Difference between revisions of "Service Provider Settings"
imported>Aeric |
imported>Aeric |
||
Line 1: | Line 1: | ||
'''[[File:GearIcon.png]] > Setup > Service Provider Settings''' | '''[[File:GearIcon.png]] > {{TBD|ISV-Setup}} > Service Provider Settings''' | ||
[[File:ISV-MSP.gif|right|thumb]] | [[File:ISV-MSP.gif|right|thumb]] | ||
__NUMBEREDHEADINGS__ | __NUMBEREDHEADINGS__ | ||
Line 24: | Line 24: | ||
===To Change Settings=== | ===To Change Settings=== | ||
#Select one of the configuration options below. | #Select one of the configuration options below. | ||
#Make changes: | #Make changes: |
Revision as of 00:26, 15 May 2013
> __TBD: ISV-Setup__ > Service Provider Settings
The Service Provider Settings provide options for ISVs to customize the user interface, brand the platform, and customize the user experience with personalized logos, art, fonts, color schemes, email messaging, and more.
- Compare to: MSP Settings, a set of configuration options for MSPs
1 Working with Service Provider Settings
Users that have the Manage Tenants and Company Capabilities permission can manage Service Provider Settings
1.1 Prerequisites
When configuring Service Provider Settings, have the following information should be available:
- Name of your Service (Domain Name), Email Support Address (Secure Email Service Provider Name), Copyright Notices, Terms of Service
- Header and Footer HTML code (Brand messaging that appears at the top and bottom of some pages: Login, Logout, Password Reset)
- Header and Footer image/logo (Images that appear in the Header/Footer areas)
- Default applications to be loaded during user registration
- Starting application for a newly registered user
- Application Catalog URL
- Page that lists available applications; Users will install applications from this page
- Default is https://{yourDomain}/networking/Service?t=9
- Customization settings for the Customer Welcome Email (Personalize the message with the user's name, login name and password)
1.2 To Change Settings
- Select one of the configuration options below.
- Make changes:
- a. If it exists, click the [Edit] button, make changes, and then click [Save].
- b. Otherwise, click one of the links in the page to work with that option.
- Configuration options:
- Service Configuration - Customize service configuration settings
- Service Header HTML - Customize service header
- Service Footer HTML - Customize service footer
- Service Header Image - Customize service header logo
- Manage Email Templates - Customize email templates
- Manage Catalog - Customize the Catalog packages (requires the same kind of format as the default catalog page noted above)
2 Service Configuration
Service Provider URL: http://{yourDomain}/networking/Service?t=1&targetpage=ViewPort.jsp
Settings > Service Provider Settings > Service Configuration
2.1 Basic Service Configuration
These values define the basic service configuration:
2.1.1 First-Time Service Configuration
- Configure the Service Settings and specify Service and Domain names:
Parameter Description Typical Value Service Name Name of the service provider Financiocorp Services Prefix for Service Domain Optional subdomain name Allowed characters: a-z, A-Z, 0-9, - (alphanumeric, plus hyphen)
Example: service
Service Domain The Domain Name part of the URL mydomain.com Domain URL Read Only
Automatically populated as:- Prefix + Service Domain
service.mydomain.com
2.1.2 Subsequent Configuration
These additional parameters become available after the initial configuration is complete.
Parameter Description Typical Value Recaptcha Private Key After signing up for Google's reCaptcha implementation of the Captcha service, enter the public and private keys here. (They are used to interact with that service.) Recaptcha Public Key Legal Notices Includes the Software AG Legal Notices http://documentation.softwareag.com/legal/ Error Notification Email Address An email message is sent to this address when errors occur customer_support@mydomain.com No Reply Email Address The email address to use for messages sent by the platform, when replies are not permitted systemadministrator@mydomain.com Help Domain Required field; Domain name for user help; This page is opened in a new browser window when Help is invoked from the platform http://www.mydomain.com/help Document Directory File location for email attachments and generated documents /usr/local/ Temp Directory Used as a temporary storage location /temp/ Supported Languages Languages that are supported in this instance of the platform, and are available for selection by tenants.
Learn more: Language TranslationWhitelisted File Types Supported file types you can upload to the application Max Uncompressed File Size Limit (MB) This is the maximum size for an uncompressed file that you can upload to the AgileApps platform. This limit is applicable only to package upload, static resource upload, and custom template. It is not applicable to file field, attachments, and so on. 500
2.1.3 Service Domain
- The Service Domain is required, and must comply with the following guidelines:
- The Service Domain name must be unique
- Service Domain names can contain the following characters:
- alphanumeric (a-z, A-Z, 0-9)
- hyphen (-)
- period, dot, full stop (.), used as the delimiter in the Prefix for Service Domain
2.1.4 Prefix for Service Domain
If Tenant Subdomains are enabled in the platform, this value defines the service provider's subdomain. If they are not, then the prefix adds text to the domain name that happens to include a dot (period).
The prefix field accepts alphanumerics and the underscore. The prefix is added to the Service Domain setting to produce the (read-only) Domain URL.
- Examples
Prefix for Service Domain Service Domain Domain URL(Read Only) www.abc.com www.abc.com xyz www.abc.com xyz.abc.com xyz abc.com xyz.abc.com
Reserved Subdomains
Admins can specify which subdomains are restricted from creation by normal tenants in the LongJump interface. When a user enters a restricted subdomain on the tenant creation page, an error message appears below that field. By default, a set of subdomains are added as reserved subdomains. It can be updated as per the requirement.
- Accessing Reserved Subdomains
- Go to LongJump > Configure Service Settings > Edit.
- In the Reserved Subdomains field, type the subdomains you wish to restrict.
Subdomains should be entered as comma-separated-values, with no spaces before or after the comma. - Ensure that you restart the server after making changes to the LongJump platform.
- Considerations
-
- You already know that you use this URL to manage tenants:
- You can also access the platform in the same way that other tenants do, using a URL of this kind:
- That URL gives you the ServiceDesk application and other applications, just like any other tenant.
- If Tenant Subdomains are enabled, you can also enable the ServiceDesk Service Portal, which your tenants could use to file service requests.
- (Without Tenant Subdomains, you can still log in to the platform to access applications--but there can be no Service Portal. That capability exists only when there is distinctive a URL that no other tenant would use to log on. If Tenant Subdomains are not enabled, then all tenants use the same URL to log in.)
2.1.5 Help Domain
As a Service Provider, you might create a help website to align with a customer's branded instance of the platform. In this case, the URL of the help website would be used as the default Help Domain. When a user clicks the Help link in the platform, that URL opens in a new browser window.
2.2 Email Configuration
Configuration for all the emails sent from the AgileApps Cloud platform.
2.2.1 Authentication Type
Choose the desired authentication type from the authentication type dropdown.
2.2.1.1 Basic configuration
Parameter Description Typical Value Hostname For Email-relay Server Hostname localhost User Name User/login name for the email-relay service Password Password related to the user/login name for the email-relay service
2.2.1.2 OAuth configuration
Tip: For information about configuring Gmail server, referUsing Gmail as your server mail server article.
Parameter Description Typical Value Host The IP address of the email host, or the domain name smtp.gmail.com Port The port number used to access the Mailbox 587 Username Enter the username Client ID Enter the client ID copied from Google console Client secret Enter the client secret key copied from Google console Scope Enter the URL that you added in the Gmail scopes section while registering your project in the Google Cloud console Grant Type The option Authorization Code is pre-selected in the dropdown Auth URL Enter the Auth URL https://accounts.google.com/o/oauth2/auth Access Token URL Enter the access token URL https://oauth2.googleapis.com/token Redirect URL Enter the redirect URL https://localhost:8284/networking/rest/token Authorization Code Enter the authorization code
2.2.2 Bounced Email Configuration
Use this option to designate a mailbox you have set up to handle bounced messages (messages sent from the platform that come back because they cannot be delivered).
- Enable Bounced Email Processing - Yes or No
- Hostname - The server that hosts the mailbox you set up
- Mailbox Address - The address of the mailbox. (It is accessed using the POP3 protocol.)
- Password - The password used to access the mailbox. (This field appears only when editing.)
- [Test Email Configuration] - Click this button to test the settings.
2.3 Apache Configuration
Use the Apache configuration only if you use Apache web server to configure AgileApps.
- Apache Port - If you leave this field blank, it does not have any implications to the current settings of AgileApps. A single Apache web port serves all the requests made to the Apache server.
2.4 Document Server
Change the values in the Document Server Configuration section only if your document server is different from http://127.0.0.1/networking.
- Enable document server change - Select this option to activate the subsequent fields for this configuration.
- Document Server - Enter the value for your Document Server. For example, http://localhost:8284/networking. By default, this field is inactive. Also, ensure that the port number that you specify here matches the value of the port number that you enter in com.softwareag.catalina.connector.https.pid-<portnumber>.properties file or com.softwareag.catalina.connector.https.pid-<portnumber>.properties file depending on the type of connection you are using (HTTP or HTTPS). By default, the HTTP ports are used to serve the document server requests.
- Public Document Server - Enter the value for your Public Document Server. This value can be same as the Document Server or different depending on your application setup.
- Import Document Server - Enter the value for your Import Document Server. This value can be same as the Document Server or different depending on your application setup.
2.4.1 Configuring the Document Server
You can configure Document Storage in the following ways:
- Using Mount Point: You can share the document storage with all AgileApps servers by sharing a disk space among the AgileApps servers using a mount point, so that the document storage is available locally to the AgileApps server. This is the recommended approach to share Document storage using mount point among the server, so that if one backend AgileApps server goes down, it will not impact the document upload, download, or delete operations.
- Configure a dedicated AgileApps Server as Document Storage using the IP address of the AgileApps Server in Document Server Configuration of Service Provider settings. In this Approach, any document upload, download, or delete operation call goes to the dedicated AgileApps Server and if this dedicated AgileApps server goes down, then you will not be able to upload, download, or delete the documents.
2.5 Template Configuration
Use this section to configure the filename extensions that are supported in the template ZIP file. If the zip file contains any unsupported filename extension, then the template installation fails. For more information about installing a template, see How to Create a Custom User Interface (CUI). In the Whitelisted File Types section, provide the list of file extensions that you want to support. By default, the following filename extensions are supported:
- html
- css
- js
- png
- jpeg
- jpg
- json
- gif
- txt
2.6 Develop Configuration
Java code running in a tenancy is subject to strict limits--or governors:
- Some settings put limits on the number of resources that tenants can use, to prevent infinite loops and other kinds of runaway programs. The limits apply to each tenant execution interval--from the time that the platform application instance gives control to tenant code, until the time that control returns to the platform. Up to that limit, an application can use as many resources as it wants. But once a constraint is exceeded, the executing code aborts with an exception.
- Other settings restrict the kinds of Java classes that can be used, to prevent unwarranted access to the server and/or security violations.
The Service Provider Settings can be used to tighten those restrictions, ameliorate them, or lift them entirely.
- Considerations
-
- Settings are global. They apply to all tenants in the platform instance.
- Settings apply to scheduled (background) jobs, as well as foreground applications.
- The minimum for all numeric settings is "1".
- Changes to these settings take effect only when the platform application instance is restarted.
Here are the default settings:
Parameter Description Default Value Apply Governors in Java Code? Whether or not governors are applied to this platform instance. A development instance may want to turn them off, in some cases. Any multi-tenant production instance will want them on, to ensure that a runaway program in one tenant does not interfere with other tenants. Yes Max Number of Statements allowed The maximum number of Java code statements that can be run during an execution interval. 10000
Maximum String Length allowed The total size of all strings allocated in the Java heap space during an execution interval. 30000
Maximum CPU Time allowed (milliseconds) The maximum number of CPU milliseconds that can be consumed during an execution interval. 60000
Java classes not allowed in code There are certain Java classes which are disallowed in tenant classes, to prevent access to the server and any compromise of server security. (They are, however, allowed in global classes developed by the ISV for use by all tenants.) In order to protect the security of the server, enter a comma-separated list of fully qualified Java Class Names for this option. At compile time, application will check if any of these classes are referenced in the user code and throw an exception if they are. Note that this will take effect only after the server is restarted.
<syntaxhighlight lang="java" enclose="div"> java.lang.System, java.lang.Runtime, java.lang.Class, java.lang.ClassLoader, java.lang.Thread, java.lang.ThreadGroup, java.lang.ThreadLocal, java.lang.Runnable, java.lang.Compiler, java.lang.RuntimePermission,
java.lang.reflect.AccessibleObject, java.lang.reflect.Array, java.lang.reflect.Constructor, java.lang.reflect.Field, java.lang.reflect.Method, java.lang.reflect.Modifier, java.lang.reflect.Proxy, java.lang.reflect.ReflectPermission,
java.io.FileReader, java.io.FileWriter, java.io.FileInputStream, java.io.FileOutputStream,
java.net.DatagramSocket, java.net.DatagramSocketImpl, java.net.HttpURLConnection, java.net.Inet4Address, java.net.Inet6Address, java.net.InetAddress, java.net.InetSocketAddress, java.net.JarURLConnection, java.net.MulticastSocket, java.net.ServerSocket, java.net.Socket, java.net.URL, java.net.URI, java.net.URLClassLoader, java.net.URLConnection, java.net.URLStreamHandler, java.lang.Process, java.lang.ProcessBuilder </syntaxhighlight>
Libraries supported in Java Code When compiling user-defined code, the platform allows certain libraries like jars or internal java packages:
- If a custom library is required, the jar can be placed in the ../tomcat/lib folder of the Apache Tomcat installation
- To include these library files, enter a comma-separated list of such jar files for this option
- Note that this will take effect only after the server is restarted.
Empty
No. of Objects in Database Views Database Views allow the creation of custom categories that join multiple objects
- These database views can be used as the base category for a Report
- The maximum number of tables that are allowed is five (5), with a default value of three (3)
- The number of joins in these tables is restricted to the maximum number + 1
Default: 3, Range is 3-5 Maximum rows in a List View Maximum number of rows that are fetched in a List View for an object is defined by this option
- This number is limited by the maximum int value supported by Java/MySQL i.e. 2^16 = 4G
10000 Maximum rows in a report - Maximum number of rows that are fetched in a report
- This number is limited by the maximum int value supported by Java/MySQL i.e. 2^16 = 4G
5000 Maximum rows in a Scheduled Report - Maximum number of rows that are fetched in a report that runs in the background queue.
- This number is limited by the maximum int value supported by Java/MySQL i.e. 2^16 = 4G
5000 Maximum Savepoints Intermediate placemarks, which identify points at which the data fields contain intact, legitimate values 5 Maximum Recursions in Java API Allow a function to call itself the specified number of times 10
2.7 Tenant Configuration
- This section is used by:
- ISVs who are hosting clients on a shared instance of the platform.
- ISV users who are setting up an instance of the Installable Version in order to Develop on Separate Platforms.
- Allow Unauthenticated Tenant Creation
- Allows any prospective customer to create a new tenancy (a trial account).
- Unchecked by default
- If checked, trial accounts can be created by unauthenticated users who have a computer and network connection that meets the Minimum Client Requirements
- Enable Tenant Subdomains
- This setting lets customers specify a URL subdomain when registering, giving them a unique URL they can use to access their platform applications.
- Learn more: Tenant Subdomains
2.8 Catalog Configuration
Configuration for application Packages:
- Considerations
-
- This is the older format used to display a list of published packages. In this format, only an image and a short description are displayed for each package. The newer Community Marketplace functionality can be selected in the Community section that follows. That format allows more Catalog Information to be displayed for each application package.
- If you want to use this functionality, you should disable the Community Tenant defined in the next section. Otherwise, you should clear the Package Catalog URL field.
- Only Packages approved by the Service Provider are available for installation.
- Learn more: Manage Catalog
2.9 Community Site Configuration
The community site is enabled by default. All users in all tenancies supported by an ISV can access and use the Community features.
- Community Site settings
-
- Enable Community
- Checkbox. Enabled by default. Clear it to disable the community feature.
- Community Tenancy ID
- Read-only display of the Community Tenant ID.
- Community Site Name
- Read-only display of the name displayed on each community page.
- Marketplace Service Domain
- The Community Marketplace is a newer format for a list of approved packages that are available for installation. It provides a richer interface than the older Catalog format, and allows much more Catalog Information to be displayed for application packages.
- Providing a value in this field activates the Community Marketplace.
- The value can be the service's domain name with an optional subdomain, or the service's IP address.
- Considerations
-
- The specified domain or IP address must match the Service Domain specified for this installation.
- If Tenant Subdomains are enabled, a subdomain can be specified using the format {subdomain}.{yourDomain}.
For example: applicationcatalog.yourService.com. - If this value is specified, the Package Catalog URL field in the section above should be cleared.
2.10 Global Tenancy
From the designated tenancy, specified objects and the data they contain can be shared with other tenants who have installed a package that contains those objects.
Learn more: Global Data
- Global Tenancy ID
- The ID of tenant from which objects are shared.
- Global Tenancy Shared Object List
- A comma separated list of Object IDs that are shared.
2.11 User Configuration
Configuration for all the emails sent from the AgileApps Cloud platform.
Parameter Description DefaultValue Enable User Deletion This is a mandatory configuration to enable the Delete User functionality in the application. When set to Yes, you can select Delete User option in the Manage Tenant Capabilities page for the respective tenants. To delete a user, both Enable User Deletion and Delete User options should be enabled. Yes Enable Alias Creation on Deleting User Allows you to create an alias when you delete a user from the application. The system uses the first two letters of your first name and the first two letters of your last name to create the alias. Yes
2.12 Security Headers Configuration
Enter the whitelisted domains for Content Security Policy (CSP) and Cross Origin Resource Sharing (CORS) headers. The domains listed here are parsed and added dynamically to the request / response headers for the tenant. Content access to and from AgileApps is not restricted for the domains listed here. Use comma separated values to list multiple domains. For more information, see Security Headers Settings.
3 Service Header HTML
Service Provider URL: http://{yourDomain}/networking/Service?t=1&targetpage=ViewPort.jsp
Settings > Service Provider Settings > Service Header HTML
The Service Header appears at the top of the page (header), and defines the stylesheet for these pages:
- Login
- Logout
- Applications Catalog
- Reset Password
Find a cut-and-paste example: Service Header HTML Code Sample
To Edit the Service Header HTML:
- Enter Raw HTML Text (Copy & Paste Raw HTML) into the editing area
- Click [Save]
Service Provider URL: http://{yourDomain}/networking/Service?t=1&targetpage=ViewPort.jsp
Settings > Service Provider Settings > Service Footer HTML
The Service Footer appears at the bottom of the page (footer), and defines the stylesheet for these pages:
- Login
- Logout
- Catalog
- Reset Password
Find a cut-and-paste example: Service Footer HTML Code Sample
To Edit the Service Footer HTML:
- Enter Raw HTML Text (Copy & Paste Raw HTML) into the editing area
- Click [Save]
5 Service Header Image
> Setup > Service Provider > Setup > Service Header Image
Use this option to change the Service Header logo. This logo appears in the heading area of every page. Required dimensions: 900px by 55px.
6 Manage Email Templates
> Setup > Service Provider > Setup > Manage Email Templates
With these options, Service Providers can personalize communications with tenants and build value with customized branding and messaging.
Template variables can be used to personalize the Subject or Body of the message.
- Learn more:
6.1 Available Email Templates
To edit an email template:
- Click Manage Email Templates
- Select a category from the list
- Select a template from the category
- For User Notification emails:
- Select the version of the template that corresponds to one of the languages supported in this instance of the platform.
- Then click the folder icon to view that version
- Click [Edit], and modify the settings:
- Email Subject
- Subject of the email message
- Use Email Header & Footer
- Default is Yes; if enabled, displays the Service Header HTML and Service Footer HTML
- HTML Email Body
- HTML code is provided, which can be edited in place, or replaced (via cut-and-paste action from an HTML editor).
Manage Email Header/Footer Settings
- Email Header HTML
- Email Footer HTML
Use this option to specify the Email Header and Footer HTML code used in system-generated Email Notifications. Examples of typical system-generated email notifications are:
- Task status update/notifications
- Welcome email message sent to new users
- Appointment reminder email messages
The HTML code creates a template for system-generated messages, and can be used to brand your notification messages.
- Email Header HTML - appears at the top of system-generated email messages
- Email Footer HTML - appears at the bottom of system-generated email messages
Find cut-and-paste examples here:
6.1.2 Tenant
Manage Tenant Welcome Messages
- Tenant Self-Registration Welcome Email
- Tenant Registration by ISV Welcome Email
- Email Verification
6.1.3 User
Manage User Notification Related Emails
- User Welcome Email
- Used in messages sent when a user account is created, and provides a link to the Login page
- Reset Password Email
- Used in messages sent when the user password has been reset, and provides the user's password
- Forgot Password Link Email
-
- Used in messages sent when the user clicks the Forgot my Password link, and provides a link to the Security Question
- Learn more: Login
- Forgot Reset Password Email
-
- Used in messages sent after a user requests a password change, and provides a new, temporary password
- Also used when a new user/tenant is added via REST API - Add a User, and a password not specified when the user record is created
6.1.4 Status
Templates for Status Notification Emails
- Export Status Email
- Mass Operation Status Email
- Import Status Email
- Report Status Email
- Translation Export Status Email
6.1.5 Package
Templates for Package Notification Emails
- Package Approval Email
- Package Rejection Email
- Package Publish Email
- Package Deploy Notification Email
6.1.6 Storage Notifications
Set Up Templates for Storage Notifications
- 90% Storage Space Exhausted Status Email
- 100% Storage Space Exhausted Status Email
7 Manage Catalog
Service Provider URL: http://{yourDomain}/networking/Service?t=1&targetpage=ViewPort.jsp
Settings > Service Provider Settings > Manage Catalog
- Categories
- Add and delete categories. Specify category names.
- Catalog
- View the current Catalog
- Approve Packages
- Review Packages pending approval
- User can either:
- [Approve] package for publication to the catalog
- [Reject] package, and deny publication to the catalog
- In either case, an email is sent to the submitter, to tell them the outcome.
- Learn more: Package Approval or Rejection
- Select Packages
- Choose the packages to display in the Catalog
- Move a package to the Visible column to display it in the catalog
- Move a package to the Hidden column to remove it from the catalog
- Set the order of the Packages