Skip to main content
Skip table of contents

Client-Secure-Konfigurationsparameter

Die nachfolgenden Inhalte sind nur in englischer Sprache verfügbar.

Information

  • The following parameters can be set in the
    • command line or
    • planta.ini
  • All parameters have to be defined in lowercase.
  • The settings in the command line overwrite settings from planta.ini.
ParameterValuesDefault ValueDescriptionAvailable from
use_planta_secureyes, nonoTurns secure connection on or off. When turned off, the client will connect directly to the server.
secure_xml_validate_schemayes, nonoWhen turned on, the messages XML scheme will be checked. Should be turned on in production.

secure_log_level

Trace, Debug, Information, Warning,

Error, Critical, None

WarningLog level for the Client Adapter. It uses a different log level than the rest of the client and also writes its own log file.
secure_plugin_nameDummy, OpenIdConnect, Ldap, PkiDummyDefines the type of authentication to be used.
secure_server_endpointA valid URL pointing to the Server Adapter or a reverse proxy
Endpoint to connect to. This is either the Server Adapter or a reverse proxy, depending on the infrastructure and plugin used.
secure_server_protocolplanta_plainplanta_plainHint which protocol should be used to connect to the backend server (connection between PLANTA Server and Server Adapter). Currently only "planta_plain" is supported.

secure_session_from



Part of BOSH protocol, but not used yet.
secure_session_to

Part of BOSH protocol, but not used yet.
secure_session_requests2 - ∞2The amount of concurrent http requests which will be opened at the same time. For more information, see polling of BOSH protocol.
secure_session_wait1 - ∞15Http request timeout in seconds. The maximum time before the polling request is answered. Small values can lead to a faster detection of connection problems but will fire more requests.
secure_session_compressionyes, noyesTurns compression on or off. Specifically, AutomaticCompression will be set to DecompressionMethods.GZip | DecompressionMethods.Deflate
secure_session_idle_timeout-1 - ∞-1

Manages the lifetime of idle connections, in seconds.

  • -1: keep connections alive indefinitely.
  • 0: close connections after each and every request.

Any other value closes the connection after it has been idle for the respective number of seconds. This number must be smaller than the corresponding timeout on the part of the server or reverse proxy, e.g. keepAliveTimeout in Apache Tomcat's Connector directive (defaults to 60s), keepalive_timeout in nginx's http block (defaults to 75s), or persistent-con-timeout in IBM WebSEAL's [junction] stanza (defaults to 5s).

secure_session_ensure_encryptionyes, noyesWill only allow https connections. Should only be turned off for testing purposes.
secure_validate_certificateyes, noyesUsing this option, you can disable certificate validation to allow for unsafe/invalid ssl/tsl certificates. Should only be turned off for testing purposes.C 39.5.32
secure_min_polling_interval0-10000Minimum time between polling requests in milliseconds. This can lead to longer response times but will minimize network traffic.
secure_security_protocol_type

Possible values are all values from this enum:

https://learn.microsoft.com/en-us/dotnet/api/System.Net.SecurityProtocolType?view=net-7.0


Option to specify specific TSL/SSL versions

Available from C39.5.32.1

C 39.5.32

The following settings are only needed if PLANTA secure with OpenIdConnect is being used:

ParameterValuesDefault ValueDescriptionAvailable from

secure_oauth_login_window_width


20Width of the login window when using OpenIdConnect plugin.

secure_oauth_login_window_height


30Height of the login window when using OpenIdConnect plugin.

secure_oauth_logout_endpoints



The logout endpoint of the OIDC reverse proxy.

secure_oauth_cookie_name


_forward_auth

The authentication cookie which the reverse proxy will set after a successful authentication.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.