| Innehållsförteckning |
|---|
Konfiguration av Virtualiseringsplattformen
För att överlagra defaultinställningar behöver en fil med namnet vp-config-override.properties finnas på classpath.
...
| Varning |
|---|
Not! Använd inte mellanslag i de värden som konfigureras i vp-[config|security]override.properties. Detta är inte ok, vp_instance_id=VALUE # whitespace after the value |
Instruktion för tidigare versioner av VP
SKLTP VP - Konfiguration av äldre versioner
Release Note - Virtualiseringsplatformen, för att läsa om förändringar mellan olika versioner
Instruktion för senaste versionen av VP
Release Note - Virtualiseringsplatformen, förändringar i properties sedan tidigare versioner
Typiska inställningar i vp-security-overide.properties
| Kodblock |
|---|
# Overrides applications default vp-config.properties #Location where certificate files are found TP_TLS_STORE_LOCATION=/etc/mule/conf #Truststore settings, what CAs and certificates VP should trust when communicating with #consumers and producers. TP_TLS_STORE_TRUSTSTORE_TYPE=jks TP_TLS_STORE_TRUSTSTORE_FILE=truststore.jks TP_TLS_STORE_TRUSTSTORE_PASSWORD=password #Settings for the producer connector, when VP acts as producer, receiving calls from consumers TP_TLS_STORE_PRODUCER_TYPE=jks TP_TLS_STORE_PRODUCER_FILE=keystore.jks TP_TLS_STORE_PRODUCER_PASSWORD=password TP_TLS_STORE_PRODUCER_KEY_PASSWORD=password #Settings for the consumer connector, when VP acts as consumer, making calls to producers TP_TLS_STORE_CONSUMER_TYPE=jks TP_TLS_STORE_CONSUMER_FILE=keystore.jks TP_TLS_STORE_CONSUMER_PASSWORD=password TP_TLS_STORE_CONSUMER_KEY_PASSWORD=password |
Typiska inställningar i vp-config-override.properties
| Kodblock | ||
|---|---|---|
| ||
#
Overrides applications default vp-config.properties
# Mule 3.7.0 and later
TP_HOST=0.0.0.0
###############################################################################################
# Comma separated list of ip addresses that should be valid to call virtual services (VP)
# using http (and of course valid headers for authorization). When using https this list
# is not used.
#
# IP_WHITE_LIST=127.0.0.1,127.0.0.X,127.0.0.Y
###############################################################################################
IP_WHITE_LIST=<your list>
# Standard properties for an external ActiveMQ broker, see soitoolkit-mule-jms-connector-activemq-external.xml.
SOITOOLKIT_MULE_AMQ_BROKER_URL=failover:(tcp://<your host x>:61616,tcp://<your host y>:61616)
##############################################################################
# Properties for service "VagvalRouter"
#
# Mandatory comma separated list of ip addresses (or subdomains, e.g 127.0.0 for all ip adresses under that domain)
# that should be valid to call virtual services (VP) using http (and of course valid headers for authorization).
# When using https this list is not used.
#
# IP_WHITE_LIST=127.0.0,127.1.2.3,127.4.6.7
#
# Mandatory identifier of this VP instance to be used when communicating over http with other
# SKLTP components
#
# VP_INSTANCE_ID=THIS_VP_INSTANCE_ID
#
# Optional http header to be used by e.g a load balancer to set the sender ip adress. A typical scenario
# is when a service consumer calls VP through a load balancer and VP would like to have information
# regarding the consumers ip adress.
#
# VAGVALROUTER_SENDER_IP_ADRESS_HTTP_HEADER=X-Forwarded-For
#
##############################################################################
TP_SOKVAGVALSINFO_URL=http://localhost:8080/tak-services/SokVagvalsInfo/v2
VP_INSTANCE_ID=<YOUR VP INSTANCE ID>
########################################################################################
# Properties for WSDL-query re-write of URL's (supporting WSDL-lookup using ?wsdl)
# when VP is fronted with a reverse-proxy/load-balancer that changes any of the below
# properties before forwarding to VP.
# Refer to response transformer: se.skl.tp.vp.util.wsdl.WsdlQueryReferencedUrlsResponseTransformer
#########################################################################################
VP_HTTP_HEADER_NAME_FORWARDED_PROTO=X-Forwarded-Proto
VP_HTTP_HEADER_NAME_FORWARDED_HOST=X-Forwarded-Host
VP_HTTP_HEADER_NAME_FORWARDED_PORT=X-Forwarded-Port
###VAGVALROUTER_SENDERID=2.5.4.5
VAGVALROUTER_SENDERID=OU
# Control if event-logging should be done to JMS or not.
ENABLE_LOG_TO_JMS=false
# Enable resend on VP009. Logs 'Could not route. Will retry after ... millisec' if first request fails.
# To disable remove property or set RETRY_ROUTE_AFTER_MS=0
RETRY_ROUTE_AFTER_MS=2000
#################################################################
# Properties for service "resetVagvalCache"
#
# RESETVAGVALCACHE_INBOUND_URI=URI for reset cache
# RESETVAGVALCACHE_PORT=Port number for reset cache
# LOCAL_TAK_CACHE=Path to file where local TAK cache should exist
# Default LOCAL_TAK_CACHE=${user.home}${file.separator}.tk.localCache
#################################################################
LOCAL_TAK_CACHE=<your>/<path>/<to>/.tk.localCache
RESETVAGVALCACHE_TIMEOUT_MS=30000
#####################################################################################################
# HSA cache properties #
# #
# HSA_FILES=<file1,file,filex> #
#####################################################################################################
# List if files to be read by HSA cache, first file is master, rest is complementary
HSA_FILES=<your>/<path>/<to>/hsacache.xml,<your>/<path>/<to>/hsacachecomplementary.xml
#############################################################################################################
# Response timeout Feature properties
# It is possible to control response timeout on each service in VP, if the service supports it.
# Default values for all services are defined in SERVICE_TIMEOUT_MS, to override follow the convention
# described below and make sure the service to use supports this feature.
#
# Convention: feature.featureresponsetimeout.<service contract namespace>=5000
# Example: feature.featureresponsetimeout.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=5000
#############################################################################################################
# Default timeout for synchronous services
SERVICE_TIMEOUT_MS=30000
feature.featureresponsetimeout.druglogistics.dosedispensing=5000
#Infektionsverktyget
feature.featureresponsetimeout.urn.riv.processdevelopment.infections.DeleteActivityResponder.1=5000
#####################################################################################################
# Keep alive Feature properties
# It is possible to control keep-alive settings on each service in VP. If a service has keep-alive #
# enabled all consumers and producers are affected. Default setting is used by all services and #
# is set to feature.keepalive=false. To enable keep-alive for one service use this convention: #
# Convention: feature.keepalive.<service contract namespace>=true #
# Example: feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=true #
#####################################################################################################
#Default setting is false, used by all services that does not specify any specific configuration
feature.keepalive=false
feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=false
|
Komplett sammanställning av alla inställningar som finns i VP
Terminering av SSL/TLS framför VP
Om SSL/TLS trafik termineras framför VP, i t ex en reverse-proxy, behöver dessa konfigurationer göras:
...
Sätta HTTP "forwarded" headers för att stödja WSDL-lookup (t ex som: https://vp/service_x?wsdl):
Ref: SKLTP - Lastbalanserare / Reverse-proxy
Namn på HTTP headers kan ändras i vp-config.properties (se exempel på konfigurationsfil ovan):
| Inget format |
|---|
VP_HTTP_HEADER_NAME_FORWARDED_PROTO=X-Forwarded-Proto
VP_HTTP_HEADER_NAME_FORWARDED_HOST=X-Forwarded-Host
VP_HTTP_HEADER_NAME_FORWARDED_PORT=X-Forwarded-Port |
Exempel: HTTP headers prefixade med VP:
| Inget format |
|---|
VP_HTTP_HEADER_NAME_FORWARDED_PROTO=VP-X-Forwarded-Proto
VP_HTTP_HEADER_NAME_FORWARDED_HOST=VP-X-Forwarded-Host
VP_HTTP_HEADER_NAME_FORWARDED_PORT=VP-X-Forwarded-Port |
Konfiguration av specifika features
Feature keep-alive
För de virtuella tjänster i VP som har stöd för keep-alive finns det möjlighet att per tjänst styra om keep-alive skall vara aktiverat eller ej. Ett default värde (feature.keepalive) sätts för alla virtuella tjänster som sedan kan överlagras av respektive tjänst som vill aktivera keep-alive. Aktiveringen av keep-alive görs enligt en given konvention:
Konvention: feature.keepalive.<service contract namespace>=true
Exemple: feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=true #
...
feature.keepalive
...
Feature responseTimeout
För de virtuella tjänster i VP som har stöd för individuell inställning av timeout går detta att styra per tjänst, såväl connection som response timeouten styrs av denna inställning. Ett default värde (SERVICE_TIMEOUT_MS) sätts för alla virtuella tjänster som sedan kan överlagras av repektive tjänst enligt följande tillvägagångssätt.
Konvention: feature.featureresponsetimeout.<service contract namespace>=true
Exemple: feature.featureresponsetimeout.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=5000
Default sätts connection och response timeouten i parametern SERVICE_TIMEOUT_MS.
Konfigurera loggning av LogEvents
Konfiguration av loggning görs i <mule-hom>/apps/<vp-services>/classes/log4j.xml, notera att det inte krävs någon omstart av applikationen, ändringar slår direkt i runtime.
Exempel på logEvents
DEBUG
| Kodblock | ||
|---|---|---|
| ||
** logEvent-debug.start ***********************************************************
IntegrationScenarioId=
ContractId=
LogMessage=xreq-in
ServiceImpl=vagval-dynamic-routing-flow
Host=33.33.33.1 (33.33.33.1)
ComponentId=1133a557-b5cc-11e3-bd36-2da34769782a
Endpoint=https://localhost:20000/vp/tjanst1
MessageId=15c27c95-b5cc-11e3-bd36-2da34769782a
BusinessCorrelationId=15cc67b1-b5cc-11e3-bd36-2da34769782a
BusinessContextId=
ExtraInfo=
-senderid=tp
-originalServiceconsumerHsaid=null
-source=se.skl.tp.vp.util.LogTransformer
-cxf_service=urn:skl:tjanst1:rivtabp20
-rivversion=RIVTABP20
-receiverid=vp-test-producer
Payload=<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:riv:interoperability:headers:1" xmlns:urn1="urn:riv:itintegration:registry:1">
<soapenv:Header>
<ns2:To xmlns:ns2="http://www.w3.org/2005/08/addressing" xmlns:ns3="urn:skl:tjanst1:rivtabp20">vp-test-producer</ns2:To>
</soapenv:Header>
<soapenv:Body>
<ns3:getProductDetailElem xmlns:ns2="http://www.w3.org/2005/08/addressing" xmlns:ns3="urn:skl:tjanst1:rivtabp20">
<productId>Exception</productId>
</ns3:getProductDetailElem>
</soapenv:Body>
</soapenv:Envelope>
** logEvent-debug.end ************************************************************* |
INFO
| Kodblock | ||
|---|---|---|
| ||
** logEvent-info.start ***********************************************************
IntegrationScenarioId=
ContractId=
LogMessage=xreq-in
ServiceImpl=vagval-dynamic-routing-flow
Host=33.33.33.1 (33.33.33.1)
ComponentId=1133a557-b5cc-11e3-bd36-2da34769782a
Endpoint=https://localhost:20000/vp/tjanst1
MessageId=15c27c95-b5cc-11e3-bd36-2da34769782a
BusinessCorrelationId=15cc67b1-b5cc-11e3-bd36-2da34769782a
BusinessContextId=
ExtraInfo=
-senderid=tp
-originalServiceconsumerHsaid=null
-source=se.skl.tp.vp.util.LogTransformer
-cxf_service=urn:skl:tjanst1:rivtabp20
-rivversion=RIVTABP20
-receiverid=vp-test-producer
Payload=
** logEvent-info.end ************************************************************* |
Konfiguration av felmeddelanden
VP00x-felstexter är nu konfigurerbara och kan sättas i override-property-fil. Följande felutskrifter är default:
| Kodblock |
|---|
# ######################################################################################################### # # Felkoder enligt riv-ta: # # Copyright (c) 2013 Center for eHalsa i samverkan (CeHis). # <http://cehis.se/> # # This file is part of SKLTP. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Lesser General Public # License as published by the Free Software Foundation; either # version 2.1 of the License, or (at your option) any later version. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Lesser General Public License for more details. # # You should have received a copy of the GNU Lesser General Public # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA # # Standard properties for an external ActiveMQ broker, see soitoolkit-mule-jms-connector-activemq-external.xml. SOITOOLKIT_MULE_AMQ_BROKER_URL=failover:(tcp://localhost:61616) DEFAULT_MULE_AMQ_BROKER_URL=vm://localhost?broker.persistent=false&broker.useJmx=false SOITOOLKIT_MULE_AMQ_MAX_REDELIVERIES=3 SOITOOLKIT_MULE_AMQ_REDELIVERY_DELAY=10000 SOITOOLKIT_MULE_AMQ_NO_OF_CONSUMERS=2 # Default queue names for info end error log-events SOITOOLKIT_LOG_INFO_QUEUE=SOITOOLKIT.LOG.STORE SOITOOLKIT_LOG_ERROR_QUEUE=SOITOOLKIT.LOG.ERROR # Control if event-logging should be done to JMS or not. ENABLE_LOG_TO_JMS=true TP_DISPATCH_MAX_THREADS_ACTIVE=50 TP_DISPATCH_MAX_THREADS_IDLE=25 TP_DISPATCH_MAX_THREADS_TTL=10000 TP_RECEIVE_MAX_THREADS_ACTIVE=50 TP_RECEIVE_MAX_THREADS_IDLE=25 TP_RECEIVE_MAX_THREADS_TTL=10000 ################################################################################################# # Properties for the HTTPS Producer connector, VP as a producer # # VP_MULE_HTTPS_PRODUCER_CONNECTOR_TCPNODELAY=true|false # If set, transmitted data is not collected together for greater efficiency but sent # immediately. # # VP_MULE_HTTPS_PRODUCER_CONNECTOR_KEEPALIVE_TIMEOUT_MS=0 # HTTP Keep-Alive timeout (milliseconds), set on connector supporting Keep-Alive only # # VP_MULE_HTTPS_PRODUCER_CONNECTOR_KEEPALIVE=true|false # Set to true if this connector should support Keep-Alive ################################################################################################# VP_MULE_HTTPS_PRODUCER_CONNECTOR_TCPNODELAY=true VP_MULE_HTTPS_PRODUCER_CONNECTOR_KEEPALIVE=true VP_MULE_HTTPS_PRODUCER_CONNECTOR_KEEPALIVE_TIMEOUT_MS=70000 ################################################################################################# # Properties for the HTTPS Consumer connector/s (Keep-Alive and not Keep-Alive), VP as a consumer # # VP_MULE_HTTPS_CONSUMER_CONNECTOR_TCPNODELAY=true|false # If set, transmitted data is not collected together for greater efficiency but sent # immediately. # # VP_MULE_HTTPS_CONSUMER_CONNECTOR_KEEPALIVE_TIMEOUT_MS=0 # HTTP Keep-Alive timeout (milliseconds), set on connector supporting Keep-Alive only # # SOCKET_SO_LINGER_MS=0 # This sets the SO_LINGER value. This is related to how long (in milliseconds) the socket # will take to close so that any remaining data is transmitted correctly. # # CLIENT_SO_TIMEOUT_MS=0 # SO_TIMEOUT is the timeout that a read() call will block. If the timeout is reached, a java.net.SocketTimeoutException will be thrown. # If you want to block forever put this option to zero (the default value), then the read() call will block until at least 1 byte could be read. ################################################################################################# VP_MULE_HTTPS_CONSUMER_CONNECTOR_TCPNODELAY=true VP_MULE_HTTPS_CONSUMER_CONNECTOR_KEEPALIVE_TIMEOUT_MS=70000 SOCKET_SO_LINGER_MS=0 CLIENT_SO_TIMEOUT_MS=30000 ######################################################################################## # Properties for the HTTP Consumer connector/s, VP as a consumer # # VP_MULE_HTTP_CONSUMER_CONNECTOR_TCPNODELAY=true|false # If set, transmitted data is not collected together for greater efficiency but sent # immediately. # # VP_MULE_HTTP_CONSUMER_CONNECTOR_KEEPALIVE==true|false # Set to true if this connector should support Keep-Alive # # VP_MULE_HTTP_CONSUMER_CONNECTOR_KEEPALIVE_TIMEOUT_MS=0 # HTTP Keep-Alive timeout (milliseconds), set on connector supporting Keep-Alive only # # VP_MULE_HTTP_CONSUMER_CONNECTOR_SOCKET_SO_LINGER_MS=0 # This sets the SO_LINGER value. This is related to how long (in milliseconds) the socket # will take to close so that any remaining data is transmitted correctly. ######################################################################################### VP_MULE_HTTP_CONSUMER_CONNECTOR_TCPNODELAY=true VP_MULE_HTTP_CONSUMER_CONNECTOR_KEEPALIVE=true VP_MULE_HTTP_CONSUMER_CONNECTOR_KEEPALIVE_TIMEOUT_MS=70000 VP_MULE_HTTP_CONSUMER_CONNECTOR_SOCKET_SO_LINGER_MS=0 VP_MULE_HTTP_CONSUMER_CONNECTOR_CLIENT_SO_TIMEOUT_MS=30000 # TP Specific TP_HOST=localhost TP_PORT=20000 TP_PORT_HTTP=8080 TP_BASE_URI=vp # TAK Specific TK_HOST=localhost TK_PORT=8080 # Routing and authorization services in TAK TP_SOKVAGVALSINFO_URL=${TP_SOKVAGVALSINFO_TESTSTUB_URL} TP_SOKVAGVALSINFO_TESTSTUB_URL=http://${TK_HOST}:${TK_PORT}/tak-services/SokVagvalsInfo/v2 ######################################################################################## # Properties for WSDL-query re-write of URL's (supporting WSDL-lookup using ?wsdl) # when VP is fronted with a reverse-proxy/load-balancer that changes any of the below # properties before forwarding to VP. # Refer to response transformer: se.skl.tp.vp.util.wsdl.WsdlQueryReferencedUrlsResponseTransformer ######################################################################################### VP_HTTP_HEADER_NAME_FORWARDED_PROTO=X-Forwarded-Proto VP_HTTP_HEADER_NAME_FORWARDED_HOST=X-Forwarded-Host VP_HTTP_HEADER_NAME_FORWARDED_PORT=X-Forwarded-Port ############################################################################## # Properties for service "VagvalRouter" # # Mandatory comma separated list of ip addresses (or subdomains, e.g 127.0.0 for all ip adresses under that domain) # that should be valid to call virtual services (VP) using http (and of course valid headers for authorization). # When using https this list is not used. # # IP_WHITE_LIST=127.0.0,127.1.2.3,127.4.6.7 # # Mandatory identifier of this VP instance to be used when communicating over http with other # SKLTP components # # VP_INSTANCE_ID=THIS_VP_INSTANCE_ID # # Optional http header to be used by e.g a load balancer to set the sender ip adress. A typical scenario # is when a service consumer calls VP through a load balancer and VP would like to have information # regarding the consumers ip adress. # # VAGVALROUTER_SENDER_IP_ADRESS_HTTP_HEADER=X-Forwarded-For # ############################################################################## IP_WHITE_LIST=127.0.0.1 #List of allowed ip-numbers for consumer VP_INSTANCE_ID=THIS_VP_INSTANCE_ID # The identification of the VP instance VAGVALROUTER_SENDER_IP_ADRESS_HTTP_HEADER=X-Forwarded-For ###VAGVALROUTER_SENDERID=2.5.4.5 VAGVALROUTER_SENDERID=OU VAGVALROUTER_INBOUND_URI=vagvalrouter/v1 VAGVALROUTER_HTTPSCONSUMERCONNECTORNAME=VPConsumerConnector VAGVALROUTER_PROPAGATE_CORRELATION_ID_FOR_HTTPS=false # Properties for service "PingService" PINGSERVICE_INBOUND_URL=http://${TP_HOST}:${TP_PORT_HTTP}/${TP_BASE_URI}/monitor/ping PINGSERVICE_TEST_LOGICAL_ADDRESS=Ping PINGSERVICE_TEST_URL=${PINGFORCONFIGURATIONSERVICE_RIVTABP21_INBOUND_ENDPOINT} PINGSERVICE_RESPONSE=TP is alive! PINGSERVICE_ERROR_RESPONSE=TP ERROR: PINGSERVICE_TEST_TIMEOUT_MS=2000 ############################################################################## # PingForConfiguration # # PINGFORCONFIGURATIONSERVICE_RIVTABP21_INBOUND_ENDPOINT (https/http) # https://${TP_HOST}:${TP_PORT}/${TP_BASE_URI}/services/PingForConfiguration/1/rivtabp21?connector=VPProducerConnector # http://${TP_HOST}:${TP_PORT_HTTP}/${TP_BASE_URI}/services/PingForConfiguration/1/rivtabp21 ############################################################################## # RIVTABP21 PINGFORCONFIGURATIONSERVICE_RIVTABP21_INBOUND_ENDPOINT=http://${TP_HOST}:${TP_PORT_HTTP}/${TP_BASE_URI}/itintegration/monitoring/PingForConfiguration/1/rivtabp21 APPLICATION_NAME=VP ########################################################################################### ## Deprecated default routing configuration (VG#VE). From version 3.3.0. ## ## DEPRECATED_DEAFAULT_ROUTING_DELIMITER - Should be # ## If empty the default routing is turned off. ## DEPRECATED_DEFAULT_ROUTING_CONTRACTS - Contracts allowed to be used with defaultrouting. ## Comma separated list with contract namespaces ## If not defined or empty all contracts is allowed. ## DEPRECATED_DEFAULT_ROUTING_SENDERS- Consumers allowed to use default routing ## Comma separated list of consumers ## If not defined or empty all consumers is allowed. ######################################################################################### DEPRECATED_DEAFAULT_ROUTING_DELIMITER=# DEPRECATED_DEFAULT_ROUTING_CONTRACTS=urn:riv:ehr:accesscontrol:AssertCareEngagementResponder:1,urn:riv:insuranceprocess:healthreporting:ReceiveMedicalCertificateQuestionResponder:1,urn:riv:insuranceprocess:healthreporting:ReceiveMedicalCertificateAnswerResponder:1 DEPRECATED_DEFAULT_ROUTING_SENDERS=TSTNMT2321000156-B02,SE5565594230-BCQ ################################################################# # Properties for service "resetVagvalCache" # # RESETVAGVALCACHE_INBOUND_URL=URL where reset TAK cache should be exposed # LOCAL_TAK_CACHE=Path to file where local TAK cache should exist # RESETVAGVALCACHE_TIMEOUT_MS=Timeout used when fetching from TAK ################################################################# LOCAL_TAK_CACHE=${user.home}${file.separator}.tk.localCache # < ver. 3.3.0 # takcache.persistent.file.name=${user.home}${file.separator}.tk.localCache # >= ver. 3.3.0 # RESETVAGVALCACHE_INBOUND_URL=http://${TP_HOST}:23000/resetcache RESETVAGVALCACHE_TIMEOUT_MS=30000 ####################################################################### # Properties for service "resetHsaCache" # # RESETHSACACHE_INBOUND_URL=URL where reset HSA cache should be exposed # RESETHSACACHE_TIMEOUT_MS=Max response time for reset HSA cache ####################################################################### RESETHSACACHE_INBOUND_URL=http://${TP_HOST}:24000/resethsacache RESETHSACACHE_TIMEOUT_MS=10000 ############################################################################## # GetSupportedServiceContract # # Services supports both http and https ############################################################################## # V1 (https default for backwards compatible with vp 2.2.2 and earlier) GETSUPPORTEDSERVICECONTRACTS_RIVTABP21_PORT=23001 GETSUPPORTEDSERVICECONTRACTS_V1_INBOUND_ENDPOINT=https://${TP_HOST}:${GETSUPPORTEDSERVICECONTRACTS_RIVTABP21_PORT}/${TP_BASE_URI}/GetSupportedServiceContracts/1/rivtabp21?connector=VPProducerConnector GETSUPPORTEDSERVICECONTRACTS_OUTBOUND_URL=http://${TK_HOST}:${TK_PORT}/tp-vagval-admin-services/GetSupportedServiceContracts # V2 GETSUPPORTEDSERVICECONTRACTS_V2_INBOUND_ENDPOINT=http://${TP_HOST}:${TP_PORT_HTTP}/${TP_BASE_URI}/services/GetSupportedServiceContracts/2/rivtabp21 GETSUPPORTEDSERVICECONTRACTS_V2_OUTBOUND_URL=http://${TK_HOST}:${TK_PORT}/tp-vagval-admin-services/GetSupportedServiceContracts/v2 ########################################### # GetLogicalAddressesByServiceContract # # Services supports both http and https ########################################### # V1 default uses https on port 23001 to be backwards compatible with 2.2.1 and earlier releases GETLOGICALADDRESSESBYSERVICECONTRACT_V1_INBOUND_ENDPOINT=https://${TP_HOST}:23001/${TP_BASE_URI}/GetLogicalAddresseesByServiceContract/1/rivtabp21?connector=VPProducerConnector # V2 uses default http to skip overhead with using SSL GETLOGICALADDRESSESBYSERVICECONTRACT_V2_INBOUND_ENDPOINT=http://${TP_HOST}:${TP_PORT_HTTP}/${TP_BASE_URI}/services/GetLogicalAddresseesByServiceContract/2/rivtabp21 ############################################################################################################# # Response timeout Feature properties # It is possible to control response timeout on each service in VP, if the service supports it. # Default values for all services are defined in SERVICE_TIMEOUT_MS, to override follow the convention # described below and make sure the service to use supports this feature. # # Convention: feature.featureresponsetimeout.<service contract domain>=5000 # Example: feature.featureresponsetimeout.crm.scheduling=5000 ############################################################################################################# #The timeout for a response if making a synchronous endpoint call SERVICE_TIMEOUT_MS=30000 #Defaults for services provided by VP it self feature.featureresponsetimeout.feature.featureresponsetimeout.urn.riv.itintegration.monitoring.PingForConfigurationResponder.1=5000 ############################################################################################################# # If RETRY_ROUTE_AFTER_MS>0 vp will make a second attempt to call producer after RETRY_ROUTE_AFTER_MS ms. ############################################################################################################# RETRY_ROUTE_AFTER_MS=0 ##################################################################################################### # Keep alive Feature properties # # # # It is possible to control keep-alive settings on each service in VP. If a service has keep-alive # # enabled all consumers and producers are affected. Default setting is used by all services and # # is set to feature.keepalive=false. To enable keep-alive for one service use this convention: # # # # Convention: feature.keepalive.<service contract namespace>=true # # Example: feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=true # ##################################################################################################### #Default setting is false, used by all services that does not specify any specific configuration feature.keepalive=false ##################################################################################################### # HSA cache properties # # # # HSA_FILES=<file1,file,filex> # ##################################################################################################### # List if files to be read by HSA cache, first file is master, rest is complementary HSA_FILES=hsacachecomplementary.xml ###################################################### ## Test properties ## ###################################################### PING_TESTSTUB_INBOUND_URL=http://localhost:10000/test/Ping_Service |
Komplett sammanställning av alla inställningar som finns i VP
Konfiguration för senaste stabila versionen av vp
Terminering av SSL/TLS framför VP
Om SSL/TLS trafik termineras framför VP, i t ex en reverse-proxy, behöver dessa konfigurationer göras:
- Propagera certifikat och inkommande HTTP-header(s) från reverse-proxy till VP:
- Sätta certifikat för inkommande anrop i HTTP-header: x-vp-auth-cert
- Lägga till IP-nr (inre) för reverse-proxy till VP's whitelist property (i vp-config.properties): IP_WHITE_LIST
- Propagera HTTP-header om den är satt: x-rivta-original-serviceconsumer-hsaid
- Propagera IP-nr för inkommande anrop i HTTP-header med namn enligt property i vp-config.properties (namn kan konfigureras): VAGVALROUTER_SENDER_IP_ADRESS_HTTP_HEADER=X-Forwarded-For
Ref: SKLTP VP SAD - Arkitekturella krav#Arkitekturellakrav-FK-5,Ursprungligavsändare
Sätta HTTP "forwarded" headers för att stödja WSDL-lookup (t ex som: https://vp/service_x?wsdl):
Ref: SKLTP - Lastbalanserare / Reverse-proxy
Namn på HTTP headers kan ändras i vp-config.properties (se exempel på konfigurationsfil ovan):Inget format VP_HTTP_HEADER_NAME_FORWARDED_PROTO=X-Forwarded-Proto VP_HTTP_HEADER_NAME_FORWARDED_HOST=X-Forwarded-Host VP_HTTP_HEADER_NAME_FORWARDED_PORT=X-Forwarded-PortExempel: HTTP headers prefixade med VP:
Inget format VP_HTTP_HEADER_NAME_FORWARDED_PROTO=VP-X-Forwarded-Proto VP_HTTP_HEADER_NAME_FORWARDED_HOST=VP-X-Forwarded-Host VP_HTTP_HEADER_NAME_FORWARDED_PORT=VP-X-Forwarded-Port
Konfiguration av specifika features
Feature keep-alive
För de virtuella tjänster i VP som har stöd för keep-alive finns det möjlighet att per tjänst styra om keep-alive skall vara aktiverat eller ej. Ett default värde (feature.keepalive) sätts för alla virtuella tjänster som sedan kan överlagras av respektive tjänst som vill aktivera keep-alive. Aktiveringen av keep-alive görs enligt en given konvention:
Konvention: feature.keepalive.<service contract namespace>=true
Exemple: feature.keepalive.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=true #
| Parameter | Default värde | Kommentar |
|---|---|---|
feature.keepalive | false | Default värde som sätter alla virtuella tjänster till att keep-alive inte skall vara aktiverat. Detta överlagras av respektive tjänst som vill ha keep-alive påslaget enligt konventionen beskriven ovan. |
Feature responseTimeout
För de virtuella tjänster i VP som har stöd för individuell inställning av timeout går detta att styra per tjänst, såväl connection som response timeouten styrs av denna inställning. Ett default värde (SERVICE_TIMEOUT_MS) sätts för alla virtuella tjänster som sedan kan överlagras av repektive tjänst enligt följande tillvägagångssätt.
Konvention: feature.featureresponsetimeout.<service contract namespace>=true
Exemple: feature.featureresponsetimeout.urn.riv.crm.scheduling.GetSubjectOfCareScheduleResponder.1=5000
Default sätts connection och response timeouten i parametern SERVICE_TIMEOUT_MS.
Konfigurera loggning av LogEvents
Konfiguration av loggning görs i <mule-hom>/apps/<vp-services>/classes/log4j.xml, notera att det inte krävs någon omstart av applikationen, ändringar slår direkt i runtime.
From versioner för Mule 3.7.0 används log4j2.xml. Det är då inte generellt möjligt att göra ändringar utan omstart. Däremot kan man göra ändringar via jmx.
Exempel på logEvents
DEBUG
| Kodblock | ||
|---|---|---|
| ||
** logEvent-debug.start ***********************************************************
IntegrationScenarioId=
ContractId=
LogMessage=xreq-in
ServiceImpl=vagval-dynamic-routing-flow
Host=33.33.33.1 (33.33.33.1)
ComponentId=1133a557-b5cc-11e3-bd36-2da34769782a
Endpoint=https://localhost:20000/vp/tjanst1
MessageId=15c27c95-b5cc-11e3-bd36-2da34769782a
BusinessCorrelationId=15cc67b1-b5cc-11e3-bd36-2da34769782a
BusinessContextId=
ExtraInfo=
-senderid=tp
-originalServiceconsumerHsaid=null
-source=se.skl.tp.vp.util.LogTransformer
-cxf_service=urn:skl:tjanst1:rivtabp20
-rivversion=RIVTABP20
-receiverid=vp-test-producer
Payload=<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:riv:interoperability:headers:1" xmlns:urn1="urn:riv:itintegration:registry:1">
<soapenv:Header>
<ns2:To xmlns:ns2="http://www.w3.org/2005/08/addressing" xmlns:ns3="urn:skl:tjanst1:rivtabp20">vp-test-producer</ns2:To>
</soapenv:Header>
<soapenv:Body>
<ns3:getProductDetailElem xmlns:ns2="http://www.w3.org/2005/08/addressing" xmlns:ns3="urn:skl:tjanst1:rivtabp20">
<productId>Exception</productId>
</ns3:getProductDetailElem>
</soapenv:Body>
</soapenv:Envelope>
** logEvent-debug.end ************************************************************* |
INFO
| Kodblock | ||
|---|---|---|
| ||
** logEvent-info.start ***********************************************************
IntegrationScenarioId=
ContractId=
LogMessage=xreq-in
ServiceImpl=vagval-dynamic-routing-flow
Host=33.33.33.1 (33.33.33.1)
ComponentId=1133a557-b5cc-11e3-bd36-2da34769782a
Endpoint=https://localhost:20000/vp/tjanst1
MessageId=15c27c95-b5cc-11e3-bd36-2da34769782a
BusinessCorrelationId=15cc67b1-b5cc-11e3-bd36-2da34769782a
BusinessContextId=
ExtraInfo=
-senderid=tp
-originalServiceconsumerHsaid=null
-source=se.skl.tp.vp.util.LogTransformer
-cxf_service=urn:skl:tjanst1:rivtabp20
-rivversion=RIVTABP20
-receiverid=vp-test-producer
Payload=
** logEvent-info.end ************************************************************* |
Konfiguration av felmeddelanden (från VP 3.1.3)
VP00x-felstexter är nu konfigurerbara och kan sättas i override-property-fil. Följande felutskrifter är default:
| Kodblock |
|---|
# ######################################################################################################### # # Felkoder enligt riv-ta: # --------------------------- # VP001 Riv-version inte konfigurerad för den anslutningspunkt som den # virtualiserade tjänsten publicerar. # VP002 SERIALNUMBER ej tillgängligt i konsumentens certifikat i namn-attributet. # VP003 ReceiverId ej ifylld i RivHeadern i inkommande meddelande. # VP004 Det finns inget vägval i Tjänstekatalogen som matchar ReceiverId, # Tjänstekontrakt och dagens datum. # VP005 Det finns ingen tjänsteproducent definierad i tjänstekatalogen som matchar Riv-version, # konvertering mellan rivversioner inte implementerat. # VP006 Det finns mer än 1 tjänsteproducent definierad i tjänstekatalogen som matchar ReceiverId, # Tjänstekontrakt och dagens datum. Tyder på att tjänstekatalogen är felkonfigurerad. # VP007 I tjänstekatalogen finns ingen behörighet definierad för den tjänstekonsument som anropar # att samverka med logisk adress på valt tjänstekontrakt. # VP008 Ingen kontakt med Tjänstekatalogen. # VP009 Fel vid kontakt med tjänsteproducenten. # VP010 Ingen adress angiven i tjänsteproducenten i tjänstekatalogen. # VP011 Anropande konsument är inte betrodd att göra http-anrop till VP # VP012 Nödvändiga resurser saknas för att VP skall fungera. # # # Beskrivning av properties # ------------------------------------ # VP001 Riv-version inte konfigurerad för den anslutningspunkt som den # virtualiserade tjänsten publicerar. # VP002 SERIALNUMBER ej tillgängligt i konsumentens certifikat i namn-attributet. # VP003 ReceiverId ej ifylld i RivHeadern i inkommande meddelande. # VP004 Det finns inget vägval i Tjänstekatalogen som matchar ReceiverId, # Tjänstekontrakt och dagens datum. # VP005 Det finns ingen tjänsteproducent definierad i tjänstekatalogen som matchar Riv-version, # konvertering mellan rivversioner inte implementerat. # VP006 Det finns mer än 1 tjänsteproducent definierad i tjänstekatalogen som matchar ReceiverId, # Tjänstekontrakt och dagens datum. Tyder på att tjänstekatalogen är felkonfigurerad. # VP007 I tjänstekatalogen finns ingen behörighet definierad för den tjänstekonsument som anropar # att samverka med logisk adress på valt tjänstekontrakt. # VP008 Ingen kontakt med Tjänstekatalogen. # VP009 Fel vid kontakt med tjänsteproducenten. # VP010 Ingen adress angiven i tjänsteproducenten i tjänstekatalogen. # VP011 Anropande konsument är inte betrodd att göra http-anrop till VP # VP012 Nödvändiga resurser saknas för att VP skall fungera. # # # Beskrivning av properties # --------------------------- # Varje property innehåller en text samt en optionell platshållare {} # Platshållaren ersätts i VP med metadata och mer specifik information. # Denna är för närvarande inte konfigurerbar # ######################################################################################################### VP001 = No RIV version configured VP002 = No sender ID (SERIALNUMBER) found in certificate VP003 = No receiverId (logical address) found in message header VP004 = No receiverId (logical address) found for {} VP005 = No receiverId (logical address) with matching Riv-version found for {} VP006 = More than one receiverId (logical address) with matching Riv-version found for {} VP007 = Authorization missing for {} VP008 = No contact with TAK at startup, and no local cache to fallback on, not possible to route call VP009 = Error connecting to service producer at address {} VP010 = Physical Address field is empty in Service Producer for {} VP011 = Caller was not on the white list of accepted IP-addresses. {} VP012 = Severe problem, VP does not have all necessary resources to operate. {} |
Platshållaren {} markerar plats för information genererad av vp.
Konfigurera socketloggning (fr.o.m. VP 3.2.0)
Det är vid behov möjligt att låta VP logga mule meddelanden till en socket, funktionalitet framtagen för att kunna logga till Loghandlern eller liknande applikationer.
För att aktivera loggningen måste dels host och port konfigureras samt vilka meddelanden som skall loggas.
Konfigurera host/port för socketappendern
Konfigureras i ${sys:mule.home}/conf/vp-socketappender.properties.
Exempel:
| Kodblock | ||
|---|---|---|
| ||
#############################################################################################################
# Socketlogging properties
#
# socketappender.host - hostname/ip for logging to
# socketappender.port - port number logging to
#
# Default values - No default values. If not configured socketlogging will be turned off.
#############################################################################################################
socketappender.host=ine-dit-app01.sth.basefarm.net
socketappender.port=43706
|
Konfigurera vad som loggas
Konfigureras i ${sys:mule.home}/conf/vp-config-override.properties.
Exempel:
# Varje property innehåller en text samt en optionell platshållare {}
# Platshållaren ersätts i VP med metadata och mer specifik information.
# Denna är för närvarande inte konfigurerbar
# #########################################################################################################
VP001 = No RIV version configured
VP002 = No sender ID (SERIALNUMBER) found in certificate
VP003 = No receiverId (logical address) found in message header
VP004 = No receiverId (logical address) found for {}
VP005 = No receiverId (logical address) with matching Riv-version found for {}
VP006 = More than one receiverId (logical address) with matching Riv-version found for {}
VP007 = Authorization missing for {}
VP008 = No contact with TAK at startup, and no local cache to fallback on, not possible to route call
VP009 = Error connecting to service producer at address {}
VP010 = Physical Address field is empty in Service Producer for {}
VP011 = Caller was not on the white list of accepted IP-addresses. {}
VP012 = Severe problem, VP does not have all necessary resources to operate. {} |
Platshållaren {} markerar plats för information genererad av vp.
Konfigurera socketloggning (fr.o.m. VP 3.2.0)
Det är vid behov möjligt att låta VP logga mule meddelanden till en socket, funktionalitet framtagen för att kunna logga till Loghandlern eller liknande applikationer.
För att aktivera loggningen måste dels host och port konfigureras samt vilka meddelanden som skall loggas.
Konfigurera host/port för socketappendern
Konfigureras i ${sys:mule.home}/conf/vp-socketappender.properties.
Exempel:
| Kodblock | ||||
|---|---|---|---|---|
| ||||
#############################################################################################################
# Socketlogging properties
#
# socketappender.host - hostname/ip for logging to
# socketappender.port - port number logging to
#
# Default values - No default values. If not configured socketlogging will be turned off.
#############################################################################################################
socketappender.host=ine-dit-app01.sth.basefarm.net
socketappender.port=43706
|
Konfigurera socket-loggning (från VP 3.2.0)
| Info |
|---|
| Se också SKLTP VP-Socket-loggning |
Konfigureras i propertyfilen ${sys:mule.home}/conf/vp-config-override.properties.
Exempel:
| Kodblock | ||||
|---|---|---|---|---|
| ||||
########################################################################################
## Socket logger
##
## USE_SOCKET_LOGGER - true or false
## Default is false
## SOCKET_LOGGER_CATEGORIES - Message types to be logged
## If not defined or empty all categories will be logged
## Valid categories: xresp-out, xresp-in, xreq-out, xreq-in
## SOCKET_LOGGER_SERVICE_CONTRACTS - Service contracts to be logged
## If not defined or empty all contracts will be logged
#########################################################################################
USE_SOCKET_LOGGER=true
SOCKET_LOGGER_CATEGORIES=xresp-out
SOCKET_LOGGER_SERVICE_CONTRACTS= |
Konfigurering VP 3.3.0
LOCAL_TAK_CACHE ersätts med takcache.persistent.file.name
| Kodblock | ||||
|---|---|---|---|---|
| ||||
## LOCAL_TAK_CACHE=${file.separator}opt${file.separator}mule${file.separator}spool${file.separator}.tk.localCache ##
takcache.persistent.file.name=${file.separator}opt${file.separator}mule${file.separator}spool${file.separator}.tk.localCache |
Möjlighet att konfigurera användningen av den gamla default routingen av formen VG#VE
| Kodblock | ||||
|---|---|---|---|---|
| ||||
################################################################################################################################################################################### ## Deprecated Socketdefault loggerrouting configuration (VG#VE) ## ## USEDEPRECATED_DEAFAULT_SOCKET_LOGGERROUTING_DELIMITER - Should be # ## - true or false If empty the default routing ## is turned off. ## DEPRECATED_DEFAULT_ROUTING_CONTRACTS - Contracts allowed to be used with defaultrouting. ## Default is false ## SOCKET_LOGGER_CATEGORIES - MessageComma typesseparated tolist bewith loggedcontract namespaces ## If not defined or empty all categories will be logged ## Valid categories: xresp-out, xresp-in, xreq-out, xreq-in ## SOCKET_LOGGER_SERVICE_CONTRACTS - Service contracts to be logged ## contracts is allowed. ## DEPRECATED_DEFAULT_ROUTING_SENDERS- Consumers allowed to use default routing ## Comma separated list of consumers ## If not defined or empty all contractsconsumers willis beallowed. logged ######################################################################################### USEDEPRECATED_DEAFAULT_SOCKETROUTING_LOGGERDELIMITER=true# SOCKETDEPRECATED_DEFAULT_LOGGERROUTING_CATEGORIES=xresp-out SOCKET_LOGGER_SERVICE_CONTRACTS=CONTRACTS=urn:riv:ehr:accesscontrol:AssertCareEngagementResponder:1,urn:riv:insuranceprocess:healthreporting:ReceiveMedicalCertificateQuestionResponder:1,urn:riv:insuranceprocess:healthreporting:ReceiveMedicalCertificateAnswerResponder:1 DEPRECATED_DEFAULT_ROUTING_SENDERS=TSTNMT2321000156-B02,SE5565594230-BCQ |