application.properties

# SPDX-License-Identifier: Apache-2.0
# Copyright Contributors to the ODPi Egeria project.

# ========================================================================================================
# The application.properties file is used to configure the OMAG Server Platform which is implemented as
# a spring boot application.

###############################################
### Default port for the OMAG Server Platform
################################################
server.port=9443

###############################################
### Set up the configuration document store the OMAG Server Platform
### The values below will set up the clear text config document store (default)
### Change the class name to change the implementation of the configuration document store
################################################
platform.configstore.provider=org.odpi.openmetadata.adapters.adminservices.configurationstore.file.FileBasedServerConfigStoreProvider
platform.configstore.endpoint=data/servers/{0}/config/{0}.config

###############################################
### Set up the platform metadata security connector that provides authorization
### for platform administration, server operations and diagnostic calls.
### By default, there is no platform metadata security connector.
### The values below are for a sample platform metadata security connector where the only userId
### that is permitted to use the administration and platform services is `garygeeke`.
###############################################
platform.security.provider=org.odpi.openmetadata.metadatasecurity.samples.CocoPharmaPlatformSecurityProvider
platform.security.name=Coco Pharmaceuticals Platform

###############################################
### Set up the default configuration document for any new OMAG Server configurations.
###############################################
#platform.default.config.document=\
#  {\
#    "class": "OMAGServerConfig",\
#    "organizationName": "myOrg",\
#    "maxPageSize": 1200,\
#    "eventBusConfig": \
#        {\
#            "class": "EventBusConfig",\
#            "topicURLRoot": "egeria.omag",\
#            "configurationProperties":\
#             {\
#                "producer": {"bootstrap.servers": "{{kafkaEndpoint}}"},\
#                "consumer": {"bootstrap.servers": "{{kafkaEndpoint}}"}\
#             }\
#        }\
#  }

################################################
### Placeholder variables are added to field values in the configuration document
### when the server is being configured using double curly braces.  They are replaced by
### the values specified in platform.placeholder.variables each time the server starts up.
###
### The "kafkaEndpoint" value is the Apache Kafka endpoint, and it is used in the active-metadata-store
### sample configuration.  If your Apache Kafka broker is listening on a different endpoint
### and you want to use active-metadata-store, change this variable to your Apache Kafka's address.
################################################
platform.placeholder.variables=\
  {\
    "kafkaEndpoint" : "localhost:9092",\
    "egeriaEndpoint" : "https://localhost:9443"\
  }

################################################
### startup servers configuration
################################################
#userId used to start up the list of configured servers default is 'system'
startup.user=system
# Comma separated names of servers to be started.  The server names should be unquoted.
startup.server.list=active-metadata-store,engine-host,integration-daemon,view-server,simple-metadata-store

################################################
### SSL security.
# The keystore determines the information sent out by the server to identify itself.
# The truststore is where the certificates of trusted servers the platform is calling are located.
# (Note SSL certificate checking is performed on client-side only.)
################################################
server.ssl.key-store=keystore.p12
server.ssl.key-store-password=egeria
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=egeriaserverchassis

server.ssl.trust-store=truststore.p12
server.ssl.trust-store-password=egeria

# WARNING! setting 'strict.ssl=false' allows java clients to open https connections without checking the validity of
# certificates from the servers it is calling.
# Alternate you can import self-signed certificates into java truststore or set up a truststore only for this app
# by adding the store into server.ssl.trust-store parameter
strict.ssl=false


################################################
# User security
################################################

# Authentication source (possible values: demo, ldap, ad)
authentication.source=demo
# Authentication mode (possible values: session,token,redis)
authentication.mode=token

#token timeout in minutes
token.timeout=15
token.absolute.timeout=720
token.secret=doNotTell

#LDAP authentication

ldap.domain=
ldap.user.search.base=ou=people,dc=egeria,dc=com
ldap.user.search.filter=uid={0}
ldap.group.search.base=ou=Groups,dc=egeria,dc=com
ldap.group.search.filter=member={0}
ldap.url=ldap://localhost:389
ldap.group.role.attribute=
ldap.npa.dn=
ldap.npa.password=
#ldap.user.dn.patterns patterns is a list of values separated by ";" as comma is used in the ldap pattern
ldap.user.dn.patterns=

# Redis configuration
#redis.host=localhost
#redis.port=6379

################################################
### Additional demo users configuration for when authentication.source=demo
### This file is located in the resources folder of the user-authn module and built into its runtime jar
################################################
spring.config.import=classpath:demo-users.yml

################################################
### Comma separated list of header names to extract from incoming HTTP requests and add to thread local.
### The default value is null and adds no headers.
### Setting the list to * means all headers are captured.
### Otherwise, list the header name in use.
################################################
authn.header.name.list=

################################################
### CORS
################################################
# Comma-separated list of origins.
# Example configuration below is for setting up local development environment where egeria-ui is hosted on one of the two urls.
# cors.allowed-origins=http://localhost,http://localhost:8081
cors.allowed-origins=*

################################################
# landing page (/api/public/app/info)
################################################
app.description=Have a question? || Get in touch via our Slack community https://slack.lfai.foundation/ @@What is Open Metadata? || Find out more on our website https://egeria-project.org/ @@Have more cool ideas? || Feel free to let us know your ideas so we can make it better.
app.title=Egeria Open Metadata | Find the right data with governance

# ##############################################################
# Component visibility for Role based access ###################
# ##############################################################
# How it works?
#
# The roles are defined in external authentication source (provider) configured with `authentication.source`.
# For demo purposes, we are providing simple file based authentication provider. See demo-users.yml
# The matrix controlling what components are allowed on the UI views for specific role is defined in the 'role.visibleComponents' prefixed properties as follows"
#
#   role.visibleComponents.{ROLE-1}={component-name-1}
#   role.visibleComponents.{ROLE-2}={component-name-1},{component-name-2}
#
#   This will configure the application to show the component named 'component-name-1' for all uses assigned to 'ROLE-1'
#   In the same way, users that have assigned 'ROLE-2' can see more 'component-name-1' and 'component-name-2'.
#   It is also possible to use wildcard '*' to enable full visibility of all components to users in the given role.
#
#   Complete list of components names that can be used:
#
#       about
#       asset-catalog
#       asset-details
#       asset-details-print
#       glossary
#       repository-explorer
#       type-explorer
#       asset-lineage
#       asset-lineage-print
#       end-to-end
#       ultimate-source
#       ultimate-destination
#       vertical-lineage
#
# Below is the default configuration for the two COCO_PHARMA roles we use for demo:

role.visibleComponents.COCO_PHARMA_USER=about,asset-catalog,asset-details,asset-details-print,asset-lineage,asset-lineage-print,end-to-end,ultimate-source,ultimate-destination,vertical-lineage,glossary,repository-explorer
role.visibleComponents.COCO_PHARMA_ADMIN=*

################################################
### Which java packages should be scanned to locate the Spring resource definitions that define the REST APIs?
################################################
scan.packages=org.odpi.openmetadata.*

################################################
### Logging
################################################
logging.level.root=OFF
logging.level.org.springframework=ERROR
logging.level.org.springframework.boot.web.embedded.tomcat=INFO
logging.level.org.odpi.openmetadata.platformchassis.springboot=INFO
#tracing REST calls
#logging.level.org.odpi.openmetadata.commonservices.ffdc.RESTCallLogger=DEBUG

################################################
### Swagger Docs
################################################
springdoc.version='@springdoc.version@'
springdoc.api-docs.enabled=true
springdoc.api-docs.path=/v3/api-docs
springdoc.swagger-ui.path=/swagger-ui.html
springdoc.swagger-ui.displayRequestDuration=true
springdoc.swagger-ui.tagsSorter=alpha
springdoc.swagger-ui.operationsSorter=alpha
springdoc.swagger-ui.docExpansion=none

################################################
### Spring Boot Actuator
################################################
# Endpoints web configuration
#management.endpoints.web.exposure.include=*
management.health.cassandra.enabled=false
management.health.redis.enabled=false
management.health.ldap.enabled=false