Server administration
search

Configuration properties

Security

Property Explanation Values
item item item
item item item
item item item

securityConf

  1. Security/engine: allows us to choose the way we want to handle the users, it can be either Match Security Manager (MSMAuthentication) or LDAPAuthentication
  2. Security/authentication: it specifies which areas of the application need authentication. It can have 3 values:
    1. Enabled: you need to authenticate to do any action
    2. Disabled: you can do everything without authentication
    3. Consultation Only: you can consult public KBAs without authentication but you need to authenticate to do other actions

LDAP

ldapConf

  1. ldap/server/hostname: hostname or ip of the server
  2. ldap/server/port: port number of the server (default "389")
  3. ldap/server/ssl: set to true to enable connection over ssl (default "false")
  4. ldap/server/timeout: timeout in milliseconds (default "5000")
  5. ldap/binduser: set to true to use a binduser (default "false"). Note: a bind user is required to use groups
  6. ldap/queries/login/query: query to retrieve the users (default: "CN=Users,DC=knowledge-values,DC=com")
  7. ldap/queries/login/filter/upn: filter to retrieve the users at login when the username is in the format "user@domain", "##username##" can be used as a placeholder for the username (default: "(userPrincipalName=##username##)")
  8. ldap/queries/login/filter/sam: filter to retrieve the users at login when the username is in the format "domain\user", "##username##" can be used as a placeholder for the username (default: "(sAMAccountName=##username##)")
  9. ldap/queries/login/attributes: comma/semicolon separated list of user attributes that can be used in the consultation
  10. ldap/queries/login/defaultdomain/upn: default domain attached to the username during the login. If the domain contains a "@" upn standard will be used (username@domain), otherwise sam (domain\username)
  11. ldap/queries/findall/filter: filter to retrieve all the users for the kba restricted groups (default: "(&(objectclass=user))")
  12. ldap/binduser/name: binduser'susername
  13. ldap/binduser/password: binduser's password
  14. ldap/queries/groupmapping/admin: comma/semicolon list of ldap groups that will be mapped to the admin role
  15. ldap/queries/groupmapping/kbamanager: comma/semicolon list of ldap groups that will be mapped to the kbamanager role
  16. ldap/queries/groupmapping/user: comma/semicolon list of ldap groups that will be mapped to the user role

The following examples better explain the role of some element:

query to retrieve user at login:

ldapsearch -h {server.hostname} -p {server.port} -D {username} -w '{password}' -b '{queries/login/query}' -s 'sub' '{queries/login/filter/upn or sam}

ldapsearch -h dev-02.knowledge-values.com -p 389 -D user@knowledge-values.com -w 'password' -b 'CN=Users,DC=knowledge-values,DC=com' -s 'sub' '(userPrincipalName=user@knowledge-values.com)

query to retrieve the groups:

ldapsearch -h {server.hostname} -p {server.port} -D {binduser.name} -w '{binduser.password}' -b '{queries/login/query}' -s 'sub' '{queries/findall/filter}

ldapsearch -h dev-02.knowledge-values.com -p 389 -D user@knowledge-values.com -w 'password' -b 'CN=Users,DC=knowledge-values,DC=com' -s 'sub' '(&(objectclass=user))’

MSM

msmConf

  1. server/admin/email: the email address of the server administrator (user with MWP_ADMIN role)
  2. msm/admin/username: the username of the users manager (user with KBA_MANAGER role)
  3. msm/admin/email: the email address of the user specified in 'msm/admin/username'
  4. msm/admin/password: the password of the user specified in 'msm/admin/username'
  5. msm/url/resetpassword: the url users will be redirected when they try to reset their password
  6. msm/url/default/login: url of the login page
  7. msm/account/activation/time/limit: time to activate account/change password
  8. Choose between manual and JNDI user database configuration
  9. msm/db/username: (only with manual configuration) the username of the user with rights for the users database
  10. msm/db/password: (only with manual configuration) the of the users specified in 'msm/db/username'
  11. msm/db/driver/classname: (only with manual configuration) the name of the driver used for the database
  12. msm/db/driver/shortname: (only with manual configuration) the short name of the driver
  13. msm/db/hostname: (only with manual configuration) the IP address or hostname of the server containing the database
  14. msm/db/instance: (only with manual configuration) the instance nameof the database
  15. msm/db/hostport: (only with manual configuration) the port where the database is running
  16. msm/db/name: (only with manual configuration) the name of the database containing the users data
  17. msm/db/jndi: (only with JNDI) name of the JNDI entry specified on the server to be picked up by the application

Statistics

statisticsConf

  1. statistics/log: to enable/disable the log of the statistics
  2. statistics/log/backup/frequency: the frequency the statistics are logged in minutes

Errors

errorsConf

  1. error/log/filtered/exception: list of the exception class names you want to filter out
  2. error/log/max/files: deletes the oldest files error files when the maximum number of files is reached

Mail properties

mailConf

  1. Choose either manual or JNDI configuration
  2. smtp/security/credentials/username: (only for manual configuration)
  3. smtp/security/credentials/password: (only for manual configuration)
  4. smtp/security/starttls: (only for manual configuration)
  5. smtp/security/userauth: (only for manual configuration)
  6. smtp/server/host: (only for manual configuration)
  7. smtp/server/port: (only for manual configuration)
  8. smtp/default/from: (only for manual configuration)
  9. smtp/transport: (only for manual configuration)
  10. smtp/debug: prints debug information in the logs, false by default. Can be found in server logs