Versions Compared

Old Version 19

changes.mady.by.user Fabian Nola

Saved on

compared with

New Version Current

changes.mady.by.user Armin Franke

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Parent

...

Configuration

...

Required

...

Default

...

Type

...

Description

...

server

...

port

...

8080

...

Integer

...

Port tia Viewer is listening to.
This port must be mapped in host context by container start command (e.g.: -p 80:8080 parameter for docker run )

...

tia.license

...

path

...

/application/config/license/

...

String

...

Path in container context containing the license file.

This path or the license file must be mapped from permanent host file system. See Location of the license file (Vc) .

...

tia.destinations.saphttp

...

host

...

(tick)

...

 

...

String

...

Hostname of the server with the content server

...

tia.destinations.saphttp

...

port

...

(tick)

...

 

...

Integer

...

Port of the content server usually 80 or 443

...

tia.destinations.saphttp

...

protocol

...

 

...

https

...

String

...

Protocol of the content server http or https

...

tia.destinations.saphttp

...

path

...

 

...

/contentserver

...

String

...

Context Path of the content server.

...

tia

...

repositoryinstancemapping

...

tia Viewer maps repositories to instance default, that are not explicitly mapped here.

...

List<String>

...

Relevant in CSV configuration, seehttps://kgs-software.atlassian.net/wiki/spaces/WIKI/pages/3246620679/Supported+Scenarios+Vc#Content-Server-Viewer-(CSV).

This parameter allows to map repositories to instances that can be configured separately. For more information see Instance settings .

Example in YAML configuration file:

Code Block
tia:
  repositoryinstancemapping:
    FI: finance
    HR: finance
    TR: default
    ZI: production

...

tia

...

secKey

...

 ❗

...

ABC123

...

String

...

This default is not intended for production use: Change this value

...

tia.stamps

...

locations

...

 

...

 

...

String

...

Default stamps available to all instances in addition to the instance specific stamps configured.

Stamp files are supported in the following formats:
JPEG, PNG, BMP, GIF

Configuration allows to enter a folder e.g.:

file:///tmp/stamps/

one or more files:

"file:///tmp/stamps/accept.png, /tmp/stamps_new/declined.jpg"

...

tia.stamps

...

cacheSize

...

 

...

100

...

Integer

...

Number of slots available in stamps cache entries. Each slot can hold one stamp file of size limited by maxFileSize. If more stamps are present, the oldest ones are removed from cache.

...

tia.stamps

...

expireMinutes

...

 

...

10

...

Integer

...

Lifetime of unused entries in stamp cache in minutes.

...

tia.stamps

...

maxFileSize

...

 

...

10000000

...

Integer

...

Max file size in bytes of each stamp file.

...

tia.mail

...

view_mode

...

 

...

Popup

...

String (Enum)

...

Triggers how emails are displayed and edited. Available values:

Popup (new window/tab is opened),

Embedded (in current window/tab)

HTTP Headers configuration

These parameters allow specification of HTTP Header required in web security contexts.

Info

Incorrect settings of these parameters may result in tia Viewer Core not functioning correctly.

...

Parent

...

Configuration

...

Required

...

Default

...

Type

...

Description

...

spring.security.csp

...

policy

Code Block
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self' https://login.microsoftonline.com; frame-src 'self' blob:; object-src 'self'; media-src 'self'; frame-ancestors 'self'; form-action 'self' https://login.microsoftonline.com https://outlook.office.com; base-uri 'self'; manifest-src 'self'; worker-src 'self';

...

String

...

Content Security Policy.

This setting secures communication between web server and browser against various attacks like XSS, or injections.

See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

...

spring.security.cors

...

allowed-origins

...

Code Block
http(s)://localhost:<port>

...

String

...

CORS Header: Access-Control-Allowed-Origin.

The Browser accepts resources from the allowed origin only. In the default, it will be created from:

${server.ssl.enabled:false} → if true, HTTPS

${server.address}

${server.port}

May be directly overwritten with

spring.security.cors.allowed-origins:

Allowed values are:

  • * ( Asterisk - from everywhere)

  • <origin> (one absolute URL)

Example:

Code Block
spring.security.cors.allowed-origins: "*"

...

spring.security.cors

...

allowed-headers

...

Code Block
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Cache-Control, Content-Type, Authorization

...

List<String>

...

CORS Header: Access-Control-Allowed-Headers.

The Headers, that are allowed by the browser. See:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers

Allowed values are:

  • *(Asterisk - all Headers)

  • List<String> (String list, comma seperated)

Example:

Code Block
spring.security.cors.allowed-headers: "*"

...

spring.security.cors

...

allowed-headers

...

Code Block
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Cache-Control, Content-Type, Authorization

...

List<String>

...

CORS Header: Access-Control-Allowed-Headers.

The Headers, that are allowed by the browser. See:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers

Allowed values are:

  • *(Asterisk - all Headers)

  • List<String> (String list, comma seperated)

Example:

Code Block
spring.security.cors.allowed-headers: "*"

...

spring.security.cors

...

allow-credentials

...

true

...

Boolean

...

CORS Header: Access-Control-Allow-Credentials.

Tell the browser, whether it allowes cross-origin request credentials or not (credentials may be in cookies etc.)

See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials

Example:

Code Block
tia.security.cors.allow-credentials: false

...

spring.security.cors

...

allow-x-frame-options-from

...

DENY

...

String(Enum)

CORS Header: X-Frame-Options.

Tells the browser if it accept the content of the viewer when its embedded in an iFrame.

See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

Info

Hint: This flag is obsolete when using CSP

Code Block
frame-ancestor

Allowed values are:

  • * (Allow from everywhere)

  • DENY

  • SAMEORIGIN

  • ALLOW-FROM XXXXXX (http-address [origin])

Example:

Code Block
spring.security.cors.allow-x-frame-options-from: "*"

...

spring.security.xss

...

mode

...

disabled

...

String (Enum)

Cross-Site Protection Header.

Note

Should not be set in Production.

See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection

Allowed values are:

  • block mode

  • block

  • disabled

Example:

...

The term global settings subsums all settings that affect the complete tia® Viewer Core installation in contrast to specific instance configuration (see Instance settings).

Therefore the global settings include all configuration parameters except those below parent tia.instances.