Properties
Reporting
| Parameter | Example Value | Purpose |
|---|---|---|
| reporting.datasource.jndi | java:com.trax.hibernate.DataSource | JNDI of the datasource used with BIRT reports |
| resources.url | http://localhost:8081/webstart | URL for the images used in HTML printouts |
| com.trax.system.userman- agement.SecurityIntercep- tor | com.trax.reporting.ReportingSe- curityInterceptor | Optional; Adds reporting security rules |
| report-limit | 20000 | This counter will track the number of resulting data fields which have to be returned by a classic query builder ex- ecution and display a warning if the result exceeds the size. If no value is set, the default of report-limit = 20000 will be supposed. |
Table 121 Reporting Properties
File Upload
| Parameter | Example Value | Purpose |
|---|---|---|
| fileupload-dir | ../server/default/tmp | Folder to store the uploaded files in |
| fileupload-max-file-size | 150000000 | Maximum file size for uploaded files in bytes |
| fileupload-temp-path | ../server/default/tmp | Temporary folder to store files during upload |
Table 122 File Upload Properties
Streaming
| Parameter | Example Value | Purpose |
|---|---|---|
| file.handle.buffer.directory | /tmp/handle-buffer | Temporary directory for streaming file processing |
Table 123 Streaming Properties
EBICS
| Parameter | Example Value | Purpose |
|---|---|---|
| com.trax.ebics.connector. EbicsConnector.traceDir | /tmp/trax-ebics-trace | It is possible to enable tracing of all EBICS XML data going over the wire. Tracing will be enabled when this property is set and disabled when commented out or not set. In this folder, the EBICS trace will be stored. |
Table 124 EBICS Properties
LDAP
The principle used by Trax to do LDAP authentication is the “double bind”.
Trax first binds one time with the LDAP server using a system user. Once this is done, Trax searches for the current Trax user, using the user’s “Code”. The LDAP attribute that has to match that code is configurable.
When the user is found, Trax will attempt a second bind with the LDAP, using the DN (distinguished name) of the user. The LDAP attribute where that DN can be found is also configurable.
LDAP properties should ideally be stored in the application.properties file. When LDAP is enabled, the security policy settings (password expiration, password minimal length, password maximum length) will be ignored. LDAP can be activated for logon and/or signing by configuring the appropriate user-authenicator and sign-authenticator property (see 12.2.8). A user can be authenticated against a backup LDAP server in case the primary LDAP server is not available. This can be achieved by providing a comma separated list of ldap provider ur’ls (ldap.provider.url).
| Parameter | Example Value | Purpose |
|---|---|---|
| ldap.contextfactory | com.sun.jndi.ldap.LdapCtxFactory | LDAP context factory (do not change this value) |
| ldap.provider.url | ldap://ldapserver1:389,ldap://ldapsever2:389 | Comma separated list of URL’s of the LDAP server |
| ldap.logon.dn | uid=admin,ou=system | Distinguished name of the system user |
| ldap.logon.password | {3DES}QvVBowU/B1Y= | Encrypted password of the system user |
| ldap.search.dn | ou=people,o=sevenSeas | Place in the LDAP’s DN tree where to start the search |
| ldap.filtering.attribute | cn | Name of the LDAP attribute that will be matched against the user code entered in AvantGard Trax. |
| ldap.user.dn | dn | Name of the LDAP attribute where the user’s DN can be found (so it can be used for the second bind) |
| ldap.ssl | FALSE | Set to true to enable SSL, false to disable SSL |
| ldap.version | 3 | Version of the LDAP protocol |
Table 125 LDAP Properties
RADIUS
RADIUS properties should be stored in the application.properties file. When RADIUS is enabled, the security policy settings (password expiration, password minimal length, password maximum length) will be ignored. RADIUS can be activated for logon and/or signing by configuring the appropriate user-authenicator and sign-authenticator property (see 12.2.8). A user can be authenticated against a backup RADIUS server in case the primary RADIUS server is not available. This can be achieved by providing a comma separated list of radius hosts (radius.host).
| Parameter | Example Value | Purpose |
|---|---|---|
| radius.host | 192.168.0.1,192.168.0.2 | Comma separated list of IP addresses of radius servers |
| radius.secret | shared-secret | Shared secret between trax server and radius server |
| radius.auth.port | 1812 | Port the radius server is listening on |
Table 14-126: RADIUS Properties
Business Functions
| cut-off | FALSE | Used to enable or disable cut-off |
|---|---|---|
| cev.enrichment.audit | FALSE | Enables CEV audit logging |
| cev.trace | FALSE | Enables CEV detailed trace logging |
Table 127 Business Functions Properties
Server Security
| Parameter | Example Value | Purpose |
|---|---|---|
| security-manager | com.trax.system.usermanage- ment.DefaultSecurityManager | SecurityManager which will be used by AvantGard Trax |
| user-authenticator | com.trax.system.usermanage- ment.InternalUserAuthenticator | Authenticator that will be used by AvantGard Trax for logon authorization. |
| Approve-authenticator | com.trax.system.usermanage- ment.InternalUserAuthenticator | Authenticator that will be used by AvantGard Trax for approval authorization (signing method=AUTHENTICATION). |
| sign-authenticator | com.trax.system.usermanage- ment.InternalUserAuthenticator | Authenticator that will be used by AvantGard Trax for signing authorization (signing method=AUTHENTICATION). |
| securityInterceptors | com.trax.reporting.ReportingSecuri- tyInterceptor | List of additional security interceptors (security rules that are added to the DefaultSecurityManager) |
| signing-manager | com.trax.signingadmin.SigningMan- ager | Signing manager implementation |
Table 128 Server Security Properties
General Server Configuration
Only Modify under exceptional circumstances
| Parameter | Example Value | Purpose |
|---|---|---|
| SERVER_CONTROL_CLASS | com.trax.template.startup.Start- Up,com.trax.service.ServiceServer- Control | List of ServerControl implementation classes (executed at server startup and shutdown) |
| propertiesProviders | com.trax.system.properties.DBAp- plicationPropertiesProvider | List of ApplicationProperties provider implementation |
| application-logger | com.trax.system.applicationlog.Ap- plicationLogHelper | The used application logger. |
| event-configuration-load-in- terval | 600000 | The application log configurations is cached for better performance. This means that when modifications have been made to application logging these changes are not processed until the cache is cleared. The following line determines how often the cache is cleared in milliseconds. If the parameter is not explicitly set, 10 minutes will be the time used by default. |
| rule-library | com.trax.system.rules.RuleLibrary | Indicates the implementation of the RuleLibrary interface which helps executing an abstract rule sequence |
| seal-flush-delay-seconds | 30 | Interval for saving invalid seals in number of seconds |
Table 129 Server Configuration Properties
Email Notifications
These settings are normally configured from within the GUI, but can also be set up in the application properties if so desired.
| Parameter | Example Value | Purpose |
|---|---|---|
| notification-mail-server | 10.254.202.5 | In order for the mail notification to work, a correct mailserver configuration must be set up. This value determines the name/ip address of mail server. |
| notification-mail-protocol | smtp | The mail protocol used for notification mails. This should always be set to SMTP unless a specific protocol has been developed for your implementation. |
| notification-mail-port | 25 | The port of the mail server. |
| Notification-mail-from-user | [email protected] | The from email address for outgoing mails. Note that this has to be filled out for mailing to work. |
| notification-mail-user | Trax | optional. can be used to set the mail user when connecting to the server |
| notification-mail-password | MailserverPWD | optional: can be used to send the password to the mail server |
| com.trax.signingadmin.notification.body | A {subject} is waiting for your approval | Body of the mails sent for signing notifications, may contain placeholders. |
| com.trax.signingadmin.notification.subject | Signing Notification | Subject of mails sent for signing notifications. |
Table 1210 Email Notification Properties
Transmission
| Parameter | Example Value | Purpose |
|---|---|---|
| com.trax.alliancelite.emis- sion | c:/Trax/Emissions/ | Transmission directory, is usually set from within the GUI |
Table 1211 Transmission Properties