Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Format

Braga and Frigg both use a versatile configuration file based on the windows ini format. The config file contains the following sections:

[default]

[dev]

[stage]

[live]

Properties are mapped as strings: key=value. All values are first searched in the vm security properties.

The values in the default section are used as base values when no values are found in dev, stage or live. The stage and live sections are used according to the ip mappings contained in the default section:

stage_ips=192.168.4.55|192.168.5.55|192.168.5.56|192.168.5.57
live_ips=172.31.0.0/16|172.30.0.0/16

Dev is used when the IP does not match any stage or live server.

Ips are separted by | and ranges can be defined with /

A section (stage or live) for a specific IP can be defined as:

[stage:192.168.4.55]

The values here override the values in the respective section.

Loading

The config file resides in com.stepover.frigg.util, filename is config.ini. If a file named myconfig.ini is present this is taken instead (this can be used during development). A root config file can be set by setting a Java system property: so_config_ini pointing to a file per absolute path or url. A root config can also be placed somewhere on the classpath.  The values in this root config override any values set in a config at com.stepover.frigg.util.

Key/Values

keyexampledescriptionfriggbraga
acceptContactUrlhttps://host/frigg/login/#/contactsthe url for accepting contact requests (Contact page)X
accept_terms_settingstruetrue or false, if terms and conditions have to be accepted before signing as a guest / in standalone viewerX
activate_hash_dialogtruetrue or false, activates the hash dialog during signing with StepOver PadsX
activate_stepover_footerfalsetrue or false, activates the footer in the standalone viewer with terms of use, imprint and data protection (StepOver information). Default is falseX
adhoc_html_signer_onlytruetrue or false, determines if adhoc viewer (QR code scanned) can be signed exclusively with the HTML Signer (default true)X
adhoc_length10the character length of the adhoc code (default ist 10)X
adhoc_lifetime_minutes15defines the validity period of the adhoc code or a generated QR Code (default is 5 minutes)X
admin_email_notifiersomebody@host.com;someoneelse@host.coma list of recipients who are informed when accounts are charged with help of the admin functions or when user bought creditsX
always_mobile_viewer_on_mobile_devicetruetrue or false, determines whether on mobile devices can be signed exclusively with the HTML Signer (no matter if 'desktop browser' is set or not)X
api_id_modeobfuscatedDefines how ID values like the document_id are displayed encrypted. 
Possible values are:
"obfuscated" = IDs are displayed encrypted (this is the config default value, if no other value is set)
"debug" = IDs are displayed encrypted and the corresponding (original) ID is appended at the beginning of the value


X

app_signature_certificate_filenamed:\frigg\data\app_signature_public.derthe certificate path for the app signature with token authentication
X
app_signature_certificate_passworddsf433dreE&%the certificate password for the app signature with token authentication
X

app_signature_certificate_private_key_filename

d:\frigg\data\app_signature_certificate.pfxthe certificate private key path for the app signature with token authentication
X
atmosphere_fallback_transportstreamingdefines the fallback transport type for the message transfer (message broker).
Valid types are "polling", "long-polling", "streaming", "jsonp", "sse" and "websocket". Default type is streaming, specification in config.ini without quotes
X
atmosphere_idle_time2maximum time in minutes that an atmosphere connection can be idle before it is closed (default 5)X
atmosphere_servlethttps://127.0.0.1:8443/atmosphereServletthe url for the atmosphere servlet used by the adhoc functionalityX
atmosphere_suspend_time30maximum time that an atmosphere connection is kept alive (default 10)X
atmosphere_transportlong-pollingdefines the transport type for the message transfer (message broker).
Valid types are "polling", "long-polling", "streaming", "jsonp", "sse" and "websocket". Default type is long-polling, specification in config.ini without quotes
X
audit_activetrueactivates the audittrail feature, default falseX

audit_report_documentPageNumberField

9Number of the text field of the template where the page number will be written
X

audit_report_documentTotalFieldsForTrails

8Number of fields in the document template to show audit trails
X

audit_report_envelopePageNumberField

15Number of the text field of the envelope template where the page number will be written
X

audit_report_envelopeTotalFieldsForTrails

14Number of fields in the envelope overview template to show the audit trails
X

audit_report_name_of_signer

the webSignatureOffice system

The name of the signer of the audit report
X

audit_report_servername_to_show

webso

To show the name of the server which generated the audit report
X

audit_report_signature_image_file_path

/var/data/audit/auditReportSignatureImage.bmp

In the Audit report, there is an image for the signature, give the path of the signature file here
X

audit_report_signature_image_x_location

420

The X location of the 1st page of the report where you want to show the signature image
X

audit_report_signature_image_y_location

750The Y location of the 1st page of the report where you want to show the signature image
X

audit_report_template_envelop_overview_de

/var/data/audit/StepOverInternational_envelope_overview_template_de.pdf

This template will be used to for envelope audit report's overview page for DE locale
X

audit_report_template_envelop_overview_en

/var/data/audit/StepOverInternational_envelope_overview_template_en.pdf

This template will be used to for envelope audit report's overview page for EN locale
X

audit_report_template_page_de

/var/data/audit/StepOverInternational_document_de.pdf

This template will be used to generate audit report in DE locale
X

audit_report_template_page_en

/var/data/audit/StepOverInternational_document_en.pdf

This template will be used to generate audit report in EN locale
X
automatic_role_stopfalseIndicates whether the automatic role stop is executed or not. Automatic role stop means that after signing all fields of a signature group (<SignatureGroup> definition), the signature selection window for the next signature group is displayed again (if automatic_role_stop is true)X
aws_kms_access_key



aws_kms_secret_key



aws_kms_region



aws_kms_key_id



axis_request_timeout240000the braga request timeout in milliseconds (default 240000)X
axis_server_context/bragaThe folder inside which the braga app is deployed (default empty)X
axis_server_ip192.168.5.56the IP or hostname of the braga serverX
axis_server_port8080the braga server port (default 8080)X
axis_server_protocolhttpshttps or https, the protocol used for the braga server (default http)X
braga_create_copytruecreates a copy of the PDF without biodata (if flag is true); default falseX
braga_render_dpi200the dpi with which pages are rendered (default is 200)XX
ca_cert_filename


X
ca_aws_kms_access_key


X
ca_aws_kms_secret_key


X
ca_aws_kms_region


X
ca_aws_kms_key_id


X
cash_account_namestepover_cash_accountthe name of the cash account, matches db name column in accounting_account table (for credit handling)X
conditions_exceptionselection_pad;selection_displayspecifies if a download condition must be fullfilled for a given signature type. The download pop-up won't be shown, if the signature type matches the value. Possible values: selection_display, selection_pad, selection_captureX
context_sign_modetruetrue or false, shows an overview of the context in combination with signing with HTML-signerX
cookie_nameSOSESSIONIDthe cookie name for the session cookieX
cookie_path/the cookie pathX
credit_eur_value0.85the vlaue of one credit in EURX
credit_usd_value0.95the value of one credit in USDX
credit_free3how many free credits are given initially (after registration)X
credit_free_monthly3the amount of free credits per monthX
credit_signature_request1value how many credits one signature request costs ('0' for no credit charge)X
credit_mail_identification10value how many credits a mail identification costsX
credit_sms_identification1value how many credits a sms identification costsX
database_host192.168.5.57the database host (IP or hostname)XX
database_jndijava:comp/env/jdbc/FriggDbthe jndi database sourceXX
database_namefriggthe database schema nameXX
database_passwordkjssdduiwe832//6?!the database passwordXX
database_port
1521the database portXX
database_service_name 
FRIGGthe database service name (for Oracle connection)XX
database_sid
xethe database SID (for Oracle connection)XX
database_typemysqlmysql or oracle, the database type (default mysql)XX
database_userdbuserthe database userXX
deactivate_db_pingtruetrue or false, deactivates validation check for the db connection (default false)XX
deactivate_document_downloadfalsetrue or false, deactivates the download button on the viewer (for finished or failed requests) (default false)X
deactivate_final_status_popuptrue

true or false, deactivates the final status popup shown after all fields have been signed (default true)

X
deactivate_geolocationfalsetrue or false, deactivates the geolocation query in the browser (default false)X
deactivate_optional_fields_popupfalse

true or false, deactivates the appearance of the popup after skipping the last optional field of a signature request which asks for ignoring the field (sign later) or finishing the request (only if there are no mandatory fields!) (default false)

if true also the "finish signature process" button (shown after signing all mandatory fields) is deactivated.

If it is set to true, also the "skip" button of the last optional field isn't shown.

X
deactivate_reject_buttonmandatory

"true", "false", "optional", "mandatory", defines when the "reject" button is active during signing. (default false)

true: reject button is never active

false: reject button is alsways active

mandatory: reject button is inactive for mandatory signature fields

optional: reject button is inactive for optionals signature fields

X
deactivate_reject_reason_popuptrue

true or false, deactivates the overlay to enter a reason when declining a signature (default false): 




X


deactivate_remember_sign_type

truedeactivates the "remember sign type" checkbox of the signature type selection popup (default false)X
deactivate_skip_buttontruetrue or false, if true, the "skip" button is not shown for (optional) signature fields (default false)X
emailFromsystem@webSignatureOffice.comthe from mail header added to emails sent by the systemX
emailPort25the smtp portX
emailRetries5how many times the mailer retries to sent an emailX
emailSmtphostname.domain or "false"the smtp server used to sent mails. If set to "false", sending mails will be deactivated entirely.X
emailSmtpPasswordpasswordthe smtp server passwordX
emailSmtpUsersmtpuserthe login for the smtp serverX
emailTlsfalsetrue or false, enable or disable TLS (encryption)X
enduser_certificate_duration36the lifetime of user certificates in months
X
enduser_certificate_key_length2048the length of the create user certificates
X
external_certificate_providernebulacomma seperated list of external certificate providers. currently supported: nebula (nebulaSUITE)X

extra_password_prompt

truetrue or false, activates an extra password prompt in the iSignatureOffice / aSignatureOffice app (authentication with fingerprint or face ID). (default false)
see also flag 'password_interval'
X
file_upload_max_file_size20480the maximum upload size in bytesX
file_upload_urlhttps://host/fileUpload/fileUploadthe url for the file upload (via tyrservice)X

formfields_writable_for_others

falsetrue or false, allows other signers to edit formfieldsX
guest_certificate_passwordkkwJk34$ldP%the guest certificate password (for non-registered webSignatureOffice user certificates)XX
guest_email
guest@websignatureoffice.comthe email pattern for guest email addresses (default guest@websignatureoffice.com)X

has_license

falsetrue or false, usage for licence model (valid license file required)X
html_signer_signature_field_width10defines the signature field width for signing with html-signer in cm, default is 14cm.X
intermediate_certificate_filename/frigg/data/cert.pemthe full path to the intermediate certificate for user certificate creation
X
intermediate_certificate_passwordsduiSUm7$%&hJthe intermediate certificate password
X
intermediate_certificate_private_key_filename/frigg/data/cert_private.pemthe full path to the internmediate certificate private key
X
invitationUrlhttps://host/frigg/Registration.htmlthe url for user registration and invitationX
invoice_mail_recipientssomebody@host.com;someoneelse@host.coma list of recipients who receive a copy of all invoices created by the system (for credit purchase)X
jms_jndi_factoryatmosphereFactorythe jms broadcaster factory jndi nameX
jms_jndi_namespacejava:comp/env/jms/the namespace used for the jndi lookup of the jms components X
jms_topicatmospherethe name of the topic created on the jms broadcaster for the adhoc code messagingX
logging_debugtrueenables extended logging for debugging (default false)X
loginUrl"https://www.websignatureoffice.com/Login.html"the login url (used for redirecting)X
mail_passwordoekopostpasswordthe password for the mail verification account (seperate provider)X
mail_useroekopostuserthe user for the mail verification account (seperate provider)X
max_message_size20480the max tyrservice message size (optional value)X
memcached_port11211the memcached portXX
memcached_server192.168.5.57the ip or hostname of the memcached server if memcahe is usedXX
memcached_sessionstruetrue or false, the switch if memcached should be used for session managemeantXX
nebula_exclude_authenticatorsMAIL;SMSsemicolon seperated list of authentication methods. The listed methods won't be usable. Default: All methods allowed.X
notaryInfo\n======================( NotaryInfo )====================== \n \nSomebody the notary info added to a biometric signatureX
notary_public_key

dshkskdhNSSKhjadsbndskKJHKHSAK \
DGHgdhjdsgJHDDSHJGdshdshdJDHDSJH \

the public key base64 encoded that is assigned new registered users. This key is used by the web signature office apps.X
notary_public_key_hashdskhdksjhds89s8djdshkjhsd7987987dsdssda md5 hash of the public keyX
org_quartz_propertiesquartz.propertiesthe name of the quartz scheduler configuration file in the classpath (for the automated jobs)X
openssl_run_directoryc:/tempthe path to a folder in which openssl can run
X
otp_viewer_file

X
otp_app_file

X
url_handler_key


X
otp_lifetime_seconds
30

the validity for the One-time password (OTP) for an auto-login via webservice-API

X
pad_connecor_crypto_id_namesStepOver Bio 2048/4096;StepOver 2048/4096;StepOver cryptoIdv2semicolon seperated list of allowed pad connector crypto idsX
pad_connector_crypto_id_abort_messageno suitable key found on the pad, sorrythe text to be shown if no suitable pad connector can be foundX
pad_document_viewingtruetrue or false, automatic connection to the signature pad is started before clicking "Start signing" (for SignInDocument mode). Default is false.X
password_intervalALWAYSIf extra_password_prompt is activated, you can use password_interval to specify how often the query should appear. Possible values: ALWAYS, DAILYX
passwordResetUrlhttps://host/frigg/PasswordReset.htmlthe url for the password reset pageX
pdf_render_max_render_threads4the max number of render threads
X
process_encrypted_urlsfalseIf the value is "true", the adhoc URL (option "SHOW LINK") is displayed encrypted (default false)X
process_pool_timeout120000timeout for a process from the process pool in milliseconds (default 120000)
X
qr_code_hostlocalhost:3000host and port of the qrcode urlX
qr_code_path/qrcodepath/path of the qrcode urlX
rabbitmq_server192.168.4.55the IP or hostname of the rabbittmq server used by the adhoc functionality (message broker)X

render_strategy

AllPagesthe strategy used to render the pdf pages, possible values are OnlyPagesWithSignatures, AllPages, FirstTwoAndPagesWithSignatures. Default is FirstTwoAndPagesWithSignaturesX
request_lifetime7200the request lifetime in seconds.X
rest_api_allowed_hostslocalhost,192.168.5.2,192.168.5.5the allowed hosts for the communication with the REST API (Cross-Origin-Requests)X
rsa_encryptor_urlhttps://host:8444/RsaEncryptor/encodethe url of the RSA encryptor used by the html signer, if no value is set the default RSA encryptor of the frigg module is takenX
session_sync60session sync interval in seconds (memcached)X
session_timeout6000session timout in milleseconds (browser session)XX
show_custom_textBitte vorab alle notwendigen Kundeninformationen übermittelnIf the value is set, it will be displayed in the signature type popup (under the selection options)X
show_finish_pad_signature_button_in_browsertrue

true or false, if set to "true", the "accept_signature"-button will be shown in the browser while signing with a signature-pad


X

show_pages_preview1handles the page preview display in the document viewer (in apps and browser)
0 = deactivated, 1 = activated
X

show_selection_capture

trueactivates/deactivates the "SMARTPHONE/TABLET" option of the signature type selection popup (default = true)X

show_selection_display

trueactivates/deactivates the "ON THIS DISPLAY" option of the signature type selection popup (default = true)X

show_selection_pad

trueactivates/deactivates the "SIGNATURE PAD" option of the signature type selection popup (default = true)X
show_toc1handles the table of contents display in the document viewer (in apps and browser)
0 = deactivated, 1 = activated
X
signatureRequestGuestUrl



signatureRequestUrlhttps://host/frigg/login/#signature_requestthe url for signature requestsX
signature_timeout_ms3000defines the timeout/pause in milliseconds before a pad signature is automatically completed (without pressing confirm button)X
smsPasswordsmspasswordthe sms account password (for the sms delivery feature)X
smsSenderstepoverthe name displayed as sms sender (for the sms delivery feature)X
smsUserId / authToken4327634 / 1ED33261VI0I6659347456Bthe sms account user id or authToken (for the sms delivery feature)X
storage_homeX:/data/the full path for storage of documents and certificates (BRAGA)
X
support_emailsupport@websignatureoffice.comthe email address for support notifications / inquiriesX
userBrandingSupportMailde"de" or "us"X
tracking-headerx-idheaderthe name of the http header used for the additional tracking id logging. Default is x-trackingX
tyrservice_debuggingtruetrue or false, enables an extended logging for tyrservice classes (if no value is set the default is false)X
tyrservice_publicfalsetrue or false, wether the public tyrservice services should be available, public services only use the adhoc code for authenticationX
verificationUrlhttps://host/frigg/Verification.htmlthe url for the verification pageX
viewer_sidebar_position"left""left" or "right", defines if the viewer-sidebar (document preview and toc) is on the left or right site of the document. default "left"X
webso_events_urlhttps://www.testserver.com/CallbackServlet

WebSignatureOffice can be configured to call an URL on certain events. This functionality is activated by setting the URL to be called in the config.ini

Further configuration options are:

webso_events_filter:  a semicolon separated list of events that should be fired, if this option is not set, all events are fired. (e.g. STATUS_CHANGE;USER_FINISH)

webso_events_keys: a semicolon seperated list of HTTP-request property keys for the webso_event execution (e.g. user;pass) 

webso_events_values: a semicolon seperated list with corresponding values for the webso_event_keys (e.g. stepovercallback;strongPassword) event_keys and events_values must be in the same order

webso_events_retry: the time waited in milli seconds untill the event call is repeated. (e.g. 10)


For more information, please check: e) Callback-API

X

Config File with all keys and example values: config_dummy.ini

Config File with all keys and example values necessary for braga: config_dummy - braga.ini

Config File with all keys and example values necessary for frigg: config_dummy - frigg.ini

Config File with all keys and example values necessary for audit-trail: config_dummy - audittrail.ini

The unneeded keys are commented out.





  • No labels