09. Settings: Connector Configuration
The messaging-services can be configured in your application.properties file. The following properties can be used:
| Field | Since Version | Default Value (if any) | Usage |
|---|---|---|---|
| daps.token.url | 4.1.0.0 | URL where TokenManagerService tries to get a DAT from | |
| daps.key.url.kid | 4.1.0.0 | takes a map of DAPS JWKS URLs and KIDs, used as PublicKeys to check incoming DATs | |
| shacl.validation | 4.1.0.0 | false | specifies if shacl validation of messages should be performed |
| daps.mode | 4.1.0.0 | which DAPS should be used (can be "orbiter" or "aisec") | |
| configuration.path | 4.1.0.0 | path to a config.json file containing JSON-LD representation of a ConfigurationModel | |
| configuration.keyStorePassword | 4.1.0.0 | password for the Keystore specified in ConfigurationModel | |
| configuration.keyAlias | 4.1.0.0 | alias of the private key to be used by the Connector (for example for signing request when getting a DAT) | |
| configuration.trustStorePassword | 4.1.0.0 | password for the Truststore specified in ConfigurationModel | |
| clearinghouse.url | 4.1.0.0 | url of the clearinghouse (used by ClearingHouseService) | |
| clearinghouse.query.endpoint | 4.1.1.0 | /messages/query | clearinghouse endpoint for query-messages |
| clearinghouse.log.endpoint | 4.1.1.0 | /messages/log | clearinghouse endpoint for log-messages |
| clearinghouse.process.endpoint | 5.0.0 | /process | clearinghouse endpoint for creating process IDs (PID) |
| infomodel.compatibility.validation | 4.3.0 | true | Allows to disable the validation of incoming messages for their ModelVersion-compatibility against the inbound-model-versions of the connector. Note: Wildcards may also be used for inbound-model-versions to support different subversions, e.g. 4.1.* would be a valid specification in the inbound-model-version of the Connector and would work in the validation. |
| referred.check | 5.1.0 | false | enables comparison between DAT referringConnector in DAT-body and ids:issuerConnector in message-header, automatically sends Rejectionmessage if enabled and check not successfully passed |
| daps.enable.log.jwt | 5.2.0 | false | enables DAPS response logging including the JWT |
| daps.enable.cache.dat | 5.2.0 | true | enables or disables caching of DAPS DAT |
| daps.time.offset.seconds | 5.2.0 | 10 (seconds) | freely configure a possible time difference between the system of the connector and the DAPS. The entered interger value is subtracted from the current time in the form of seconds and the iat (issued at) and nbf (not before) are set in the JWT from the connector to the DAPS for the DAT request with the adjusted time |
| daps.jwt.signature.algorithm | 5.3.0 | RSA256 | RSA256/ECDSA256, choose between RSA 256 and ECDSA 256 as signature signing algorithm for the JWTs to the DAPS for the DAT request. Default if not set is RSA256. |
The IDS Messaging Services have some options, which can be configured at runtime, to customize the inner workings of some components, or for adding additional checks & features.
| Option | Description |
|---|---|
| EndpointService.addMapping(String url); | Add a new mapping (path) which will point to the IDSController for Multipart Message handling |
| EndpointService.removeMapping(String url); | Remove a mapping from the IDSController |
| DapsVerifier.addValidationRule(DatValidationRule rule); | Add a Custom DatValidationRule, you can add a lambda Claims -> ValidationRuleResult which will be checked for incoming tokens |
| IdsHttpService.setTimeouts(final Duration connectTimeout, final Duration readTimeout, final Duration writeTimeout, final Duration callTimeout); | Set custom timeouts for your httpclients |
| IdsHttpService.removeTimeouts(); | Use default OkHttp timeout settings |
| MessageDispatcher.registerPreDispatchingAction(PreDispatchingFilter filter); | Add a custom PreDispatchingFilter, discarding incoming Multipart Messages, if it does not return a success, you can use a lambda Message -> PreDispatchingFilterResult for this. |
Following can be used for the custom PreDispatchingFilter on incoming Messages:
DapsVerifier.addValidationRule(claim -> !"example.org".equals(claim.getIssuer()) ?
ValidationRuleResult.success() :
ValidationRuleResult.failure("This rule sometimes fails!")
);
The Messaging Services provide two interceptors for customizing the initial creation of an IDS Connectors configuration. PreConfigProducerInterceptor and PostConfigProducerInterceptor.
The PreConfigProducerInterceptor gets the configuration properties from the application.propterties file and has to return a ConfigurationModel instance, which will be used for the connector configuration.
The PostConfigProducerInterceptor takes the ConfigContainer generated by the ConfigProducer and can apply changes to that, before it is passed to the classes which are using the ConfigContainer.