Configuration Public

Configuration of SciPaMaTo-Public

Table of Contents

• 1. Application specific settings
• 2. Implementation specific/customized settings
• 3. Web Server Settings
• 4. Actuator Settings
• 5. Logging
• 6. Database
• 7. Database Migration
• 8. Development properties
• 9. Example application properties
• 10. Security Configuration
  • 10.1. Secure Connection over https
  • 10.2. Serving the page behind a proxy
  • 10.3. Redirect from another unsecured port

You can provide a configuration file application.properties and put it in the same directory where your scipamato-public-web.jar resides.

The properties are of the following form:

specific.property.name=value

Any line starting with the hash (#) is considered a comment. You can find a full sample application.properties at the end of the page.

1. Application specific settings

scipamato.brand

The brand name of the application. (default: SciPaMaTo)

scipamato.page-title

The page title that is used in the browser tab. If not present, scipamato.brand will be used instead.

scipamato.default-localization

The default localization for the user interface (default: de (German), en (English), or fr (French)

scipamato.authors-abbreviated-max-length

Maximum number of characters the authors string will be truncated to in the result view. If you filter by author, the entire author string will be used in the filter, but the view showing the result displays the truncated author string.

scipamato.responsive-iframe-support-enabled

If set to true, SciPaMaTo-Public utilizes pym.js to be included in a responsive iframe.

wicket.external.agilecoders.bootstrap.theme

The look and feel of the application. SciPaMaTo can use the themes provided by Bootswatch, the default theme is cerulean. Other options, e.g. cosmo, cyborg, darkly, flatly, journal, lumen, paper, readable, sandstone, simplex, slate, solar, spacelab, superhero, united, yeti.

2. Implementation specific/customized settings

Certain properties are implementation specific, i.e. specific to the customer site where SciPaMaTo runs.

scipamato.cms-url-search-page

The URL of the page of the customer CMS that has the SciPaMaTo-Public search page in an iframe.

scipamato.cms-url-new-study-page

The URL of the page of the customer CMS that has the SciPaMaTo-Public new-studies page in an iframe.

scipamato.commercial-font-present

If this property is set to true, SciPaMaTo-Public expectes the commercial font MetaOT to be on the classpath. The respective CSS classes are included. If set to false, the CSS for the fonts will be ignored.

scipamato.navbar-visible-by-default

In case of a customer CMS showing SciPaMaTo-Public in an iframe, we do not show the Navbar by default (can be overridden with the page parameter showNavbar=true in the URL).

3. Web Server Settings

server.port

defines the port the application server listens on (default: 8081)

server.servlet.session.timeout

the session timeout of the webserver (default: 1800s)

4. Actuator Settings

scipamato.management-user-name

User name for accessing the actuator (default 'admin')

scipamato.management-user-password

Password for accessing the actuator (default 'admin')

info.app.name

Application name exposed in the actuator (default: 'SciPaMaTo Public')

info.app.description

Description exposed in the actuator (default: 'Scientific Paper Management Tools - Public')

5. Logging

logging.file

location of your log file (default: log/scipamato.log)

logging.level.root

root log level, e.g. DEBUG, INFO, WARN (default: INFO)

logging.level.ch.difty

log level for specific package (here e.g. ch.difty.*)

6. Database

spring.datasource.url

the jdbc connection string for the core database (default: jdbc:postgresql://localhost:5432/scipamato_public)

spring.datasource.hikari.username

the user name for the application to connect to the core database (default: scipamatopub)

spring.datasource.hikari.password

the password for the application to connect to the core database (default: scipamatopub)

7. Database Migration

spring.flyway.user

The user name used by Flyway to perform the migrations. Must have the permissions to create, modify, update, drop tables, sequences and alter the data. (default 'scipamadminpub').

spring.flyway.password

Password for above user (default: 'scipamadminpub')

spring.flyway.clean-disabled

If this setting is set to true, Flyway refuses to clear the database, even if called to do so. Definitely should be set to true in production environments.

8. Development properties

scipamato.less-used-over-css

Development option that dynamically works with the less classes instead of the precompiled CSS classes if set to true.

9. Example application properties

The following example provides the default values (except the database profile!). There’s no need to use this specific version. But you can use it as a template to change specific values to configure your preferred choices.

#
# Application specific settings
#
##################################

# Brand name of  the application
scipamato.brand=SciPaMaTo
# Default Localization [en, de]
scipamato.default-localization=de

# if used in a responsive iframe with pym.js
scipamato.responsive-iframe-support-enabled=true

# Look and Feel: Bootstrap Theme - see http://bootswatch.com/
wicket.external.agilecoders.bootstrap.theme=cerulean

#
# Site specific settings
#
##################################

scipamato.navbar-visible-by-default=false
scipamato.commercial-font-present=true
scipamato.authors-abbreviated-max-length=60

scipamato.cms-url-search-page=https://customer-cms:8443/scipamato-search-page/
scipamato.cms-url-new-study-page=https://customer-cms:8443/scipamato-new-studies/


#
# Web Server Settings
#
########################

# Port exposing the application, i.e. 8081 -> http://localhost:8081/
server.port=8081
# Session Timeout
server.servlet.session.timeout:1800s

#
# Actuator settings - see http://www.baeldung.com/spring-boot-actuators
#
##########################################################################

# Login/Password for access to the actuator endpoints
scipamato.management-user-name=admin
scipamato.management-user-password=admin

# actuator information
info.app.name=SciPaMaTo Public
info.app.description=Scientific Paper Management Tools - Public


#
# Logging specification
#
###########################

logging.file=log/scipamato.log
logging.level.root=INFO


#
# Database Configuration
#
#############################

spring.datasource.url=jdbc:postgresql://localhost:5432/scipamato_public

spring.datasource.hikari.jdbc-url=jdbc:postgresql://localhost:5432/scipamato
spring.datasource.hikari.username=scipamatopub
spring.datasource.hikari.password=scipamatopub


#
# Database Migration settings (FlyWay)
#

spring.flyway.user=scipamadminpub
spring.flyway.password=scipamadminpub
spring.flyway.cleanDisabled=true

If the property file contains passwords, it makes sense to protecte the file from reading for unauthorized users.

10. Security Configuration

10.1. Secure Connection over https

As I do not yet have an official certifcate, I generated a self-signed certifacte, see e.g. here:

keytool -genkey -alias undertow -storetype PKCS12 -keyalg RSA -keysize 2048  -keystore keystore.p12 -validity 3650

Please note the following parameters you will need to reference further down in the configuration:

keystore

the name of the generated keystore file - here keystore.p12.

storetype

the type of keystore - here PKCS12

alias

an alias to the keystore file - here undertow.

In order to enable a https as a secure connection protocol, you can configure the following properties in the application.properties file:

server.port

Port on which the secure connection can be established (e.g. 8443).

server.ssl.key-store

The name of the keystore file that contains the certificate. Corresponds to the parameter keystore when running keytool.

server.ssl.key-store-type

The type of keystore of the above keystore file. Corresponds with the parmaetre storetype when running keytool.

server.ssl.key-store-password

The password necessary to access the certificates from the keystore. You had to provide this password during the execution of keytool above.

server.ssl.key-alias

The alias used when the keystore was created. Corresponds with the parameter alias for keytool.

security.require-ssl

Set to true.

Make sure the keystore file is on the class path, e.g. in the same directory as the jar file.

You should now be able to access the application via https: on port 8443. If you try to access it from http instead of https, you should be redirected to https on port 8443.

10.2. Serving the page behind a proxy

Set the following property:

server.use-forward-headers

set to true.

10.3. Redirect from another unsecured port

Set the following property:

scipamato.ridirect-from-port

If you set this property to e.g. 8081, you will be redirected from http://…​:8081 to https://…​:8443.

10.3.1. Example

# secured port for https
server.port=8443

# the keystore file with name, type, password and alias
server.ssl.key-store=keystore.p12
server.ssl.key-store-type=PKCS12
server.ssl.key-store-password=abcdefg
server.ssl.key-alias=undertow

# redirect from http://...:8443 to https://...:8443
security.require-ssl=true

# also redirect from http://...:8081 to https://...:8443
scipamato.redirect-from-port=8081

# Allow accessing through proxy
server.use-forward-headers=true