Extensions

Configuration that applies to the catalogue of extensions to the framework.

Property Default Description

causeway.extensions.audit-trail.
persist

Whether the EntityPropertyChangeSubscriber implementation provided by this extension (which persists property changes to the audit trail) is enabled or not.

One reason to use this option is if you wish to provide your own implementation that wraps or delegates to the default implementation of EntityPropertyChangeSubscriber that is provided by the audittrail extension. Because entity property changes are published to all subscribers on the class path, you can disable the default implementation from doing anything using this setting.

causeway.extensions.command-log.
persist

Whether the CommandSubscriber implementation provided by this extension (which persists commands to the command log) is enabled or not.

One reason to use this option is if you wish to provide your own implementation that wraps or delegates to the default implementation of CommandSubscriber that is provided by the commandlog extension. Because commands are published to all subscribers on the class path, you can disable the default implementation from doing anything using this setting.

causeway.extensions.command-replay.
analyser.exception.enabled

true

null

causeway.extensions.command-replay.
analyser.result.enabled

true

null

causeway.extensions.command-replay.
batch-size

10

null

causeway.extensions.command-replay.
primary-access.base-url-restful

null

causeway.extensions.command-replay.
primary-access.base-url-wicket

null

causeway.extensions.command-replay.
primary-access.password

null

causeway.extensions.command-replay.
primary-access.user

null

causeway.extensions.command-replay.
quartz-replicate-and-replay-job.
repeat-interval

10000

Number of milliseconds before running again.

causeway.extensions.command-replay.
quartz-replicate-and-replay-job.
start-delay

15000

Number of milliseconds before starting the job.

causeway.extensions.command-replay.
quartz-session.roles

causewayModuleExtCommandReplaySeco
ndaryRole

null

causeway.extensions.command-replay.
quartz-session.user

causewayModuleExtCommandReplaySeco
ndaryUser

The user that runs the replay session secondary.

causeway.extensions.command-replay.
secondary-access.base-url-wicket

null

causeway.extensions.cors.
allow-credentials

Whether the resource supports user credentials.

This flag is exposed as part of 'Access-Control-Allow-Credentials' header in a pre-flight response. It helps browser determine whether or not an actual request can be made using credentials.

By default this is not set (i.e. user credentials are not supported).

For more information, check the usage of the credentials init parameter for EBay CORSFilter.

causeway.extensions.cors.
allowed-headers

Which HTTP headers can be allowed in a CORS request.

These header will also be returned as part of 'Access-Control-Allow-Headers' header in a pre-flight response.

For more information, check the usage of the headers init parameter for EBay CORSFilter.

causeway.extensions.cors.
allowed-methods

Which HTTP methods are permitted in a CORS request.

A comma separated list of HTTP methods that can be used to access the resource, using cross-origin requests. These are the methods which will also be included as part of 'Access-Control-Allow-Methods' header in a pre-flight response.

Default is GET, POST, HEAD, OPTIONS.

For more information, check the usage of the methods init parameter for EBay CORSFilter.

causeway.extensions.cors.
allowed-origins

*

Which origins are allowed to make CORS requests.

The default is the wildcard ("*"), meaning any origin is allowed to access the resource, but this can be made more restrictive if necessary using a whitelist of comma separated origins eg:

org

For more information, check the usage of the origins init parameter for EBay CORSFilter.

causeway.extensions.cors.
exposed-headers

Authorization

Which HTTP headers are exposed in a CORS request.

A comma separated list of headers other than the simple response headers that browsers are allowed to access. These are the headers which will also be included as part of 'Access-Control-Expose-Headers' header in the pre-flight response.

Default is none.

For more information, check the usage of the headers init parameter for EBay CORSFilter.

causeway.extensions.execution-log.
persist

Whether the ExecutionSubscriber implementation provided by this extension (which persists executions to the execution log) is enabled or not.

One reason to use this option is if you wish to provide your own implementation that wraps or delegates to the default implementation of ExecutionSubscriber that is provided by the executionLog extension. Because executions are published to all subscribers on the class path, you can disable the default implementation from doing anything using this setting.

causeway.extensions.
execution-outbox.persist

Whether the ExecutionSubscriber implementation provided by this extension (which persists executions to the outbox) is enabled or not.

One reason to use this option is if you wish to provide your own implementation that wraps or delegates to the outbox implementation of ExecutionSubscriber that is provided by the executionOutbox extension. Because executions are published to all subscribers on the class path, you can disable the outbox implementation from doing anything using this setting.

causeway.extensions.
execution-outbox.rest-api.
max-pending

100

The maximum number of interactions that will be returned when the REST API is polled.

causeway.extensions.layout-loaders.
github.api-key

As per https://github.com/settings/tokens, must have permissions to the /search and /contents APIs for the specified repository.

causeway.extensions.layout-loaders.
github.repository

eg apache/causeway-app-simpleapp

causeway.extensions.secman.
delegated-users.auto-create-policy

Whether delegated users should be autocreated as locked (the default) or unlocked.

BE AWARE THAT if any users are auto-created as unlocked, then the set of roles that they are given should be highly restricted !!!

NOTE also that this configuration policy is ignored if running secman with Spring OAuth2 or Keycloak as the authenticator; users are always auto-created.

causeway.extensions.secman.
delegated-users.initial-role-names

The set of roles that users that have been automatically created are granted automatically.

Typically the regular user role (as per role-name, default value of causeway-ext-secman-user) will be one of the roles listed here, to provide the ability for the end-user to logout, among other things (!).

causeway.extensions.secman.
fixture-scripts.
abstract-role-and-permissions-
fixture-script.
unknown-feature-id-checking-policy

Whether to check if every featureId passed in exists or not.

causeway.extensions.secman.
permissions-evaluation-policy

If there are conflicting (allow vs veto) permissions at the same scope, then this policy determines whether to prefer to allow the permission or to veto it.

This is only used an implementation of secman’s PermissionsEvaluationService SPI has not been provided explicitly.

causeway.extensions.secman.seed.
a-d-m-i-n-a-d-d-i-t-i-o-n-a-l-n-a-
m-e-s-p-a-c-e-p-e-r-m-i-s-s-i-o-n-
s

null

causeway.extensions.secman.seed.
a-d-m-i-n-s-t-i-c-k-y-n-a-m-e-s-p-
a-c-e-p-e-r-m-i-s-s-i-o-n-s-d-e-f-
a-u-l-t

null

causeway.extensions.secman.seed.
admin.namespace-permissions.
additional

An (optional) additional set of namespaces that the role is granted.

These are in addition to the main namespaces granted.

@see NamespacePermissions#getSticky()

causeway.extensions.secman.seed.
admin.namespace-permissions.sticky

The set of namespaces to which the role is granted.

These namespaces are intended to be sufficient to allow users with this admin role to be able to administer the security module itself, for example to manage users and roles. The security user is not necessarily able to use the main business logic within the domain application itself, though.

These roles cannot be removed via user interface

normally these should not be overridden. Instead, specify additional namespaces using NamespacePermissions#getAdditional().

@see NamespacePermissions#getAdditional()

causeway.extensions.secman.seed.
admin.password

The corresponding password for user. @see #getUserName()

causeway.extensions.secman.seed.
admin.role-name

The name of security admin role.

Users with this role (in particular, the default user are granted access to a set of namespaces (NamespacePermissions#getSticky() and NamespacePermissions#getAdditional()) which are intended to be sufficient to allow users with this admin role to be able to administer the security module itself, for example to manage users and roles.

@see Admin#getUserName() @see NamespacePermissions#getSticky() @see NamespacePermissions#getAdditional()

causeway.extensions.secman.seed.
admin.user-name

The name of the security super user.

This user is automatically made a member of the role, from which it is granted permissions to administer other users.

The password for this user is set in Admin#getPassword().

@see #getPassword() @see #getRoleName()

causeway.extensions.secman.seed.
regular-user.role-name

The role name for regular users of the application, granting them access to basic security features.

The exact set of permissions is hard-wired in the CausewayExtSecmanRegularUserRoleAndPermissions fixture.

causeway.extensions.secman.seed.
yaml-file

Path to local YAML file, if present, to use as an alternative seeding strategy.

Eg. seed from a YAML file, that was previously exported by SecMan’s ApplicationRoleManager_exportAsYaml mixin.

causeway.extensions.secman.
user-menu-me-action-policy

Whether the presence of SecMan should result in the automatic suppression of the UserMenu's me#act() me() action.

This is normally what is required as SecMan’s ApplicationUser is a more comprehensive representation of the current user. If the default me#act() me() action is not suppressed, then the end-user will see two actions with the name "me" in the tertiary menu.

causeway.extensions.secman.
user-registration.
initial-role-names

The set of roles that users registering with the app are granted automatically.

If using the wicket viewer, also requires causeway.viewer.wicket.suppress-signup to be set false, along with any other of its other prereqs.

causeway.extensions.session-log.
auto-logout-on-restart

true

null