Configuration
All of the following configuration steps should be done prior the first start of the server (service cmis-service start/systemctl cmis start).
Configure Users
As the CMIS server is not yet connected to an LDAP we need to set up the user(s) who should be able to access the CMIS repositories manually.
Simply add a line like the following to the file /opt/cmis/etc/users.properties for every new user:
...
# <username> = <password_in_plaintext>,_g_:cmisgroup
heinz = heinzSeinPasswortInKlartext,_g_:cmisgroup
wolfgang = wolfgangSeinPasswortInKlartext,_g_:cmisgroup
...This adds the user "heinz" with password "heinzSeinPasswortInKlartext" and "wolfgang" with password "wolfgangSeinPasswortInKlartext" to the group "cmisgroup".
After startup of the server the password will be hashed/encrypted so that file 'users.properties' does not contain plaintext passwords.
Configure Database
Oracle
We need to configure the database by creating a file org.ops4j.datasource-oracle.cfg in /opt/cmis/etc. You can edit and rename the existing template org.ops4j.datasource-oracle.cfg_TEMPLATE.
This file should contain the following configuration properties:
osgi.jdbc.driver.name = oracle-pool
url = jdbc:oracle:thin:@mm-oraclescan-test.mum.intra:1521/omn
user = omn
password = omn
dataSourceName = omn
pool.maxTotal = 10Please adjust the 'url', 'user' and 'password' property values to your environment. The property 'dataSourceName' can be freely chosen.
Please do not change property 'osgi.jdbc.driver.name' and 'pool.maxTotal'.
MSSQL
We need to configure the database by creating a file org.ops4j.datasource-mssql.cfg in /opt/cmis/etc. You can edit and rename the existing template org.ops4j.datasource-mssql.cfg_TEMPLATE.
This file should contain the following configuration properties:
osgi.jdbc.driver.name = mssql-pool
url = jdbc:sqlserver://localhost:1433
user = omn
password = omn
dataSourceName = omn
pool.maxTotal = 10Please adjust the 'url', 'user' and 'password' property values to your environment. The property 'dataSourceName' can be freely chosen.
Please do not change property 'osgi.jdbc.driver.name' and 'pool.maxTotal'.
Note that on startup of the server liquibase is triggered to install/update the DB.
PostgreSQL
We need to configure the database by creating a file org.ops4j.datasource-postgresql.cfg in /opt/cmis/etc. You can edit and rename the existing template org.ops4j.datasource-postgresql.cfg_TEMPLATE.
This file should contain the following configuration properties:
osgi.jdbc.driver.class=org.postgresql.Driver
url = jdbc:postgresql://<postgresql-hostname>:5433/PDCTDB1
user = <username>
password = <password>
dataSourceName = omnPlease adjust the 'url', 'user' and 'password' property values to your environment. The property 'dataSourceName' can be freely chosen.
Please do not change property 'osgi.jdbc.driver.class'.
Note that on startup of the server liquibase is triggered to install/update the DB.
Configure OMN REST-API Client
For configuring the OMN-REST API Client create a file de.apollon.restclient.omn.api-<anyname>.cfg in /opt/cmis/etc. You can edit and rename the existing template de.apollon.restclient.omn.api-localhost.cfg_TEMPLATE.
This file should contain the following properties:
endpoint = http://localhost:8070/api/core/v1
### the token used for authorization at OMN-REST API
### this token must match the 'api.secrets' property in omn_preferences.properties
authorization.token = eyJraWQiOiJjbWlzIiwidHlwIjoiSldUIiwiYWxnIjoiSFM1MTIifQ.eyJzdWIiOiJjbWlzIiwiaW1wZXJzb25hdGUiOiJhZG1pbiIsInVzZXJuYW1lIjoiY21pcyJ9.uGfOhSPws-4QIrbwJuli-1MFq0-q7yMaNGca5ZXHWK_h4dTaV63VfVSOYp_E3dfHsG9_oEzthZmhtvI0HaU-3g
allowed.version.range=[1,2.0)The 'endpoint' describes the OMN-API REST Endpoint.
The 'authorization.token' must contain a valid JWT Bearer token for OMN-API. How to create a JWT-Token is described here: How-to: Generate JWT Token for OMN-API.
These two properties are required. Optionally you can also set a 'logmessage' (defaults to false) and a 'timeout' property (defaults to 30.000 ms) which enables detailed logging and the receive timeout in milliseconds.
The allowed.version.range should be set to [1,2.0) which means the OMN-REST API 1.x can be used but not >= 2.0
Configure OMN File Repository
As with the OMN Type Service there can be multiple instances of an OMN File repository (e.g. one for each OMN RNC).
For every repository create a file de.apollon.cmis.server.repository.omn.file-<identifier>.cfg. Here it is best practice to choose the OMN RNC identifier as <identifier>. You can edit and rename the existing template de.apollon.cmis.server.repository.omn.file-rnc.cfg_TEMPLATE.
For example if you want to create a repository for RNC 'Produktfotografien' then the file should be named like de.apollon.cmis.server.repository.omn.file-produktfotografien.cfg.
The file should contain the following properties:
repository.id = Produktfotografien
omn.mandator.identifier = Ruck
omn.rnc.identifier = Produktfotografien
readonly = heinz
readwrite = wolfgang'repository.id' is the id of the repository as exposed to the clients. If the optional 'repository.name' property is not specified then this id is also used as name. The repository.id should be unique among all other repositories. If another repository with the same id already exists then a random number is appended to (separated by a slash '-').
'omn.mandator.identifier' is the OMN Mandator Identifier. This value should be the same as configured in OMN Type Service
'omn.rnc.identifier' is the identifier of the OMN Root Node Configuration which you want to expose as CMIS repository.
If you do not want to expose the whole RNC but just a subfolder then also configure 'omn.rnc.subdir.path' with the relative folder/path of the sub directory you want to expose.
'readonly' is the comma separated list of users who only have read-only access to this repository.
'readwrite' is the comma separated list of users who have read and write access to this repository (means they can upload files and create directories)
The users need to be setup in users.properties as explained above.
Note that the RNC and the preview directories must be accessible (mounted) on the host the server is running.
Configuring Port and Servlet Alias
The CMIS interface will be available by default on port 8082 at context "/cmisAtom". So at "http://<your_host>:8082/cmisAtom" you now should see a login page where you need to enter the credentials you setup above in users.properties. If you want to adjust to another port you can adjust the property "org.osgi.service.http.port" in file /etc/sysconfig/cmis:
...
prog_args="-Dorg.osgi.service.http.port=8082 -Dgosh.args==—noi"
...For changing the servlet alias / context please create a file /opt/cmis/etc/de.apollon.cmis.server.servlet.cfg and set the property "servlet.atompub.alias" to your preferred alias name (should start with a "/"). You can edit and rename the existing template de.apollon.cmis.server.servlet.cfg_TEMPLATE.
See also configuration property description of CMIS Servlet Service below.
After everything was configured properly please make sure you make the new/adjusted files read/write accessible for tomcat (chown -R tomcat:tomcat /opt/cmis/etc).
Then you can start the server (service cmis-service start).
Please take a look at the log in /opt/cmis/log/error.log if the server starts properly or if sth. went wrong.
Complete list of configuration properties
Above only the mandatory configuration properties are listed. The other properties are set with a default value which usually should fit your needs.
Properties starting with a dot (.) can be ignored since they are private/internal properties.
Anyway you can override the default value to fit special needs. Here the complete list of available properties are listed:
OMN-REST Client
The OMN-REST API Client can be used an any java application, please read the documentation for the rest client for the settings other than for cmis. Following you find the settings for the cmis-server.
For OMN-REST API Client (de.apollon.restclient.omn.api-<anyid>.cfg) the configuration properties are defined as follows:
Property Key |
Required/Optional |
Default value |
Comment |
|
endpoint |
Required |
The OMN4 REST-API endpoint. For example: 'http://localhost:8070/api/core/v1' |
||
authorization.token |
Required |
The encrypted token for the OMN4 REST-API key. In omn the key is set in the property api.secrets. |
||
allowed.version.range |
Optional |
[1.1,2) |
The allowed version range for the OMN4 REST-API. It is notated in OSGi Version range structure (mathematical notation).For example '[1.1,2)' means a version from 1.1 (including 1.1) up to version 2 (excluding 2.0) is allowed. |
|
timeout |
Optional |
90000 |
timeout in ms |
|
logmessage |
Optional |
false |
If true the payload of the send and received messages is written to the log.If this property is changed during runtime the bundle 'de.apollon.restclient.omn.api' has to be restarted manually (for example using the gogo shell doing 'refresh de.apollon.restclient.omn.api.core' or using Felix Webconsole). |
|
mapper.deserialization.fail.on.unknown.properties |
Optional |
true |
Specifies if the json mapper should throw an exception if the response contains an unknown property |
CMIS OMN File Repository
For CMIS OMNFile Repository (de.apollon.cmis.server.repository.omn.file-<anyid>.cfg) the configuration properties defined as follows:
Property Key |
Required/Optional |
Default value |
Comment |
|
cmisTypeService.target |
Optional |
"(type=omn)" |
Target filter to bind CMIS Type Service |
|
omnFetch.target |
Optional |
Set automatically by internal Configurer component |
This value is set automatically to bind to a proper OMN Endpoint |
|
repository.id |
Required |
- |
CMIS Repository ID as exposed to the Client |
|
repository.name |
Optional |
- |
If not set the repository.id will also be used as name |
|
omn.mandator.identifier |
Required |
- |
The OMN Mandator identifer |
|
omn.rnc.identifier |
Required |
- |
The OMN RootNodeConfiguration identifier for the RNC which should be exposed as CMIS repository |
|
omn.rnc.subdir.path |
Optional |
"/" |
In case not the whole RNC should be exposed as CMIS repository then here you can specify a subpath. The subpath should be relative to the RNC configured in 'omn.rnc.identifier' and should start with a '/'. |
|
readwrite |
Required |
"" (empty/trimmed string) |
A comma separated list of user name who should hab read/write access to this repository. The user must be set up in etc/users.properties where also the encrypted password is stored |
|
readonly |
Required |
"" (empty/trimmed string) |
A comma separated list of user name who should hab readonly access to this repository. The user must be set up in etc/users.properties where also the encrypted password is stored |
|
rendition.additionals |
Optional |
"" (empty/trimmed string) |
Additional preview formats. Format is <name>#<width>x<height>. Whereby these are the maximum values for width and height, aspect ratio preserved: If the maximum value for width is reached first the height is calculated to preserve aspect ratio. If the maximum value for height is reached first the width is calculated to preserve aspect ratio.Multiple preview formats can be specified separated by comma |
|
tmp.dir.path |
Required |
"/tmp" |
Directory for storing temporary files |
|
changelog.enabled |
Required |
"true" |
Indicates if the CMIS ChangeLog service should be enabled |
|
changelog.useFileModificationDate |
Required |
"false" |
Indicates if the file modification date should be used instead of the normal modification date (which also is set when only metdata are changed at the object). Note that when this property is set to true then currently files will always be overwritten disregarding a non-matching change token (as if forceOverwrite is set). |
|
changelog.token.suffix |
Required |
"-token" |
The suffix which is used for changelog tokens. Should not be changed |
|
forceOverwrite |
Required |
"false" |
Indicates if files should always be overwritten disregarding a non-matching change token |
|
aperture.auto.active.type |
Required |
"cmis_auto_active" |
The string which describes auto-active apertures. All OMN Aperture-Templates with this string as type will automatically be provided as aperture for all images in this repository |
|
aperture.auto.active.override.enabled |
Required |
"true" |
Indicates if it is allowed to manually override an auto-active aperture template |
|
aperture.supported.mime.types |
Required |
"image/jpeg, image/png, image/tiff" |
Comma separated list of mime types for which apertures are allowed. Should not be changed |
CMIS Servlet Service (optional)
For CMIS Servlet Service (de.apollon.cmis.server.servlet.cfg) the configuration properties are defined as follows:
Property Key |
Required/Optional |
Default value |
Comment |
|
servlet.atompub.alias |
Required |
"/cmisAtom" |
Servlet alias for the CMIS AtomPub binding |
|
servlet.browser.alias |
Required |
"/cmisBrowser" |
Servlet alias for the CMIS Browser binding |
|
call.context.handler |
Optional |
"org.apache.chemistry.opencmis.server.impl.browser.token.TokenCallContextHandler" |
Fully qualified classname of the call context handler. Should not be changed |
CMIS ObjectIdMapper Service (optional)
For CMIS ObjectIdMapper Service (de.apollon.cmis.server.id.mapper.cfg) the configuration properties are defined as follows:
Property Key |
Required/Optional |
Default value |
Comment |
|
requestOnly.replaceFirst.<key> |
Optional (can be configured multiple times) |
- |
A mapping for requested IDs. The value should be in the following format: <old_string> > <new_string> The old_string is the substring to replace in any requested CMIS ObjectIDs. The new_string is the replacement string which will replace the old_string before the CMIS ObjectId is processed by the CMIS Server. They need to be separated by the '>' character. Note that the new_string only replaces the FIRST occurrence of the old_string and that the mapping is only applied on incoming requests from the client. This means only IDs are mapped which are passed via the getObject(<ID>) service call. IDs returned by other calls like for example getChildren or getObjectByPath will remain untouched. The <key> placeholder in the property key can be any random string. If multiple mappings are configured the <key> suffix acts as unique part. Example configuration: requestOnly.replaceFirst.1 = -481822883_APERTURE_DOC > _15293_APERTURE_DOCrequestOnly.replaceFirst.2 = 12345 > 67890 requestOnly.replaceFirst.ChangeSuffix = _APERTURE_REL > _DERIVATE For the first mapping an ID like 14647-481822883_APERTURE_DOC will actually be mapped to 14647_15293_APERTURE_DOC. The second mapping would map an example ID of 12345_IMG_DOC to 67890_IMG_DOC. Note: The mappings should be unique. If two or more mappings are appliable the results are unpredictable. |