TISGraph & MDA Documentation

# Detailed Installation Settings

The configuration properties of osgi-runner are grouped in configuration sets located in $INSTDIR\<PID>, where <PID> is an identifier like org.clazzes.jdbc.provider.

The configuration settings might also be edited using the GUI located under http://localhost:8081/dojo-config-manager/ (opens new window).

# PID at.iteg.tis.graph

key value remarks
users.suPrincipal at.iteg.wdb.api.dto.WiskiPrincipal::WISKI/Admin The super user used to initially build up the authorization database. For OAuth setups, use the value org.clazzes.login.oauth.OAuthPrincipal::WISKI/Admin
users.contextList HYD;TSP A semicolon-separated list of security contexts to fill in to the database.
users.defaultGroup Newbies The default group for new users. The group may be ahcnged lateron by administrators.
contextUrl The context URL has to be set to http://localhost:8081/, if TISGraph is located behind a reverse proxy and you are unable to print PDF documents.
defaultTimeZone Europe/Vienna The default timezone, you might use GMT+01:00 for a fixed timetone offset.
apiForwardHeaders Authorization A list of headers to forward to data providers like wdb`, if tisgraph is accessed via the tisgraph API.
delegateLoginMechanism at.iteg.wdb.wiski For OAuth setups, use org.clazzes.login.oauth.
apiLoginMechanism org.clazzes.login.oauth A secondary login mechanism used for API access, use org.clazzes.login.oauth in order to allow API access by OAuth access tokens.
apiTimeout 30000 Timeout of API rendering calls. After this perido of time in milliseconds the rendering calls redirect to a retry URL.
apiExternalUrl This might be set to the URL undedr which the API is ssem by users like https://tgapi.my.domain.top
apiLenientRedirect false If set to true, the API redirect requests are issued aithout the requirement to send authentication information again. This is for dumb reverse proxies like IIS.
apiSecurityContext Set this to /oauth-login/login in oder to activate OAuth access to the tisgraph API.
cacheSizeMB 256 The size of the rendered image cache.
environmentName PROD
mimeTypeWhitelist application/json;application/msword; application/octet-stream; application/pdf; application/rtf; application/vnd.ms-excel; application/vnd.oasis.opendocument.spreadsheet; application/vnd.oasis.opendocument.text; application/vnd.openxmlformats-officedocument.spreadsheetml.sheet; application/x-tisgraph-json-new; application/xml; application/zip; image/jpeg; image/png; image/svg+xml; text/csv; text/plain; text/xml The list of document types allowed to be uplload to TISGraph
datasourceName TISGRAPH The name of the JDBC datasource in PID org.clazzes.jdbc.provider
dialectProperties Set this to overflowTablespace=TablespaceName for Oracle installations with TablespaceName set to a valid table space name for storing BLOB values.

# PID at.iteg.wdb.impl

key value remarks
tsmHost wiski-test.iteg.at
tsmPort 7430
defaultDomain WISKI The domain to use, used to be MaiDomain in previous versions.
maxSessions 16 The size of the conenction pool to the WISKI server.
enableCoverageLookup true If set to false, tree displays might be sped up by not querying the coverage of WISKI timeserir
showStationNumbers false If set to true, the WISKI tree shows station numbers instead of the station names
imageKeys GROUND_VIEW,OVERVIEW_IMAGE The meta data keys used to access station images.
loginMechanism at.iteg.wdb.wiski For OAuth setups, use `org.clazzes.login.oauth`.
sessionCleanInterval 60
additionalDomains Additional domain to support, should not be used.
maxResultDataPoints 10000 The macimal numer of data points to query in one HTTP request.
fallbackUser A user to use for unauthorized but authenticated requests. Might only be used in special situations.
fallbackPassword The password of the fallback user.
fallbackToken The OAuth token used for unauthorized but authenticated requests as an alternative for a fallback user.
sessionTimeout 300
apiLoginMechanism A secondary login mechanism used for API access, use org.clazzes.login.oauth in order to allow API access by OAuth access tokens.

# PID org.clazzes.jdbc.provider

key value remarks
datasource.TISGRAPH.servername localhost
datasource.TISGRAPH.username tisgraph
datasource.TISGRAPH.validationQuery SELECT 1
datasource.TISGRAPH.port 5432
datasource.TISGRAPH.databasename tisgraph
datasource.TISGRAPH.datasourename TISGRAPH
datasource.TISGRAPH.url jdbc:postgresql://localhost:5432/tisgraph
datasource.TISGRAPH.password secret::prop:tisgraph-db-passwd

# PID org.clazzes.login.oauth

This PID needs only to be configured for OAuth setups.

key value remarks
domain.WISKI.label ITEG WISKI Test
domain.WISKI.clientId iteg-tisgraph-dev
domain.WISKI.clientPassword secret::prop:oauth-domain-WISKI-passwd
domain.WISKI.scope openid profile email
domain.WISKI.options lenientAccessTokenCheck
domain.WISKI.faviconLocation https://wiski-test.iteg.at:7415/resources/f4ifn/login/keycloak/img/favicon.ico
sessionCookie OAUTH_SESSION_ID
domain.WISKI.configurationLocation https://wiski-test.iteg.at:7415/realms/kisters-water-default/.well-known/openid-configuration
delegateDomain WISKI
delegateTokenType JWT
sameSitePolicy Strict

Configuring OAuth via Keycloak