RDM Application Properties
This article is intended to serve as a reference point for RDM configuration.
As such, it provides an overview of the available properties and, when applicable, refers users to more comprehensive sources.
The properties described here are defined in the rdm/etc/application.properties
file.
For each property, you will find information about the required data type, its default value, and a short description. The Mandatory column specifies whether a property is required for the application to run and function as expected.
RDM properties
Use the following properties to configure server settings for RDM, specify the type of the repository, and the path to the license.
Name | Data type | Default value | Mandatory | Description | ||
---|---|---|---|---|---|---|
|
Number |
|
Yes |
The number of the port where the RDM application is running. |
||
|
String |
|
Yes |
The context path to the RDM application server.
It is |
||
|
String |
|
No |
The RDM application ID.
If not set, |
||
|
String |
|
Yes |
The type of RDM repository.
If set to |
||
|
String |
|
Yes |
The URL of the RDM application.
|
||
|
String |
|
Yes |
The path to the folder that contains the license. By default, the application searches for the license in the home directory of the user. |
||
|
String |
|
Yes |
The URL of the RDM (runtime) server. |
||
|
String |
|
No |
The name of the environment used (available values are |
||
|
Number |
|
No |
The maximum size of the project configuration file that can be imported to RDM. Expressed in kilobytes. |
||
|
Boolean |
|
No |
If set to If selected, the configuration and the available data are deleted and the application is restarted in the default state (that is, without any data or configuration). As such, it is particularly useful for Custom Cloud non-production environments. |
RDM data connection
Use the following properties to configure the connection to the RDM storage database. See Encrypt Passwords for information about how to encrypt passwords.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
String |
/ |
Yes |
The URL of the RDM storage database. |
|
String |
/ |
Yes |
The JDBC URL of the RDM storage database. |
|
String |
/ |
Yes |
The username for the RDM storage database. |
|
String |
/ |
Yes |
The password for the RDM storage database. |
|
String |
/ |
Yes |
The driver class name for the RDM storage database. |
|
Boolean |
|
No |
When set to |
|
String |
|
No |
Timeout for database connection attempts in seconds. |
|
String |
|
No |
Interval between connection attempts in seconds. |
Optimize PostgreSQL database performance
To optimize the performance of the PostgreSQL database and improve the speed at which RDM is able to import tables, apply the following settings to your PostgreSQL instance:
ALTER DATABASE rdm SET work_mem = '50MB';
ALTER DATABASE rdm SET enable_nestloop to 'off';
ALTER DATABASE rdm SET maintenance_work_mem to '500MB';
This applies to self-managed deployments. No action is required for cloud environments.
RDM metadata connection
The following properties configure the connection to the database where RDM metadata is stored. See Encrypt Passwords for information about how to encrypt passwords.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
String |
/ |
Yes |
The URL of the RDM metadata database. |
|
String |
/ |
Yes |
The JDBC URL of the RDM metadata database. |
|
String |
/ |
Yes |
The username for the RDM metadata database. |
|
String |
/ |
Yes |
The password for the RDM metadata database. |
|
String |
/ |
Yes |
The driver class name for the RDM metadata database. |
|
Boolean |
|
No |
When set to |
|
String |
|
No |
Timeout for database connection attempts in seconds. |
|
String |
|
No |
Interval between connection attempts in seconds. |
Keycloak
The following properties configure Keycloak. See Encrypt Passwords for information about how to encrypt passwords.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
String |
|
Yes |
The URL of the server where Keycloak is running. |
|
String |
|
Yes |
The name of the Keycloak realm. |
|
String |
/ |
Yes |
The client identifier used to verify the admin user’s authorization token. |
|
String |
/ |
Yes |
The secret key of the client identifier for the admin account.
Secret keys can be generated using Keycloak.
Used by |
|
String |
/ |
Yes |
The client identifier. Used to verify a user’s authorization token and to log in a user. |
|
String |
/ |
Yes |
The secret key of the client.
Secret keys can be generated using Keycloak.
Used for |
|
String |
/ |
Yes |
Specifies the issuer of the JWT token. Typically, Keycloak uses the URL of the realm as the token issuer. |
|
String |
/ |
Yes |
Keycloak public client ID for web application browsing. |
|
Boolean |
|
Yes |
Specifies whether the HTTP protocol is being used with Keycloak. |
|
Boolean |
|
Yes |
Specifies whether the TLS protocol is being used with Keycloak. |
|
String |
/ |
No |
The schedule for automatic synchronization of user or role mapping with Keycloak. The value is a Cron expression that consists of six fields representing, in this order, second, minute, hour, day, month, weekday. For more information, see the official Spring documentation. |
SSL
Use these properties to set up SSL.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
Boolean |
|
No |
Enables SSL. |
|
String |
/ |
No |
The full path to the keystore. |
|
String |
/ |
No |
The password for decrypting the keystore. Used if the keystore is encrypted (recommended). |
|
String |
/ |
No |
The password for the private key. Used if the private key is encrypted. |
|
String |
/ |
No |
The full path to the truststore. |
|
String |
/ |
No |
The password for the trusstore. Used if the truststore is encrypted. |
Web application links
The following properties specify the links to other applications.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
String |
|
No |
The URL for the MDM link. |
|
String |
|
No |
The URL for the link to the catalog (MMM) application. |
Logging
The following properties configure logging.
Logging levels can also be set via LOG_PATH
.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
Boolean |
|
No |
If set to |
|
Boolean |
|
No |
If set to |
|
Boolean |
|
No |
If set to |
|
Boolean |
|
No |
If set to |
|
String |
|
No |
The location of the |
|
String |
|
No |
The root logging level.
Available values are |
|
String |
|
No |
The logging level for`com.ataccama` packages.
Available values are |
|
String |
|
No |
The logging level for RDM packages.
Available values are |
Endpoints for monitoring
The following properties configure endpoints for monitoring. For more information, see Monitoring Configuration.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
Boolean |
|
No |
Enables all actuator endpoints.
If set to |
|
Boolean |
|
No |
Enables |
|
Boolean |
|
No |
Enables |
|
Boolean |
|
No |
Enables |
|
String |
|
No |
A comma-separated list of exposed actuator endpoints that should provide information about the application. These endpoints track the following:
|
|
String |
|
No |
Specifies how much information is provided by the
|
|
String |
|
No |
Specifies how much detail the
|
|
String |
|
No |
A comma-separated list that determines how the |
|
String |
|
No |
Configures how much information the |
|
Boolean |
|
No |
Enables |
|
String |
|
No |
Defines which components are covered by the liveness probe.
These components are a subset of |
|
String |
|
No |
Defines which components are covered by the readiness probe.
These components are a subset of |
|
String |
|
No |
Enables ACL-based authentication on the selected endpoint. The same filter can be enabled on other endpoints. |
|
String |
|
No |
Allows access to the endpoint defined in the |
|
Boolean |
|
No |
Enables the timing metrics to all Spring endpoints. |
Static configuration
Use the following properties to set static configuration.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
Boolean |
|
Yes |
If set to |
|
Boolean |
|
Yes |
If set to |
|
Boolean |
|
No |
Persistence strategy for storing MN reference values. The following values are available:
Once the value is set, it cannot be changed otherwise the MN reference data would have to be reprocessed. |
|
String |
|
Yes |
The name of role that is required to successfully log in to RDM. When not defined, any user can access the application. In such a case a warning is reported to the backend log. If the defined role does not exist in Keycloak, an error is reported to the log and no user can log in to the application. |
|
String |
|
Yes |
Prefix for additional RDM roles with |
|
String |
|
No |
Filters RDM service accounts so that technical users not related to RDM are hidden in the web app. If a username matches this regular expression, it is loaded to RDM and shown on the Permissions tab. If set to |
|
String |
|
Yes |
The system group name for RDM. Users with this role can perform system-related operations and have higher privileges than regular users (for example, they can see all tables). |
|
String |
|
No |
The name of the role with access to the Permissions tab in RDM.
When empty, the |
|
Number |
|
No |
The maximum number of active connections that can be allocated from the datasource pool at the same time. |
|
Number |
|
No |
The maximum number of connections that should be kept in the pool at all times.
Idle connections are checked periodically (if enabled) and connections that have been idle for longer than |
|
Number |
|
No |
The maximum time interval that the pool waits (when there are no available connections) for a connection to be returned before throwing an exception.
Expressed in |
Mail settings
The following properties configure mail settings. If workflows are used in the project, these properties are mandatory.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
String |
/ |
No |
The hostname of the mail server. |
|
Number |
/ |
No |
The number of the the mail server port. |
|
String |
/ |
No |
The username used to authenticate to the mail server. |
|
String |
/ |
No |
The password used to authenticate to the mail server. |
|
String |
/ |
No |
The default encoding of the emails. |
|
String |
/ |
No |
Specifies the protocol used to send emails. |
|
Number |
/ |
No |
The number of the SMTP port. |
|
Boolean |
/ |
No |
Enables the SMTP authentication. |
|
Boolean |
/ |
No |
Enables STARTTLS for SMTP. |
|
String |
/ |
No |
Specifies whether the STARTTLS is required for SMTP. |
Client security headers
You can configure RDM Webapp security by adding response headers (security headers) to HTTP responses from the web application.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
String |
|
No |
Specifies allowed connections. We strongly recommend using the default value. |
|
String |
|
No |
Specifies allowed script sources. We strongly recommend using the default value. |
|
String |
|
No |
Specifies allowed image sources. We strongly recommend using the default value. |
|
String |
/ |
No |
The path to the internal keystore. |
|
String |
/ |
No |
The password for the internal keystore. |
|
String |
/ |
No |
The path to the password file for the internal keystore. |
|
String |
/ |
No |
The path to the properties keystore. |
|
String |
/ |
No |
The password for the properties keystore. |
|
String |
/ |
No |
The path to the password file for the properties keystore. |
|
String |
|
No |
Protects against clickjacking.
If set to |
|
String |
|
No |
Specifies if cross-domain requests from Flash and PDF documents are allowed. |
|
String |
|
No |
Defines how much referrer information (sent with the Referer header) should be included with requests.
If set to |
|
String |
|
No |
Protects against cross-site scripting attacks.
If set to |
|
String |
|
No |
Protects against MIME sniffing. |
Retry for Keycloak connection to RDM
If the initial connection to Keycloak fails, the RDM webapp can try to connect repeatedly before startup.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
Number |
|
No |
Maximal number of connection attempts. |
|
String |
|
No |
Interval between attempts in seconds. |
Rate limiter
For more details, see Rate Limiter.
Name | Data type | Default value | Mandatory | Description |
---|---|---|---|---|
|
Number |
|
No |
The maximum allowed number of operations within a defined time period.
For example, if you set the value to |
|
String |
|
No |
The time period after which the limit for the number of operations is refreshed.
For example, if you set the value to |
|
String |
|
No |
Specifies how long to wait for a request to be processed before it’s considered a failure. If this period elapses, the request is considered unsuccessful. |
Was this page useful?