.trust-store

String

The full path to the truststore.

server.ssl.trust-store-password

String

The password for the trusstore. Used if the truststore is encrypted.

Web application links

The following properties specify the links to other applications.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`ataccama.one.rdm.mdm.link`	String	`http://localhost:8051/`	No	The URL for the MDM link.
`ataccama.one.rdm.catalog.link`	String	`http://localhost:8020`	No	The URL for the link to the catalog (MMM) application.

ataccama.one.rdm.mdm.link

String

http://localhost:8051/

The URL for the MDM link.

ataccama.one.rdm.catalog.link

String

http://localhost:8020

The URL for the link to the catalog (MMM) application.

Logging

The following properties configure logging. Logging levels can also be set via LOG_PATH.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`ataccama.logging.plainTextConsoleAppender`	Boolean	`true`	No	If set to `true`, logs are outputted as plain text in the console.
`ataccama.logging.jsonConsoleAppender`	Boolean	`false`	No	If set to `true`, logs are outputted in JSON format in the console.
`ataccama.logging.plainTextFileAppender`	Boolean	`false`	No	If set to `true`, logs are outputted as plain text in the log file.
`ataccama.logging.jsonFileAppender`	Boolean	`true`	No	If set to `true`, logs are outputted in JSON format in the log file.
`logging.file.path`	String	`${ataccama.path.root}/log`	No	The location of the `log` folder. This value can be updated using the system property `LOG_PATH`, which can be used for further logging configuration.
`logging.level.root`	String	`INFO`	No	The root logging level. Available values are `INFO`, `WARN`, `ERROR`, `DEBUG`, `OFF`.
`logging.level.com.ataccama`	String	`INFO`	No	The logging level for`com.ataccama` packages. Available values are `INFO`, `WARN`, `ERROR`, `DEBUG`.
`logging.level.com.ataccama.rdm`	String	`INFO`	No	The logging level for RDM packages. Available values are `INFO`, `WARN`, `ERROR`, `DEBUG`.

ataccama.logging.plainTextConsoleAppender

Boolean

true

If set to true, logs are outputted as plain text in the console.

ataccama.logging.jsonConsoleAppender

Boolean

false

If set to true, logs are outputted in JSON format in the console.

ataccama.logging.plainTextFileAppender

Boolean

false

If set to true, logs are outputted as plain text in the log file.

ataccama.logging.jsonFileAppender

Boolean

true

If set to true, logs are outputted in JSON format in the log file.

logging.file.path

String

${ataccama.path.root}/log

The location of the log folder. This value can be updated using the system property LOG_PATH, which can be used for further logging configuration.

logging.level.root

String

INFO

The root logging level. Available values are INFO, WARN, ERROR, DEBUG, OFF.

logging.level.com.ataccama

String

INFO

The logging level for`com.ataccama` packages. Available values are INFO, WARN, ERROR, DEBUG.

logging.level.com.ataccama.rdm

String

INFO

The logging level for RDM packages. Available values are INFO, WARN, ERROR, DEBUG.

Endpoints for monitoring

The following properties configure endpoints for monitoring. For more information, see Monitoring Configuration.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`management.endpoints.enabled-by-default`	Boolean	`false`	No	Enables all actuator endpoints. If set to `false`, it is possible to configure individually which endpoints should be enabled.
`management.endpoint.info.enabled`	Boolean	`true`	No	Enables `/info` monitoring endpoint.
`management.endpoint.health.enabled`	Boolean	`true`	No	Enables `/health` monitoring endpoint.
`management.endpoint.prometheus.enabled`	Boolean	`true`	No	Enables `/prometheus` monitoring endpoint.
`management.endpoints.web.exposure.include`	String	`health,info,prometheus`	No	A comma-separated list of exposed actuator endpoints that should provide information about the application. These endpoints track the following: `health` - The health status of the application. `info` - Other information about the application. `prometheus` - Provides all metrics from the application in a format that Prometheus can scrape.
`management.endpoint.health.show-details`	String	`always`	No	Specifies how much information is provided by the `health` monitoring endpoint. The following values are available: `never` - Health details are never displayed to any user. `when-authorized` - Only authorized users have access to health information. `always` - All users can see health details.
`management.endpoint.health.show-components`	String	`always`	No	Specifies how much detail the `health` monitoring endpoint provides about the application components. You can also define which components are shown. The following values are available: `never` - Component information is never displayed to any user. `when-authorized` - Only authorized users have access to information about components. `always` - All users can see component details.
`management.endpoint.health.status.order`	String	`down,out-of-service,reloading,unknown,up`	No	A comma-separated list that determines how the `/health` monitoring endpoint prioritizes application health statuses.
`management.info.git.mode`	String	`full`	No	Configures how much information the `/info` monitoring endpoint retrieves from Git about the application source code repository. To show all available information from the `git.properties` file, set the value to `full`. To display only basic information, such as the name of the branch, the commit identifier, and the time the commit was made, set the value to `simple`.
`management.endpoint.health.probes.enabled`	Boolean	`true`	No	Enables `/health/liveness` and `/health/readiness` endpoints.
`management.endpoint.health.group.liveness.include`	String	`diskSpace,ping`	No	Defines which components are covered by the liveness probe. These components are a subset of `/health` components.
`management.endpoint.health.group.readiness.include`	String	`db`	No	Defines which components are covered by the readiness probe. These components are a subset of `/health` components.
`ataccama.authentication.http.acl.endpoints.prometheus.endpoint-filter`	String	`/actuator/prometheus`	No	Enables ACL-based authentication on the selected endpoint. The same filter can be enabled on other endpoints.
`ataccama.authentication.http.acl.endpoints.prometheus.allowed-roles`	String	`ONE_PLATFORM_MONITORING`	No	Allows access to the endpoint defined in the `endpoint-filter` property for the selected user roles.
`management.metrics.web.server.auto-time-requests`	Boolean	`false`	No	Enables the timing metrics to all Spring endpoints.

management.endpoints.enabled-by-default

Boolean

false

Enables all actuator endpoints. If set to false, it is possible to configure individually which endpoints should be enabled.

management.endpoint.info.enabled

Boolean

true

Enables /info monitoring endpoint.

management.endpoint.health.enabled

Boolean

true

Enables /health monitoring endpoint.

management.endpoint.prometheus.enabled

Boolean

true

Enables /prometheus monitoring endpoint.

management.endpoints.web.exposure.include

String

health,info,prometheus

A comma-separated list of exposed actuator endpoints that should provide information about the application.

These endpoints track the following:

health - The health status of the application.
info - Other information about the application.
prometheus - Provides all metrics from the application in a format that Prometheus can scrape.

management.endpoint.health.show-details

String

always

Specifies how much information is provided by the health monitoring endpoint. The following values are available:

never - Health details are never displayed to any user.
when-authorized - Only authorized users have access to health information.
always - All users can see health details.

management.endpoint.health.show-components

String

always

Specifies how much detail the health monitoring endpoint provides about the application components. You can also define which components are shown. The following values are available:

never - Component information is never displayed to any user.
when-authorized - Only authorized users have access to information about components.
always - All users can see component details.

management.endpoint.health.status.order

String

down,out-of-service,reloading,unknown,up

A comma-separated list that determines how the /health monitoring endpoint prioritizes application health statuses.

management.info.git.mode

String

full

Configures how much information the /info monitoring endpoint retrieves from Git about the application source code repository. To show all available information from the git.properties file, set the value to full. To display only basic information, such as the name of the branch, the commit identifier, and the time the commit was made, set the value to simple.

management.endpoint.health.probes.enabled

Boolean

true

Enables /health/liveness and /health/readiness endpoints.

management.endpoint.health.group.liveness.include

String

diskSpace,ping

Defines which components are covered by the liveness probe. These components are a subset of /health components.

management.endpoint.health.group.readiness.include

String

db

Defines which components are covered by the readiness probe. These components are a subset of /health components.

ataccama.authentication.http.acl.endpoints.prometheus.endpoint-filter

String

/actuator/prometheus

Enables ACL-based authentication on the selected endpoint. The same filter can be enabled on other endpoints.

ataccama.authentication.http.acl.endpoints.prometheus.allowed-roles

String

ONE_PLATFORM_MONITORING

Allows access to the endpoint defined in the endpoint-filter property for the selected user roles.

management.metrics.web.server.auto-time-requests

Boolean

false

Enables the timing metrics to all Spring endpoints.

Static configuration

Use the following properties to set static configuration.

Name Data Type Default value Mandatory Description

ataccama.one.rdm.static-config.username-case-insensitive

Boolean

false

Yes

If set to true, the username is case insensitive.

ataccama.one.rdm.static-config.start-empty

Boolean

false

Yes

If set to true, RDM starts with the default empty configuration. Otherwise, it waits for the user to upload a configuration.

ataccama.one.rdm.static-config.io-mnrefs-strategy

Boolean

DEFAULT

Persistence strategy for storing MN reference values. The following values are available:

DEFAULT (backward compatible and recommended) - Uses full quoting of MN reference values when storing values to the database.
SIMPLE - Uses simplified quoting of the values when possible (for single-key MN reference relationships). This mode is not recommended unless it is required for a specific integration.

Once the value is set, it cannot be changed otherwise the MN reference data would have to be reprocessed.

ataccama.one.rdm.app-login-role

String

RDM

Yes

The name of role that is required to successfully log in to RDM. When not defined, any user can access the application. In such a case a warning is reported to the backend log. If the defined role does not exist in Keycloak, an error is reported to the log and no user can log in to the application.

ataccama.one.rdm.group-regex-filter

String

RDM.*

Yes

Prefix for additional RDM roles with app-login-role. The roles are visible on the Permissions tab.

ataccama.one.rdm.user-regex-filter

String

(^(?!service-account-).*|service-account-.*rdm.*

Applicable from 13.9.3.

Filters RDM service accounts so that technical users not related to RDM are hidden in the web app. If a username matches this regular expression, it is loaded to RDM and shown on the Permissions tab.

If set to "" (empty string), all users are shown.

ataccama.one.rdm.system-group-name

String

RDM_admin

Yes

The system group name for RDM. Users with this role can perform system-related operations and have higher privileges than regular users (for example, they can see all tables).

ataccama.one.rdm.permissions-group-name

String

""

The name of the role with access to the Permissions tab in RDM. When empty, the system-group-name role is used to determine access to the permissions.

spring.datasource.maxActive

Number

20

The maximum number of active connections that can be allocated from the datasource pool at the same time.

spring.datasource.maxIdle

Number

10

The maximum number of connections that should be kept in the pool at all times. Idle connections are checked periodically (if enabled) and connections that have been idle for longer than minEvictableIdleTimeMillis will be released.

spring.datasource.maxWait

Number

-1

The maximum time interval that the pool waits (when there are no available connections) for a connection to be returned before throwing an exception. Expressed in ms. If set to -1, the waiting time is not limited.

Mail settings

The following properties configure mail settings. If workflows are used in the project, these properties are mandatory.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`spring.mail.host`	String	/	No	The hostname of the mail server.
`spring.mail.port`	Number	/	No	The number of the the mail server port.
`spring.mail.username`	String	/	No	The username used to authenticate to the mail server.
`spring.mail.password`	String	/	No	The password used to authenticate to the mail server.
`spring.mail.default-encoding`	String	/	No	The default encoding of the emails.
`spring.mail.properties.mail.transport.protocol`	String	/	No	Specifies the protocol used to send emails.
`spring.mail.properties.mail.smtp.port`	Number	/	No	The number of the SMTP port.
`spring.mail.properties.mail.smtp.auth`	Boolean	/	No	Enables the SMTP authentication.
`spring.mail.properties.mail.smtp.starttls.enable`	Boolean	/	No	Enables STARTTLS for SMTP.
`spring.mail.properties.mail.smtp.starttls.required`	String	/	No	Specifies whether the STARTTLS is required for SMTP.

spring.mail.host

String

The hostname of the mail server.

spring.mail.port

Number

The number of the the mail server port.

spring.mail.username

String

The username used to authenticate to the mail server.

spring.mail.password

String

The password used to authenticate to the mail server.

spring.mail.default-encoding

String

The default encoding of the emails.

spring.mail.properties.mail.transport.protocol

String

Specifies the protocol used to send emails.

spring.mail.properties.mail.smtp.port

Number

The number of the SMTP port.

spring.mail.properties.mail.smtp.auth

Boolean

Enables the SMTP authentication.

spring.mail.properties.mail.smtp.starttls.enable

Boolean

Enables STARTTLS for SMTP.

spring.mail.properties.mail.smtp.starttls.required

String

Specifies whether the STARTTLS is required for SMTP.

Configuration Service client properties

Use these properties to configure the Configuration Service.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`ataccama.config-service.runtime`	String	`mandatory`	Yes	Enables using the Configuration Service. Possible values are `off`, `optional`, `mandatory`. If set to `mandatory`, the module fails when there is an error connecting to the Configuration Service. If set to `off`, the Configuration Service is disabled.
ataccama.grpc.client.channels.configservice.url	String	/	No	The URL of the Configuration Service.
ataccama.authentication.internal.jwt.generator.key	String	/	No	The key generated for internal JWT authentication.

ataccama.config-service.runtime

String

mandatory

Yes

Enables using the Configuration Service. Possible values are off, optional, mandatory.

If set to mandatory, the module fails when there is an error connecting to the Configuration Service. If set to off, the Configuration Service is disabled.

ataccama.grpc.client.channels.configservice.url

String

The URL of the Configuration Service.

ataccama.authentication.internal.jwt.generator.key

String

The key generated for internal JWT authentication.

Client security headers

You can configure RDM Webapp security by adding response headers (security headers) to HTTP responses from the web application.

Name Data Type Default value Mandatory Description

Name	Data Type	Default value	Mandatory	Description
`one.security.header.content-security-policy.connect-src`	String	`self' ${ataccama.authentication.keycloak.server-url}`	No	Specifies allowed connections. We strongly recommend using the default value.
`one.security.header.content-security-policy.script-src`	String	`self' 'unsafe-eval' 'sha256-XI/joSm13E0tRqSDZUO5DZQUbuNxa2lnkOORub88i8U=' 'sha256-7qt6iyJjmGKP6A18nPa5hTNifcr+JTAgPsN9Qpn+QgM='`	No	Specifies allowed script sources. We strongly recommend using the default value.
`one.security.header.content-security-policy.img-src`	String	`self' data:`	No	Specifies allowed image sources. We strongly recommend using the default value.
`internal.encryption.keystore`	String	/	No	The path to the internal keystore.
`internal.encryption.keystore.password`	String	/	No	The password for the internal keystore.
`internal.encryption.keystore.passwordFile`	String	/	No	The path to the password file for the internal keystore.
`properties.encryption.keystore`	String	/	No	The path to the properties keystore.
`properties.encryption.keystore.password`	String	/	No	The password for the properties keystore.
`properties.encryption.keystore.passwordFile`	String	/	No	The path to the password file for the properties keystore.
`one.security.header.X-Frame-Options`	String	`deny`	No	Protects against clickjacking. If set to `deny`, iframes are disabled.
`one.security.header.X-Permitted-Cross-Domain-Policies`	String	`none`	No	Specifies if cross-domain requests from Flash and PDF documents are allowed.
`one.security.header.Referrer-Policy:`	String	`strict-origin`	No	Defines how much referrer information (sent with the Referer header) should be included with requests. If set to `strict-origin`, only the origin is sent.
`one.security.header.X-XSS-Protection`	String	`1; mode=block`	No	Protects against cross-site scripting attacks. If set to `block`, the page does not load when an attack is detected.
`one.security.header.X-Content-Type-Options`	String	`nosniff`	No	Protects against MIME sniffing.

one.security.header.content-security-policy.connect-src

String

self' ${ataccama.authentication.keycloak.server-url}

Specifies allowed connections. We strongly recommend using the default value.

one.security.header.content-security-policy.script-src

String

self' 'unsafe-eval' 'sha256-XI/joSm13E0tRqSDZUO5DZQUbuNxa2lnkOORub88i8U=' 'sha256-7qt6iyJjmGKP6A18nPa5hTNifcr+JTAgPsN9Qpn+QgM='

Specifies allowed script sources. We strongly recommend using the default value.

one.security.header.content-security-policy.img-src

String

self' data:

Specifies allowed image sources. We strongly recommend using the default value.

internal.encryption.keystore

String

The path to the internal keystore.

internal.encryption.keystore.password

String

The password for the internal keystore.

internal.encryption.keystore.passwordFile

String

The path to the password file for the internal keystore.

properties.encryption.keystore

String

The path to the properties keystore.

properties.encryption.keystore.password

String

The password for the properties keystore.

properties.encryption.keystore.passwordFile

String

The path to the password file for the properties keystore.

one.security.header.X-Frame-Options

String

deny

Protects against clickjacking. If set to deny, iframes are disabled.

one.security.header.X-Permitted-Cross-Domain-Policies

String

none

Specifies if cross-domain requests from Flash and PDF documents are allowed.

one.security.header.Referrer-Policy:

String

strict-origin

Defines how much referrer information (sent with the Referer header) should be included with requests. If set to strict-origin, only the origin is sent.

one.security.header.X-XSS-Protection

String

1; mode=block

Protects against cross-site scripting attacks. If set to block, the page does not load when an attack is detected.

one.security.header.X-Content-Type-Options

String

nosniff

Protects against MIME sniffing.

Was this page useful?