Client-Secure-Konfigurationsparameter

Die nachfolgenden Inhalte sind nur in englischer Sprache verfügbar.

Information

The following parameters can be set in the
- command line or
- planta.ini
All parameters have to be defined in lowercase.
The settings in the command line overwrite settings from planta.ini.

Parameter	Values	Default Value	Description	Available from
`use_planta_secure`	yes, no	no	Turns secure connection on or off. When turned off, the client will connect directly to the server.
`secure_xml_validate_schema`	yes, no	no	When turned on, the messages XML scheme will be checked. Should be turned on in production.
`secure_log_level`	Trace, Debug, Information, Warning, Error, Critical, None	Warning	Log level for the Client Adapter. It uses a different log level than the rest of the client and also writes its own log file.
`secure_plugin_name`	Dummy, OpenIdConnect, Ldap, Pki	Dummy	Defines the type of authentication to be used.
`secure_server_endpoint`	A valid URL pointing to the Server Adapter or a reverse proxy		Endpoint to connect to. This is either the Server Adapter or a reverse proxy, depending on the infrastructure and plugin used.
`secure_server_protocol`	planta_plain	planta_plain	Hint which protocol should be used to connect to the backend server (connection between PLANTA Server and Server Adapter). Currently only "planta_plain" is supported.
`secure_session_from`			Part of BOSH protocol, but not used yet.
`secure_session_to`			Part of BOSH protocol, but not used yet.
`secure_session_requests`	2 - ∞	2	The amount of concurrent http requests which will be opened at the same time. For more information, see polling of BOSH protocol.
`secure_session_wait`	1 - ∞	15	Http request timeout in seconds. The maximum time before the polling request is answered. Small values can lead to a faster detection of connection problems but will fire more requests.
`secure_session_compression`	yes, no	yes	Turns compression on or off. Specifically, AutomaticCompression will be set to `DecompressionMethods.GZip \| DecompressionMethods.Deflate`
`secure_session_idle_timeout`	-1 - ∞	-1	Manages the lifetime of idle connections, in seconds. -1: keep connections alive indefinitely. 0: close connections after each and every request. Any other value closes the connection after it has been idle for the respective number of seconds. This number must be smaller than the corresponding timeout on the part of the server or reverse proxy, e.g. `keepAliveTimeout` in Apache Tomcat's Connector directive (defaults to 60s), `keepalive_timeout` in nginx's http block (defaults to 75s), or `persistent-con-timeout` in IBM WebSEAL's [junction] stanza (defaults to 5s).
`secure_session_ensure_encryption`	yes, no	yes	Will only allow https connections. Should only be turned off for testing purposes.
`secure_validate_certificate`	yes, no	yes	Using this option, you can disable certificate validation to allow for unsafe/invalid ssl/tsl certificates. Should only be turned off for testing purposes.	C 39.5.32
`secure_min_polling_interval`	0-1000	0	Minimum time between polling requests in milliseconds. This can lead to longer response times but will minimize network traffic.
`secure_security_protocol_type`	Possible values are all values from this enum: https://learn.microsoft.com/en-us/dotnet/api/System.Net.SecurityProtocolType?view=net-7.0		Option to specify specific TSL/SSL versions Available from C39.5.32.1	C 39.5.32

The following settings are only needed if PLANTA secure with OpenIdConnect is being used:

Parameter	Default Value	Description
`secure_oauth_login_window_width`	20	Width of the login window when using OpenIdConnect plugin.
`secure_oauth_login_window_height`	30	Height of the login window when using OpenIdConnect plugin.
`secure_oauth_logout_endpoints`		The logout endpoint of the OIDC reverse proxy.
`secure_oauth_cookie_name`	_forward_auth	The authentication cookie which the reverse proxy will set after a successful authentication.