-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathas_service.properties
executable file
·279 lines (277 loc) · 16.2 KB
/
as_service.properties
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
# ---------------------------------------------------------------------------
# Database configuration
# The database instance local unique identifier. Used when the new database is created.
database-instance = DEFAULT
# The host and optionally port. Default is 'localhost'.
# database.url-host-part =
database.kind = prod
# User who owns the database. Default: Operating system user running the server.
database.owner =
database.owner-password =
# Superuser of the database. Default: database-dependent.
database.admin-user =
database.admin-password =
# Max. number of active database connections. Default: 20.
database.max-active-connections =
# Max. number of idle database connections to keep open. Default: 20.
database.max-idle-connections =
# Log interval (in seconds) between two regular log entries of the number of active database
# connections. Default: 3600.
database.active-connections-log-interval =
# Master data by Excel sheets
# Path to the file which stores version information of master data imported from Excel sheets.
# Default value: ../../../xls-import-version-info.json. The file will be created.
# It should be <openbis installation path>/servers/openBIS-server.
# Note, that the folder containing this file has to exist.
xls-import.version-data-file= /home/openbis/openbis/servers/openBIS-server/jetty/etc/xls-import-version-info.json
# Imaging database for screening and microscopy (optional, only used if screening technology switched on)
# imaging-database.url-host-part = localhost
# imaging-database.kind = prod
# imaging-database.owner =
# imaging-database.password =
# Proteomics database (optional, only used if proteomics technology switched on)
# proteomics-basic-database-name = proteomics
# proteomics-database-kind = productive
# proteomics-database-owner =
# proteomics-database-password =
# Authentication configuration
# Supported Authentication options are:
# 'file-authentication-service'
# 'ldap-authentication-service'
# 'crowd-authentication-service'
# 'file-crowd-authentication-service'
# 'file-ldap-authentication-service'
# 'stacked-authentication-service' : ldap - crowd
# For a detailed description please have a look at the Installation and Administrator
# Guide of the openBIS Server: https://wiki-bsse.ethz.ch/x/oYIUBQ
authentication-service = file-ldap-authentication-service
# When a new person is created in the database the authentication service is asked by default whether this
# person is known by the authentication service.
# In the case of single-sign-on this doesn't work. In this case the authentication service shouldn't be asked.
# and the flag 'allow-missing-user-creation' should be set 'true' (default: 'false')
#
allow-missing-user-creation = false
# Crowd configuration
# crowd.service.host = crowd-bsse.ethz.ch
# crowd.service.port = 8443
# crowd.application.name = openbis
# crowd.application.password =
# LDAP configuration
# The space-separated URLs of the LDAP servers, e.g. "ldap://d.ethz.ch/DC=d,DC=ethz,DC=ch"
ldap.server.url = ldap://ldap:1389
# The distinguished name of the security principal,
# e.g. "CN=carl,OU=EthUsers,DC=d,DC=ethz,DC=ch"
ldap.security.principal.distinguished.name = cn=admin,dc=empa,dc=ch
# Password of the LDAP user account that will be used to login to the LDAP server to perform the queries
ldap.security.principal.password = password
# The security protocol to use, use "ssl" or "none", default is "ssl"
ldap.security.protocol = none
# The authentication method to use: "none" (no authentication), "simple", "strong" (SASL), defaults to "simple"
ldap.security.authentication-method = simple
# The referral mode:
# "follow" - follow referrals automatically (the default)
# "ignore" - ignore referrals
# "throw" - throw ReferralException when a referral is encountered
ldap.referral = follow
# The search base.
ldap.searchBase = ou=users,dc=empa,dc=ch
# The attribute name for the user id, defaults to "uid"
ldap.attributenames.user.id = uid
# The attribute name for the email, defaults to "mail"
ldap.attributenames.email = mail
# The attribute name for the first name, defaults to "givenName"
ldap.attributenames.first.name = givenName
# The attribute name for the last name, defaults to "sn"
ldap.attributenames.last.name = sn
# Set to true to also query for email aliases
ldap.queryEmailForAliases = false
# The query template, needs to contain %s which will be filled with the query term, e.g. uid=username
# The default is:
# ldap.queryTemplate = (&(objectClass=organizationalPerson)(objectCategory=person)(objectClass=user)(%s))
# which is known to work for many Active Directory installations.
# For OpenLDAP, replace by:
# For restriction to BSSE accounts in OpenLDAP, set to:
ldap.queryTemplate = (&(%s))
# The number of times a failed LDAP query is retried at the max. Default: 1.
ldap.maxRetries =
# The timeout (in ms) to wait for an LDAP query to return, -1 for "wait indefinitely". Default: 10000.
ldap.timeout =
# Time time (in ms) to wait after a failure before retrying the query. Default: 10000.
ldap.timeToWaitAfterFailure=
# Anonymous login configuration (optional)
# Login of the existing user whose settings will be used for anonymous login
#user-for-anonymous-login = <user-login>
# Project authorization
# Enabled if set to 'true'. Default: disabled
authorization.project-level.enabled = true
# Regular expression for user ids allowed to have a project role
authorization.project-level.users = .*
# Project samples
# Note: Changing to 'true' turns experiment samples to project samples
# which can not be reverted after setting this flag back to 'false'. Also
# the sample identifier will change for such samples.
project-samples-enabled = true
# Client configuration
# Name of the file that stores Web Client configuration
web-client-configuration-file = etc/web-client.properties
# A comma-separated list of trusted cross-origin domains, that are allowed to
# query openBIS content. Typically these are lightweight webapps that integrate with openBIS
# via JSON-RPC services, but are not directly hosted within the openBIS application.
# Example 1 (two different domains configured):
# trusted-cross-origin-domains=https://myapp.domain.com:8443, http://other.domain.com
# Example 2 (match every domain):
# The '*' matches any arbitrary domain. It should be used with care as it opens openBIS
# for potential cross-site scripting attacks.
trusted-cross-origin-domains= *
# Session configuration
# The time after which an inactive session is expired by the service (in minutes).
session-timeout = 720
# Session time (in minutes) in case of presents of file etc/nologin.html. Should be < 30.
#session-timeout-no-login = 10
# Maximum number of sessions allowed per user. Zero means unlimited number of sessions. Default value is 5.
# max-number-of-sessions-per-user = 5
# Comma separated list of users allowed to have unlimited number of sessions. Default: Empty list.
# Note: The DSS (user 'etlserver' by default, see property 'username' of DSS service.properties)
# should be added to this list.
users-with-unrestricted-number-of-sessions = etlserver
# Business rules configuration
# When set to "true" enables the system to store material codes containing non-alphanumeric characters.
# Regardless of the value of this property no white spaces are allowed in the material codes.
#material-relax-code-constraints=false
# Comma-separated list of regular expression of data set types which do not require that the data set
# is linked to an experiment. If not linked to an experiment a link to a sample with space is required.
data-set-types-with-no-experiment-needed = .*
# When set to 'true' the sequence of sample codes is gap less for each type if all samples are created by
# batch registrations.
#create-continuous-sample-codes = false
# Entity History
# Enables/disables history of deleted entities. Default value is 'true'.
# entity-history.enabled = true
# Online Help
# Online help is broken into two sections -- generic and specific. Generic help links back to
# the CISD. Specific help is provided by the host of the installation
# OpenBIS needs to know the root URL for the online help and a template for the individual pages.
# The template should have on parameter, called title, and should be constructed to automatically
# create the page if it does not already exist.
# The template can be created by going to the root page, adding a new link to the page, and
# replacing the title of the new page with the ${title}
onlinehelp.generic.root-url = https://wiki-bsse.ethz.ch/display/CISDDoc/OnlineHelp
onlinehelp.generic.page-template = https://wiki-bsse.ethz.ch/pages/createpage.action?spaceKey=CISDDoc&title=${title}&linkCreation=true&fromPageId=40633829
#onlinehelp.specific.root-url = https://wiki-bsse.ethz.ch/display/CISDDoc/OnlineHelp
#onlinehelp.specific.page-template = https://wiki-bsse.ethz.ch/pages/createpage.action?spaceKey=CISDDoc&title=${title}&linkCreation=true&fromPageId=40633829
# JMX memory monitor
# Interval between two runs of the memory monitor (in seconds).
# Set to -1 to disable the memory monitor.
memorymonitor-monitoring-interval = 60
# Interval between two regular log call of the memory monitor (in seconds).
# Set to -1 to disable regular memory usage logging.
memorymonitor-log-interval = 3600
# The percentage of memory that, if exceeded, triggers a notify log of the memory manager,
# Set to 100 to disable.
memorymonitor-high-watermark-percent = 90
# Database Configurations for Query module (optional)
# Comma separated keys of databases configured for Query module.
# Each database should have configuration properties prefixed with its key.
# Mandatory properties for each <database> include:
# <database>.label - name shown to the openBIS user when adding or editing a customized query
# <database>.database-driver - JDBC Driver of the database (e.g. org.postgresql.Driver)
# <database>.database-url - JDBC URL to the database (e.g. jdbc:postgresql://localhost/openbis)
# Optional properties for each <database> include:
# <database>.database-user - name of the database user (default: user.name from system properties)
# <database>.database-password - password of the database user
# <database>.creator-minimal-role - minimal role required to create/edit queries on this database (default: POWER_USER)
# <database>.data-space - If NOT specified OBSERVER of any space will be allowed to perform
# queries and <creator-minimal-role> of any space will allowed
# to create/edit queries on this DB.
# - If specified only OBSERVER of the space will be allowed to perform
# queries and <creator-minimal-role> of the space will allowed
#query-databases = openbisDB
#openbisDB.label = openBIS meta data
#openbisDB.data-space = CISD
#openbisDB.creator-minimal-role = SPACE_ADMIN
#openbisDB.database-driver = org.postgresql.Driver
#openbisDB.database-url = jdbc:postgresql://localhost/openbis_${database.kind}
#openbisDB.database-username =
#openbisDB.database-password =
# Maintenance plugins configuration (optional)
# Comma separated names of maintenance plugins.
# Each plugin should have configuration properties prefixed with its name.
# Mandatory properties for each <plugin> include:
# <plugin>.class - Fully qualified plugin class name
# <plugin>.interval - The time between plugin executions (in seconds)
# Optional properties for each <plugin> include:
# <plugin>.start - Time of the first execution (HH:mm)
# <plugin>.execute-only-once - If true the task will be executed exactly once,
# interval will be ignored. By default set to false.
#maintenance-plugins = demo
#demo.class = ch.systemsx.cisd.openbis.generic.server.task.DemoMaintenanceTask
#demo.interval = 60
#demo.property_1 = some value
#demo.property_2 = some value 2
maintenance-plugins = user-management
user-management.class = ch.systemsx.cisd.openbis.generic.server.task.UserManagementMaintenanceTask
#User management
user-management.configuration-file-path = /home/openbis/openbis/servers/openBIS-server/jetty/etc/groups.json
user-management.interval = 1 min
#user-management.filter-key = cn
user-management.ldap-group-query-template = (&(objectClass=inetOrgPerson)(memberOf=%s))
user-management.deactivate-unknown-users = false
#user-management.filter-key = ou
# Internal - do not change
# Authorization
# Supported: 'no-authorization' and 'active-authorization'
authorization-component-factory = active-authorization
script-folder = .
jython-version=2.7
##########
# V3 API #
# -------------------------------------------------------------------------
# The configuration below reflects the default values used by the V3 API.
# Please uncomment and change the chosen values to overworite the defaults.
# A path to a directory where operation execution details are stored.
# api.v3.operation-execution.store.path = operation-execution-store
# A thread pool that is used for executing all asynchronous operations.
# api.v3.operation-execution.thread-pool.name = operation-execution-pool
# api.v3.operation-execution.thread-pool.core-size = 10
# api.v3.operation-execution.thread-pool.max-size = 10
# api.v3.operation-execution.thread-pool.keep-alive-time = 0
# A name of a thread that updates operation execution progress information.
# api.v3.operation-execution.progress.thread-name = operation-execution-progress
# An interval that controls how often operation execution progress information gets updated. The interval is defined in seconds.
# api.v3.operation-execution.progress.interval = 5
# Availability times control for how long information about an operation execution is stored in the system.
# There are 3 levels of such information:
# * core information (code, state, owner, description, creation_date, start_date, finish_date)
# * summary information (summary of operations, progress, error, results)
# * detailed information (details of operations, progress, error, results)
# Each level of information can have a different availability time.
# The availability times can be defined at the moment of scheduling an operation execution.
# If a time is not provided explicitly then a corresponding 'default' value is used.
# The maximum possible value that can be used for a given availability time is controlled with the 'max' property.
# All availability times are defined in seconds.
# Examples of values: 31536000 (1 year), 2592000 (30 days), 86400 (1 day), 3600 (1 hour).
# api.v3.operation-execution.availability-time.default = 31536000
# api.v3.operation-execution.availability-time.max = 31536000
# api.v3.operation-execution.availability-time.summary.default = 2592000
# api.v3.operation-execution.availability-time.summary.max = 2592000
# api.v3.operation-execution.availability-time.details.default = 86400
# api.v3.operation-execution.availability-time.details.max = 86400
# Maintenance tasks responsible for marking and deleting timed out operation executions. Intervals are defined in seconds.
# api.v3.operation-execution.availability-update.mark-timeout-pending-task.name = operation-execution-mark-timeout-pending-task
# api.v3.operation-execution.availability-update.mark-timeout-pending-task.interval = 60
# api.v3.operation-execution.availability-update.mark-timed-out-or-deleted-task.name = operation-execution-mark-timed-out-or-deleted-task
# api.v3.operation-execution.availability-update.mark-timed-out-or-deleted-task.interval = 300
# Maintenance task responsible for marking new, scheduled and running operation executions as failed after server restart.
# api.v3.operation-execution.state-update.mark-failed-after-server-restart-task.name = operation-execution-mark-failed-after-server-restart-task
# Maximum number of items in cache
api.v3.operation-execution.cache.capacity = 10240
# Cache implementation class, cache is disabled if this property is not set
api.v3.operation-execution.cache.class = ch.ethz.sis.openbis.generic.server.asapi.v3.executor.common.search.cache.FileCache
# Cache directory for file cache implementation
api.v3.operation-execution.cache.directory = targets/sessionWorkspace/cache
# Cache clearance task name
api.v3.operation-execution.cache.clearance-task-name = cache-clearance-task
# Cache items timeout in seconds
api.v3.operation-execution.cache.timeout = 3600
# Period in seconds of how often a maintenance task should run for timeout checks
api.v3.operation-execution.cache.timeout-check-interval = 300