Configuration - backend
All configuration items which are used solely for IdM begin with idm.
prefix. The configuration items from the file can be overloaded through a setting agenda in the gui ⇒ a server restart isn't needed for changing the configuration with idm.
prefix. The configuration is saved in the database. Use ConfigurationService
for reading and saving configuration items.
Naming conventions of the configuration items in IdM:
idm.
- configuration items for the needs of IdMidm.pub.
- public configuration items - published on a public rest endpoint (e.g. version)idm.sec.
- system configuration items - published on a secure rest endpoint and available for configuration by the application administrator. They are used for backend configuration. If configuration item is confidential, then value is stored in confidential storage and value is not send to frontend, application logs etc. Items with keypassword
,token
,secret
are automatically set as confidential - use it for configuration items defined in property file only.idm.sec.<module>.
oridm.pub.<module>.
- configuration items of the given module. UseModuleDescriptor#getId()
as<module>
.- if the name of a configuration item contains the
password
ortoken
chain, the value of the configuration item is hidden in the rest interface listing (or rather replaced with substitute characters). - It is better to use constants for keys, e.g.
ConfigurationService.IDM_PUBLIC_PROPERTY_PREFIX + "core.identity.delete"
- using seperator constant in key name suffix is not preferred - constant can be simply found by key suffix ("ctrl-f" + "core.identity.delete").
Configuration - frontend
Frontend configuration is stored in czechidm-app
module under czechidm-app/config
folder and is separated by profile (by client) and stage (development / test / production) read more.