forked from actframework/actframework
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAppConfigKey.java
More file actions
1288 lines (1147 loc) · 39.3 KB
/
AppConfigKey.java
File metadata and controls
1288 lines (1147 loc) · 39.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
package act.conf;
/*-
* #%L
* ACT Framework
* %%
* Copyright (C) 2014 - 2017 ActFramework
* %%
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* #L%
*/
import act.Act;
import act.app.App;
import act.controller.annotation.Throttled;
import act.handler.UnknownHttpMethodProcessor;
import act.validation.Password;
import act.view.TemplatePathResolver;
import act.view.View;
import act.ws.DefaultSecureTicketCodec;
import act.ws.SecureTicketCodec;
import org.osgl.$;
import org.osgl.exception.NotAppliedException;
import org.osgl.util.E;
import org.osgl.util.S;
import java.util.*;
/**
* {@link App} configuration keys. General rules:
* <p/>
* <ul>
* <li>When a key is ended with <code>.enabled</code>, then you should be able to set
* the setting without <code>.enabled</code> or replace it with <code>.disabled</code>
* but the value will be inverted. For example, <code>built_in.transformer.enabled</code>
* is equal to <code>built_in.transformer</code> and invert to
* <code>built_in.transformer.disabled</code></li>
* <p/>
* <li>When a key is ended with <code>.impl</code>, then you can either put an instance into
* the configuration map or a string of the class className</li>
* </ul>
*/
public enum AppConfigKey implements ConfigKey {
/**
* `act.api_doc.enabled` turns on/off API doc feature
*
* When API doc is enabled, developer can access the app's API document
* through `GET /~/apidoc`
*
* Default value: `true` when app running in `dev` mode, or `false` otherwise
*/
API_DOC_EABLED("api_doc.enabled"),
/**
* `act.api_doc.built_in.hide` turns on/off built-in endpoints in
* API doc.
*
* Default value: `false`
*/
API_DOC_HIDE_BUILT_IN_ENDPOINTS("api_doc.built_in.hide.enabled"),
/**
* {@code act.basic_authentication.enabled} turn on/off Basic Authentication
* in Act application.
*
* Default value: `false`
*
* **Note** there is no logic around this configuration in the core
* ActFramework. It is up to the security plugins like `act-aaa-plugin`
* to favor the value of this setting
*/
BASIC_AUTHENTICATION("basic_authentication.enabled"),
/**
* `built_in_req_handler.enabled` turn on/off built in request
* handlers.
*
* Default value: `true`
*/
BUILT_IN_REQ_HANDLER_ENABLED("built_in_req_handler.enabled"),
/**
* {@code act.cache.impl}
* Specify {@link org.osgl.cache.CacheServiceProvider Cache service provider}
* <p>Default value: {@link org.osgl.cache.CacheServiceProvider.Impl#Simple the simple
* in memory map based cache service implementation}</p>
*/
CACHE_IMPL("cache.impl"),
/**
* {@code act.cache.name}
*
* Specify the default cache name
*
* Default value: `_act_app_`
*/
CACHE_NAME("cache.name"),
/**
* {@code act.cache.name.session}
*
* Specify the session cache name
*
* Default value: the value configured by {@link #CACHE_NAME}
*/
CACHE_NAME_SESSION("cache.name.session"),
/**
* `cacheFor.dev.enabled`
*
* Specify whether `@CacheFor` annotation effective on `dev` mode.
*
* Default value: `false`
*/
CACHE_FOR_ON_DEV("cacheFor.dev"),
/**
* {@code act.cli.enabled}
*
* Turn on/off CLI server support
*
* Default value: `true`
*/
CLI_ENABLED("cli.enabled"),
/**
* {@code act.cli.port} specifies the default cli (telnet) port the application
* listen to.
* <p>Default value: {@code 5461}</p>
*/
CLI_PORT("cli.port"),
/**
* {@code act.cli.json.page.size}
* Specify the maximum records in one page for JSON layout by CLI command
*
* Default value: 10
*/
CLI_PAGE_SIZE_JSON("cli.page.size.json"),
/**
* {@code act.cli.table.page.size}
* Specify the maximum records in one page for table layout by CLI command
*
* Default value: 22
*/
CLI_PAGE_SIZE_TABLE("cli.page.size.table"),
/**
* {@code cli.session.ttl} specifies the number of seconds
* a cli session can exists after last user interaction
*
* <p>Default value: {@code 300} seconds. e.g. 5 minutes</p>
*/
CLI_SESSION_TTL("cli.session.ttl.int"),
/**
* {@code cli.session.max} specifies the maximum number of cli threads
* can exists concurrently
* <p>Default value: {@code 3}</p>
*/
CLI_SESSION_MAX("cli.session.max.int"),
/**
* `act.cli_over_http.enabled` turn on/off CLI over http feature, which
* allows ActFramework to handle http request sent through to the {@link #CLI_OVER_HTTP_PORT}
* as a way to invoke CLI commands and inspect results
*
* Default value: `false`
*/
CLI_OVER_HTTP("cli_over_http.enabled"),
/**
* `act.cli_over_http.authority` specifies the {@link act.cli.CliOverHttpAuthority} implementation
*/
CLI_OVER_HTTP_AUTHORITY("cli_over_http.authority.impl"),
/**
* `act.cli_over_http.port` specifies the default cli over http port the application
* listen to.
*
* Default value: `5462`
*/
CLI_OVER_HTTP_PORT("cli_over_http.port"),
/**
* `act.cli_over_http.port` specify the title to be displayed on the CLI Over Http
* page
*
* Default value: "Cli Over Http"
*/
CLI_OVER_HTTP_TITLE("cli_over_http.title"),
/**
* `act.cli_over_http.syscmd.enabled` turn on/off system command on CLI Over Http
* page
*
* Default value: `true`
*/
CLI_OVER_HTTP_SYS_CMD("cli_over_http.syscmd.enabled"),
/**
* `act.cookie.domain_provider.impl` specify the provider
* that provides the cookie domain name
*
* Default value: value of {@link #HOST}
*/
COOKIE_DOMAIN_PROVIDER("cookie.domain_provider.impl"),
/**
* {@code cookie.prefix} specifies the prefix to be prepended
* to the different cookie names e.g. session cookie, flash cookie,
* locale cookie etc. Let's say the default cookie name is
* {@code act_session}, and user specifies the prefix {@code my_app}
* then the session cookie name will be {@code my_app_session}.
* <p>Note this setting also impact the {@link AppConfig#flashCookieName()}</p>
* <p>Default value: {@link App#shortId()}</p>
*/
COOKIE_PREFIX("cookie.prefix"),
/**
* {@code act.cors.enabled} turn on/off CORS in Act application
*
* Default value: `false`
*/
CORS("cors.enabled"),
/**
* `act.cors.option.check` specify whether the framework should
* check the current request is an HTTP OPTION method before applying
* controller headers or not
*
* default value: `true`
*/
CORS_CHECK_OPTION_METHOD("cors.option.check.enabled"),
/**
* {@code act.cors.origin} specifies `Access-Control-Allow-Origin` header
* to be output
*
* Default value: `*`
*/
CORS_ORIGIN("cors.origin"),
/**
* {@code act.cors.headers} specifies both `Access-Control-Expose-Headers`
* and `Access-Control-Allow-Headers`
*
* Default value: `Content-Type, X-HTTP-Method-Override`
*/
CORS_HEADERS("cors.headers"),
/**
* {@code act.cors.headers.expose} specify `Access-Control-Expose-Headers`.
* Note this setting will overwrite the setting of {@link #CORS_HEADERS} if
* it is set
*
* Default value: empty
*/
CORS_HEADERS_EXPOSE("cors.headers.expose"),
/**
* {@code act.cors.headers.allowed} specify `Access-Control-Allow-Headers`.
* Note this setting will overwrite the setting of {@link #CORS_HEADERS} if
* it is set
*
* Default value: empty
*/
CORS_HEADERS_ALLOWED("cors.headers.allowed"),
/**
* {@code act.cors.max_age} specifies `Access-Control-Max-Age`.
*
* Default value: 30*60 (seconds)
*/
CORS_MAX_AGE("cors.max_age"),
/**
* `act.cors.allow_credential` specifies `Access-Control-Allow-Credential`.
*
* Default value: `false`
*/
CORS_ALLOW_CREDENTIALS("cors.allow_credentials.enabled"),
/**
* {@code act.content_suffix.aware.enabled}
* <p>
* Once enabled then the framework automatically recognize request with content suffix.
* E.g. {@code /customer/123/json} will match the route {@code /customer/123}
* and set the request {@code Accept} header to
* {@code application/json}
* </p>
* <p>Default value: {@code false}</p>
*/
CONTENT_SUFFIX_AWARE("content_suffix.aware.enabled"),
/**
* `act.csp` - global Content-Security-Policy header setting
*
* Default value: null
*/
CONTENT_SECURITY_POLICY("csp"),
/**
* {@code act.csrf.enabled} turn on/off global CSRF protect
*
* Default value: `true`
*/
CSRF("csrf.enabled"),
/**
* {@code act.csrf.param_name} specifies the http request param name
* used to convey the csrf token
*
* Default value: the value of {@link AppConfig#CSRF_TOKEN_NAME}
*/
CSRF_PARAM_NAME("csrf.param_name"),
/**
* {@code act.csrf.header_name} specifies name of the http request
* header used to convey the csrf token sent from AJAX client.
*
* Default value: `X-Xsrf-Token` - the name used by AngularJs
*/
CSRF_HEADER_NAME("csrf.header_name"),
/**
* {@code act.csrf.cookie_name} specify the name of the cookie used
* to convey the csrf token generated on the server for the first GET
* request coming from a client.
*
* Default value: `XSRF-TOKEN` - the name used by AngularJs
*/
CSRF_COOKIE_NAME("csrf.cookie_name"),
/**
* `act.csrf.protector.impl` specifies the implementation of
* {@link act.security.CSRFProtector}.
*
* The value of this configuration could be either a name of
* the class that implements {@link act.security.CSRFProtector}
* interface, or the enum name of {@link act.security.CSRFProtector.Predefined}
*
* Default value: `HMAC` which specifies the {@link act.security.CSRFProtector.Predefined#HMAC}
*/
CSRF_PROTECTOR("csrf.protector.impl"),
/**
* `act.db.seq_gen.impl` specifies the implementation of
* {@link act.db.util._SequenceNumberGenerator}.
*
* Default value: `null`
*/
DB_SEQ_GENERATOR("db.seq_gen.impl"),
/**
* `dsp.token` specifies the name of "double submission protect token"
*
* Default value: `act_dsp_token`
*/
DOUBLE_SUBMISSION_PROTECT_TOKEN("dsp.token"),
/**
* {@code act.encoding} specifies application default encoding
* <p>Default value: utf-8</p>
*/
ENCODING("encoding"),
/**
* `act.enum.resolving.case_sensitive` specifies whether it
* allow enum resolving for request parameters to ignore case
*
* Default value: `false` meaning enum resolving is case insensitive
*
* This is deprecated since v1.8.8, use {@link #ENUM_RESOLVING_EXACT_MATCH}
* instead
*/
@Deprecated
ENUM_RESOLVING_CASE_SENSITIVE("enum.resolving.case_sensitive"),
/**
* `act.enum.resolving.exact_match` specifies whether it
* allow enum resolving for request parameters to match enum name
* exactly.
*
* Default value: `false`, meaning enum resolving is based on keyword matching
*/
ENUM_RESOLVING_EXACT_MATCH("enum.resolving.exact_match"),
/**
* {@code act.fmt.date} specifies the default date format used to
* lookup/output the date string
* <p>Default value: the pattern of {@code java.text.DateFormat.getDateInstance()}</p>
*/
FORMAT_DATE("fmt.date"),
/**
* {@code act.fmt.date} specifies the default date and time format used to
* lookup/output the date string
* <p>Default value: the pattern of {@code java.text.DateFormat.getDateTimeInstance()}</p>
*/
FORMAT_DATE_TIME("fmt.date_time"),
/**
* {@code act.fmt.time} specifies the default time format used to
* lookup/output the date time string
* <p>Default value: the pattern of {@code java.text.DateFormat.getTimeInstance()}</p>
*/
FORMAT_TIME("fmt.time"),
/**
* `act.handler.csrf_check_failure.impl` specifies the implementation
* for {@link act.util.MissingAuthenticationHandler}
*
* Default value: {@link act.util.RedirectToLoginUrl}
*/
HANDLER_CSRF_CHECK_FAILURE("handler.csrf_check_failure.impl"),
/**
* `act.handler.csrf_check_failure.ajax.impl` specifies the implementation for
* {@link act.util.MissingAuthenticationHandler} dealing with the case of AJAX
* request
*
* Default value: the value of {@link #HANDLER_CSRF_CHECK_FAILURE}
*/
HANDLER_AJAX_CSRF_CHECK_FAILURE("handler.csrf_check_failure.ajax.impl"),
/**
* {@code handler.missing_authentication.impl} specifies the implementation
* for {@link act.util.MissingAuthenticationHandler}
* <p>Default value: {@link act.util.RedirectToLoginUrl}</p>
*/
HANDLER_MISSING_AUTHENTICATION("handler.missing_authentication.impl"),
/**
* {@code handler.missing_authentication.ajax.impl} specifies the implementation
* for {@link act.util.MissingAuthenticationHandler} dealing with the case of AJAX
* request
* <p>Default value: the value of {@link #HANDLER_MISSING_AUTHENTICATION}</p>
*/
HANDLER_MISSING_AUTHENTICATION_AJAX("handler.missing_authentication.ajax.impl"),
/**
* {@code unknown_http_method_handler} specifies a class/instance that
* implements {@link UnknownHttpMethodProcessor} that process
* the HTTP methods that are not recognized by {@link act.route.Router},
* e.g. "OPTION", "PATCH" etc
*
* Default value: {@link UnknownHttpMethodProcessor#METHOD_NOT_ALLOWED}
*/
HANDLER_UNKNOWN_HTTP_METHOD("handler.unknown_http_method.impl"),
/**
* `header.session.expiration` specifies the session expiration header name.
*
* This is only effective when {@link #SESSION_OUTPUT_EXPIRATION} is effective.
*
* Default value: `Act-Session-Expires`
*/
HEADER_SESSION_EXPIRATION("header.session.expiration"),
/**
* `act.header.overwrite` turn on/off HTTP HEADER overwrite.
*
* Once this config is turned on, then it can overwrite header
* with HTTP Query parameter or HTTP post form field. The naming
* convention of the param/field is:
*
* ```
* act_header_<header_name_in_lowercase_and_underscore>
* ```
*
* For example, if it needs to overwrite `Content-Type`, use
* `act_header_content_type` as the query parameter name.
*
* Default value: `false`
*/
HEADER_OVERWRITE("header.overwrite.enabled"),
/**
* {@code act.host} specifies the host the application
* reside on.
* <p/>
* <p>Default value: {@code localhost}</p>
*/
HOST("host"),
/**
* `act.http.external_server.enabled` specify if the app is running behind a front end
* http server
*
* Default value: `true` when running in PROD mode; `false` when running in DEV mode
*/
HTTP_EXTERNAL_SERVER("http.external_server.enabled"),
/**
* {@code act.http.params.max} specifies the maximum number of http parameters
* this is to prevent the hash collision DOS attack
* <p>Default value: {@code 128}</p>
*/
HTTP_MAX_PARAMS("http.params.max"),
/**
* {@code act.http.port} specifies the default http port the application
* listen to
* <p/>
* <p>Default value: {@code 5460}</p>
*/
HTTP_PORT("http.port"),
/**
* `act.http.port.external` set the external port which is used to
* construct the full url.
*
* Note act does not listen to external port directly. The recommended
* pattern is to have a front end HTTP server (e.g. nginx) to handle
* the external request and forward to act
*
* Default value: `80`
*/
HTTP_EXTERNAL_PORT("http.port.external"),
/**
* `act.http.port.external.secure` set the external secure port which is
* used to construct full url string when app is running secure mode
*
* @see #HTTP_EXTERNAL_PORT
*/
HTTP_EXTERNAL_SECURE_PORT("http.port.external.secure"),
/**
* {@code act.http.secure} specifies whether the default http port is
* running https or http.
* <p></p>
* <p>
* Default value: {@code false} when Act is running in dev mode
* or {@code true} when Act is running in prod mode
* </p>
*/
@SuppressWarnings("unchecked")
HTTP_SECURE("http.secure.enabled"),
/**
* `https.port`
*
* Specify the https port - only effect when {@link #SSL} is enabled
*
* Default value: `5443`
*/
HTTPS_PORT("https.port"),
/**
* `act.i18n.enabled` turn on/off i18n tools, e.g. {@link act.i18n.LocaleResolver}
*
* Default value: `false`
*/
I18N("i18n.enabled"),
/**
* `act.i18n.locale.param_name` specifies the param name to set client locale in http request
*
* Default value: `act_locale`
*/
I18N_LOCALE_PARAM_NAME("i18n.locale.param_name"),
/**
* `act.i18n.locale.cookie_name` specifies the name for the locale cookie
*
* Default value: `act_locale`
*/
I18N_LOCALE_COOKIE_NAME("i18n.locale.cookie_name"),
/**
* {@code act.idgen.node_id.provider.impl} specifies the {@link act.util.IdGenerator.NodeIdProvider}
* implementation for {@link App#idGenerator}
* <p>Default value: {@link act.util.IdGenerator.NodeIdProvider.IpProvider}</p>
*/
ID_GEN_NODE_ID_PROVIDER("idgen.node_id.provider.impl"),
/**
* {@code act.idgen.node_id.effective_ip_bytes} specifies how many bytes in the ip address
* will be used to calculate node ID. Usually in a cluster environment, the ip address will
* be different at only (last) one byte or (last) two bytes, in which case it could set this
* configuration to {@code 1} or {@code 2}. When the configuration is set to {@code 4} then
* it means all 4 IP bytes will be used to calculate the node ID
* <p>Default value: {@code 4}</p>
*/
ID_GEN_NODE_ID_EFFECTIVE_IP_BYTES("idgen.node_id.effective_ip_bytes.size"),
/**
* {@code act.idgen.start_id.provider.impl} specifies the {@link act.util.IdGenerator.StartIdProvider}
* implementation for {@link App#idGenerator}
* <p>Default value: {@link act.util.IdGenerator.StartIdProvider.DefaultStartIdProvider}</p>
*/
ID_GEN_START_ID_PROVIDER("idgen.start_id.provider.impl"),
/**
* {@code act.idgen.start_id.file} specifies the start id persistent file for
* {@link act.util.IdGenerator.StartIdProvider.FileBasedStartCounter}
* <p>Default value: {@code .act.id-app}</p>
*/
ID_GEN_START_ID_FILE("idgen.start_id.file"),
/**
* {@code act.idgen.seq_id.provider.impl} specifies the {@link act.util.IdGenerator.SequenceProvider}
* implementation for {@link App#idGenerator}
*
* Default value: {@link act.util.IdGenerator.SequenceProvider.AtomicLongSeq}
*/
ID_GEN_SEQ_ID_PROVIDER("idgen.seq_id.provider.impl"),
/**
* {@code act.idgen.encoder.impl} specifies the {@link act.util.IdGenerator.LongEncoder}
* implementation for {@link App#idGenerator}
* <p>Default value: {@link act.util.IdGenerator.SafeLongEncoder}</p>
*/
ID_GEN_LONG_ENCODER("idgen.encoder.impl"),
/**
* {@code job.pool.size} specifies the maximum number of threads
* can exists in the application's job manager's thread pool
* <p>Default value: {@code 10}</p>
*/
JOB_POOL_SIZE("job.pool.size"),
/**
* `jwt.enabled`, toggle JWT (JSON Web Token) support.
*
* Enable this configuration has the same effect of setting
*
* * {@link #SESSION_CODEC} - {@link act.session.JsonWebTokenSessionCodec}
* * {@link #SESSION_HEADER_PAYLOAD_PREFIX} - `Bearer `
* * {@link #SESSION_HEADER} - `Authorization`
*
* Default value: `false`
*/
JWT("jwt.enabled"),
/**
* `jwt.algo`, specify JWT sign algorithm.
*
* Available options:
* * SHA256
* * SHA384
* * SHA512
*
* Default value: SHA256
*
*/
JWT_ALGO("jwt.algo"),
/**
* `jwt.issuer`, specify `iss` payload of JWT
*
* Default value: {@link #COOKIE_PREFIX}
*/
JWT_ISSUER("jwt.issuer"),
/**
* {@code act.locale} specifies the application default locale
* <p>Default value: {@link java.util.Locale#getDefault}</p>
*/
LOCALE("locale") {
@Override
public <T> T val(Map<String, ?> configuration) {
Object o = super.val(configuration);
if (null == o) {
return null;
}
if (o instanceof String) {
return (T) Locale.forLanguageTag((String) o);
} else if (o instanceof Locale) {
return (T) o;
} else {
String s = o.toString();
return (T) Locale.forLanguageTag(s);
}
}
},
/**
* {@code act.metric.enabled}
* Turn on/off metric in Act application
*
* Default value: {@code true}
*/
METRIC_ENABLED("metric.enabled"),
/**
* {@code act.modules}
*
* Declare additional app base (for maven modules)
*
* Default value: `null`
*/
MODULES("modules"),
/**
* {@code act.namedPorts} specifies a list of port names this
* application listen to. These are additional ports other than
* the default {@link #HTTP_PORT}
*
* The list is specified as
*
* ```
* act.namedPorts=admin:8888;ipc:8899
* ```
*
* Default value: `null`
*
* Note, the default port that specified in {@link #HTTP_PORT} configuration
* and shall not be specified in this namedPorts configuration
*/
NAMED_PORTS("namedPorts"),
/**
* `threadlocal_buf.limit` set the maximum size of thread local instance
* of {@link S.Buffer} and {@link org.osgl.util.ByteArrayBuffer} before it
* get dropped.
*
* Default value: 1024 * 8 (i.e. 8k)
*/
OSGL_THREADLOCAL_BUF_LIMIT("threadlocal_buf.limit"),
/**
* `password.spec` specify default password spec which is used to
* validate user password.
*
* Default value:
*
* * dev mode: `a[3,]`, meaning require lower case letter and min length is 3 characters.
* * prod mode: `aA0[6,]`, meaning require lower case letter, uppercase letter,
* digit and min length is 6 characters.
*
* Developer can also specify a {@link Password.Validator} implementation
* class for this configuration, in which case, the framework will instantiate the user
* specified validator instead of {@link act.validation.PasswordSpec} as the default
* password validator.
*
* @see act.validation.PasswordSpec#parse(String)
*/
PASSWORD_DEF_SPEC("password.spec"),
/**
* {@code ping.path} specify the ping path.
* If this setting is specified, then when session resolving, system
* will check if the current URL matches the setting. If matched
* then session cookie expiration time will not be changed. Otherwise
* the expiration time will refresh
* <p>Default value: {@code null}</p>
*/
PING_PATH("ping.path"),
/**
* {@code profile} specifies the profile to load configuration
* If this setting is specified, and there is a folder named as
* the {@code profile} setting sit under {@code /resource/conf}
* folder, then the properties files will be loaded from
* that folder.
* <p>Default value: the value of the {@link Act#mode()}</p>
* <p>Note, unlike other configuration items which is usually specified
* in the configuration file. {@code profile} setting is load
* by {@link System#getProperty(String)}</p>, thus it is usually
* specified with JVM argument {@code -Dprofile=<profile>}
*/
PROFILE("profile"),
/**
* `req.throttle` specifies the maximum number of requests
* that can be handled per second from the same ip address
* when {@link Throttled}
* is specified on the action handler.
*
* Default value: `2`
*/
REQUEST_THROTTLE("req.throttle.int"),
/**
* `req.throttle.expire.scale` - whether increase throttle reset
* expire time incrementally.
*
* Default value: `false`
*/
REQUEST_THROTTLE_EXPIRE_SCALE("req.throttle.expire.scale.enabled"),
/**
* `render.json.output_charset`
*
* Specifies output charset in `application/json` response header `Content-Type`
*
* Default value: `false`
*/
RENDER_JSON_OUTPUT_CHARSET("render.json.output_charset.enabled"),
/**
* `render.json.content_type.ie`
*
* Internet Explorer is know to have an issue with `application/json` content type.
* if this configuration is set, the framework will output Content-Type header using
* the setting when the request is detected as initialized from IE browser.
*
* Default value: `null`
*/
RENDER_JSON_CONTENT_TYPE_IE("render.json.content_type.ie"),
/**
* {@code resolver.error_template_path.impl} specifies error page (template)
* path resolver implementation
* <p>Default value: {@code act.util.ErrorTemplatePathResolver.DefaultErrorTemplatePathResolver}</p>
*/
RESOLVER_ERROR_TEMPLATE_PATH("resolver.error_template_path.impl"),
/**
* {@code resolver.template_path.impl} specifies the class that
* extends {@link TemplatePathResolver}. Application
* developer could use this configuration to add some flexibility to
* template path resolving logic, e.g. different home for different locale
* or different home for different device type etc.
* <p/>
* <p>Default value: {@link TemplatePathResolver}</p>
*/
RESOLVER_TEMPLATE_PATH("resolver.template_path.impl"),
/**
* `resource.preload.size.limit`
*
* Specifies the maximum number of bytes of a resource that can be preload into memory.
* Specifies `0` or negative number to disable resource preload feature
*
* Default value: `1024 * 10`, i.e. 10KB
*/
RESOURCE_PRELOAD_SIZE_LIMIT("resource.preload.size.limit.int"),
/**
* {@code scan_package}
* Specify the app package in which all classes is subject
* to bytecode processing, e.g enhancement and injection.
* This setting should be specified when application loaded.
* Otherwise Act will try to process all classes found in
* application's lib and classes folder, which might cause
* performance issue on loading
*/
SCAN_PACKAGE("scan_package"),
/**
* `scan_package.sys`
*
* **Note** Not to be used by application.
*
* This is Used by ActFramework only. When app started it will either
* get the specified scan package from parameter, or infer scan package
* from calling class.
*/
SCAN_PACKAGE_SYS("scan_package.sys"),
/**
* {@code secret}
* Specifies the secret key the application used to do general
* encrypt/decrypt/sign etc
* <p>Default value: {@code myawesomeapp}</p>
*/
SECRET("secret"),
/**
* `secret.rotate.enabled` turn on app secret rotation for session/flash
* token signing and encrypt.
*
* Default value: `false`
*/
SECRET_ROTATE("secret.rotate.enabled"),
/**
* `secret.rotate.period` set the secret rotate period in terms of minute.
*
* **Note** the number of minute must be a factor of 60. Any number that
* is not the factor of 60 then it will be up rounded:
*
* * 1 -> 1
* * 2 -> 2
* * 3 -> 4
* * 4 -> 4
* * 5 -> 5
* * 6 -> 6
* * 7 -> 10
* * 8 -> 10
* * 33 -> 30
* * 50 -> 60
*
* the rotation period less than hour will be count from the beginning of
* the current hour.
*
* If the number minutes exceeds 60, then it must be a factor of 60 * 24. Any
* number if not will be rounded:
*
* * 65 -> 60
* * 60 * 3 -> 60 * 3
* * 60 * 5 -> 60 * 6
* * 60 * 7 -> 60 * 6
* * 60 * 10 -> 60 * 12 (half day)
*
* if the number of minutes equals of exceeds 120, the rotation period will
* be counted from the beginning of the day.
*
* The maximum period is `60 * 24`, i.e. 24 hours. Any setting exceed that number
* will be cut off down to 24 hours.
*
* Default value: `30` minutes, ie. half an hour
*/
SECRET_ROTATE_PERIOD("secret.rotate.period"),
/**
* `secure_ticket_codec`
*
* Specify the implementation of {@link SecureTicketCodec}
*
* Default value: {@link DefaultSecureTicketCodec}
*/
SECURE_TICKET_CODEC("secure_ticket_codec"),
/**
* `server.header` specifies the server header to be output to the response
*
* Default value: `act/${act-version}`
*/
SERVER_HEADER("server.header"),
/**
* `session.outputExpiration.enabled` turn on/off expiration output to
* response header.
*
* This setting only effective when it is using token to
* map session payload.
*
* Default value: `true`
*
*/
SESSION_OUTPUT_EXPIRATION("session.outputExpiration.enabled"),
/**
* `session.ttl` specifies the session duration in seconds.
* If user failed to interact with server for amount of time that
* exceeds the setting then the session will be destroyed
*
* Default value: `60 * 30` i.e half an hour
*/
SESSION_TTL("session.ttl"),
/**
* `session.persistent.enabled` specify whether the system
* should treat session cookie as persistent cookie. If this setting
* is enabled, then the user's session will not be destroyed after
* browser closed.
*
* Default value: `false`
*
* See <a href="http://en.wikipedia.org/wiki/HTTP_cookie#Persistent_cookie">HTTP_cookie</a>
*/
SESSION_PERSISTENT_ENABLED("session.persistent.enabled"),
/**
* `session.encrypted.enabled` specify whether the system should
* encrypt the key/value pairs in the session cookie. Enable session
* encryption will greatly improve the security but with the cost
* of additional CPU usage and a little bit longer time on request
* processing.
*
* Default value: `false`
*/
SESSION_ENCRYPT_ENABLED("session.encrypt.enabled"),
/**
* `act.session.key.username` specifies the session key for username
*
* Default value: `username`
*/
SESSION_KEY_USERNAME("session.key.username"),
/**
* `session.mapper.impl` specifies the implementation of {@link act.session.SessionMapper}
*
* Default value: {@link act.session.CookieSessionMapper}
*/
SESSION_MAPPER("session.mapper.impl"),
/**