...
Kodblock |
---|
# Overrides applications default vp-config.properties
# Mule 3.7.0 and later
TP_HOST=0.0.0.0
#Location where certificate files are found
TP_TLS_STORE_LOCATION=/etc/mule/conf
#Truststore settings, what CAs and certificates VP should trust when communicating with
#consumers and producers.
TP_TLS_STORE_TRUSTSTORE_TYPE=jks
TP_TLS_STORE_TRUSTSTORE_FILE=truststore.jks
TP_TLS_STORE_TRUSTSTORE_PASSWORD=password
#Settings for the producer connector, when VP acts as producer, receiving calls from consumers
TP_TLS_STORE_PRODUCER_TYPE=jks
TP_TLS_STORE_PRODUCER_FILE=keystore.jks
TP_TLS_STORE_PRODUCER_PASSWORD=password
TP_TLS_STORE_PRODUCER_KEY_PASSWORD=password
#Settings for the consumer connector, when VP acts as consumer, making calls to producers
TP_TLS_STORE_CONSUMER_TYPE=jks
TP_TLS_STORE_CONSUMER_FILE=keystore.jks
TP_TLS_STORE_CONSUMER_PASSWORD=password
TP_TLS_STORE_CONSUMER_KEY_PASSWORD=password |
Typiska inställningar i vp-config-overide.properties
Kodblock |
---|
# Overrides applications default vp-config.properties ############################################################################################### # Comma separated list of ip addresses that should be valid to call virtual services (VP) # using http (and of course valid headers for authorization). When using https this list # is not used. # # IP_WHITE_LIST=127.0.0.1,127.0.0.X,127.0.0.Y ############################################################################################### IP_WHITE_LIST=<your list> # Standard properties for an external ActiveMQ broker, see soitoolkit-mule-jms-connector-activemq-external.xml. SOITOOLKIT_MULE_AMQ_BROKER_URL=failover:(tcp://<your host x>:61616,tcp://<your host y>:61616) ############################################################################## # Properties for service "VagvalRouter" # # Mandatory comma separated list of ip addresses (or subdomains, e.g 127.0.0 for all ip adresses under that domain) # that should be valid to call virtual services (VP) using http (and of course valid headers for authorization). # When using https this list is not used. # # IP_WHITE_LIST=127.0.0,127.1.2.3,127.4.6.7 # # Mandatory identifier of this VP instance to be used when communicating over http with other # SKLTP components # # VP_INSTANCE_ID=THIS_VP_INSTANCE_ID # # Optional http header to be used by e.g a load balancer to set the sender ip adress. A typical scenario # is when a service consumer calls VP through a load balancer and VP would like to have information # regarding the consumers ip adress. # # VAGVALROUTER_SENDER_IP_ADRESS_HTTP_HEADER=X-Forwarded-For # ############################################################################## TP_SOKVAGVALSINFO_URL=http://localhost:8080/tak-services/SokVagvalsInfo/v2 VP_INSTANCE_ID=<YOUR VP INSTANCE ID> ######################################################################################## # Properties for WSDL-query re-write of URL's (supporting WSDL-lookup using ?wsdl) # when VP is fronted with a reverse-proxy/load-balancer that changes any of the below # properties before forwarding to VP. # Refer to response transformer: se.skl.tp.vp.util.wsdl.WsdlQueryReferencedUrlsResponseTransformer ######################################################################################### VP_HTTP_HEADER_NAME_FORWARDED_PROTO=X-Forwarded-Proto VP_HTTP_HEADER_NAME_FORWARDED_HOST=X-Forwarded-Host VP_HTTP_HEADER_NAME_FORWARDED_PORT=X-Forwarded-Port ###VAGVALROUTER_SENDERID=2.5.4.5 VAGVALROUTER_SENDERID=OU # Control if event-logging should be done to JMS or not. ENABLE_LOG_TO_JMS=false ################################################################# # Properties for service "resetVagvalCache" # # RESETVAGVALCACHE_INBOUND_URI=URI for reset cache # RESETVAGVALCACHE_PORT=Port number for reset cache # LOCAL_TAK_CACHE=Path to file where local TAK cache should exist # Default LOCAL_TAK_CACHE=${user.home}${file.separator}.tk.localCache ################################################################# LOCAL_TAK_CACHE=<your>/<path>/<to>/.tk.localCache RESETVAGVALCACHE_TIMEOUT_MS=30000 ##################################################################################################### # HSA cache properties # # # # HSA_FILES=<file1,file,filex> # ##################################################################################################### # List if files to be read by HSA cache, first file is master, rest is complementary HSA_FILES=<your>/<path>/<to>/hsacache.xml,<your>/<path>/<to>/hsacachecomplementary.xml ############################################################################################################# # Response timeout Feature properties # It is possible to control response timeout on each service in VP, if the service supports it. # Default values for all services are defined in SERVICE_TIMEOUT_MS, to override follow the convention # described below and make sure the service to use supports this feature. # # Convention: feature.featureresponsetimeout.<service contract namespace>=5000 # Example: feature.featureresponsetimeout.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=5000 ############################################################################################################# # Default timeout for synchronous services SERVICE_TIMEOUT_MS=30000 feature.featureresponsetimeout.druglogistics.dosedispensing=5000 #Infektionsverktyget feature.featureresponsetimeout.urn.riv.processdevelopment.infections.DeleteActivityResponder.1=5000 ##################################################################################################### # Keep alive Feature properties # It is possible to control keep-alive settings on each service in VP. If a service has keep-alive # # enabled all consumers and producers are affected. Default setting is used by all services and # # is set to feature.keepalive=false. To enable keep-alive for one service use this convention: # # Convention: feature.keepalive.<service contract namespace>=true # # Example: feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=true # ##################################################################################################### #Default setting is false, used by all services that does not specify any specific configuration feature.keepalive=false feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=false |
...
Komplett sammanställning av alla inställningar som finns i VP
...
- Propagera certifikat och inkommande HTTP-header(s) från reverse-proxy till VP:
- Sätta certifikat för inkommande anrop i HTTP-header: x-vp-auth-cert
- Lägga till IP-nr (inre) för reverse-proxy till VP's whitelist property (i vp-config.properties): IP_WHITE_LIST
- Propagera HTTP-header om den är satt: x-rivta-original-serviceconsumer-hsaid
- Propagera IP-nr för inkommande anrop i HTTP-header med namn enligt property i vp-config.properties (namn kan konfigureras): VAGVALROUTER_SENDER_IP_ADRESS_HTTP_HEADER=X-Forwarded-For
Ref: SKLTP VP SAD - Arkitekturella krav#Arkitekturellakrav-FK-5,Ursprungligavsändare
Sätta HTTP "forwarded" headers för att stödja WSDL-lookup (t ex som: https://vp/service_x?wsdl):
Ref: SKLTP - Lastbalanserare / Reverse-proxy
Namn på HTTP headers kan ändras i vp-config.properties (se exempel på konfigurationsfil ovan):Inget format VP_HTTP_HEADER_NAME_FORWARDED_PROTO=X-Forwarded-Proto VP_HTTP_HEADER_NAME_FORWARDED_HOST=X-Forwarded-Host VP_HTTP_HEADER_NAME_FORWARDED_PORT=X-Forwarded-Port
Exempel: HTTP headers prefixade med VP:
Inget format VP_HTTP_HEADER_NAME_FORWARDED_PROTO=VP-X-Forwarded-Proto VP_HTTP_HEADER_NAME_FORWARDED_HOST=VP-X-Forwarded-Host VP_HTTP_HEADER_NAME_FORWARDED_PORT=VP-X-Forwarded-Port
...
Konfiguration av specifika features
...
Exemple: feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=true #
...
Parameter | Default värde | Kommentar |
---|---|---|
feature.keepalive | false | Default värde som sätter alla virtuella tjänster till att keep-alive inte skall vara aktiverat. Detta överlagras av respektive tjänst som vill ha keep-alive påslaget enligt konventionen beskriven ovan. |
Feature responseTimeout
För de virtuella tjänster i VP som har stöd för individuell inställning av timeout går detta att styra per tjänst, såväl connection som response timeouten styrs av denna inställning. Ett default värde (SERVICE_TIMEOUT_MS) sätts för alla virtuella tjänster som sedan kan överlagras av repektive tjänst enligt följande tillvägagångssätt.
...