Configuring OSGi

Configure:

• Plugins, the main navigation items (console plugins) to be available in the Apache Felix Web Management Console as top level menu items. Disable any you do not need as each requires space and resources.
  

Configure:

• Logger Name and Log Format to configure the location and format of request and access logging (default: request.log). This log file is essential when analyzing performance or debugging functionality related to the web chain.
  This is paired with the Apache Sling Request Logger.

For further information see CQ Logging and Sling Logging.

Configure:

• Min Pool Size and Max Pool Size, the size of the pool used to hold event threads.
  
• Queue Size, the maximum size of the thread queue if the pool is exhausted.
  The recommended value is -1 as this sets the queue to unlimited; if a limit is set then losses might occur when it is exceeded.
  
• Changing these settings can help performance in scenarios with a high number of events; for example, heavy CQ DAM or Workflow usage.
• Values specific to your scenario should be established using tests.
• These settings can affect the performance of your instance, so do not change them without reason and due consideration.

Configure some aspects of rendering:

• Auto Index to enable/disable directory rendering for browsing.
• Enable (or disable) default renditions, such as HMTL, Plain Text, JSON or XML.
  You should not disable JSON.

• Installation folders name regexp and Max hierarchy depth of install folders - specify where, and to which depth, repository folders are searched for resources to be installed. When a wildcard is used (as in .*/install) all appropriate matches will be searched, for example, /libs/sling/install and /libs/cq/core/install.
  
• Search Path, list of paths that jcrinstall searches for resources to be installed, together with a number indicating the weighting factor for that path.

These parameters probably do not need configuration, but can be useful to know when developing or debugging. For example the installation folder(s) can be useful for checking in/out or creating a package.

Configure performance relevant settings for the JSP script handler. To improve performance you should disable as much as possible.

In particular for production instances:

• disable Generate Debug Info
• disable Keep Generated Java
• disable Mapped Content
• disable Display Source Fragments

Configure settings for the compilation of .java files as scripts (servlets).

Certain settings can affect performance, these should be disabled where possible, in particular for a production instance.

• Source VM and Target VM, define the JDK version as that used as the runtime JVM
• for production instances:
  • disable Generate Debug Info

Configure parameters that manage job scheduling:

• Retry interval, Maximum Retries, Maximum Parallel Jobs, Acknowledge Wait Time, amongst others.
• Changing these settings can improve performance in scenarios with a high number of jobs; for example, heavy usage of CQ DAM and Workflows.
• Values specific to your scenario should be established using tests.
  
• Do not change these settings without reason, only change after due consideration.

Configure:

• Log Level and Log File, to define the location and log level of the central logging configuration (error.log). The level can be set to one of DEBUG, INFO, WARN, ERROR and FATAL.
  
• Number of Log Files and Log File Threshold to define the size and version rotation of the log file.
• Message Pattern defines the format of the log messages.

For further information see CQ Logging and Sling Logging.

Configure:

• Log Level, Log File and Message Format to define details of the log file and messages.
• Logger to define the category; for example, only log for com.day.cq.
  
• By using Factory Configurations, any number of additional configurations can be added to cater with the various log levels and categories needed.
• Such configurations are helpful during development; for example, to log TRACE messages for a specific service in a specific log file.
• Such configurations are helpful in a production environment; for example, to have messages about a specific service logged to an individual log file for easier monitoring.

For further information see CQ Logging and Sling Logging.

Configure:

• Log File to define the existence of a log file.
• Number of Log Files to define the version rotation.
  
• The writer can be used by a Apache Sling Logging Logger Configuration configuration.
  
• Such configurations are helpful during development; for example, to log TRACE messages for a specific service in a specific log file.
• Such configurations are helpful in a production environment; for example, to have messages about a specific service logged to an individual log file for easier monitoring.

For further information see CQ Logging and Sling Logging.

Configure:

• MIME Types to add those required by your project to the system. This allows a GET request on a file to set the correct content-type header for linking the file type and application.
  

Configure:

• Number of Calls per Request and Recursion Depth to protect your system against infinite recursion and excessive script calls.

To address known security issues with Cross-Site Request Forgery (CSRF) in CRX WebDAV and Apache Sling you need to configure the Referrer filter.

The referrer filter service is an OSGi service that allows you to configure:

• which http methods should be filtered
• whether an empty referrer header is allowed
  
• and a white list of servers to be allowed in addition to the server host.

See the Security Checklist - Issues with Cross-Site Request Forgery for further details.

Configure:

• various parameters to define how requests are logged.
• Enable Request Log, to enable or disable.
  
• Enable Access Log, to enable or disable.

This is paired with the Apache Sling Customizable Request Data Logger.

For further information see CQ Logging and Sling Logging.

Configure central aspects of Sling resource resolution:

• Resource Search Path(s), add any project specific paths (but do not remove /libs or /apps).
  
• Virtual URLs to define your vanity URL mappings.
  
• URL Mappings to define any aliases; for example from /content to /.
  
• Mapping Location, the mapper configuration externalized in /etc/map.
• Use your local installation (for example, use http://localhost:4502/system/console/jcrresolver) to determine which Resource Resolver is active.

For further information see: http://cwiki.apache.org/SLING/flexible-resource-resolution.html.

These settings relate to the mailer that sends content-based mail messages created as cq:mailMessage in /var/mailer/messages. This effectively acts as a persistent mail queue for CQ and can also be used to configure a mailer within a cluster. The messages are deleted once sent. This is used for example, by the newsletter.

Configure:

• Scheduler period, the frequency with which to check for new mails available for sending.
• Mailer data root path, the location to be searched for new mail messages.

Configure the anti-spam service (Akismet) used with the blog. This requires you to register the:

• Provider
• API key
• Registered URL

Configure this to control the handling of client libraries (css or js); including, for example, how the underlying structure is seen.

• For production instances:
• enable Minify (to remove CRLF and whitespace characters).
• enable Gzip (to allow files to be gzipped and accessed with one request).
• disable Debug
• disable Timing
• For JS development (especially when firebugging/debugging):
• disable Minify
• enable Debug to separate the files for debugging and use with firebug.
• enable Timing in the case of interest in timing.
• enable Debug console to see JS console log messages.

Check and if necessary configure:

• Scheduler Period to define the interval at which external links are to be automatically checked.
  
• Check Bad Link Tolerance Interval for the period after which an unsuccessful external link is considered bad.
• Link Check Override Patterns, to define any paths to be excluded from link checking.

Configure settings for a single link checker task (a task which checks an external link):

• Check the intervals defined in Good Link Test Interval and Bad Link Test Interval
  
• The various parameters related to proxies for internet access and NTLM that are needed for external access when checking a link.
  

Configure:

• Paths, a list of locations where the system listens for page modifications before triggering a jcr:Event.
  

Configure:

• The Run Modes, in which replication events will be distributed to listeners. For example, if defined as author, then this is the system that will "initiate" the replication.
  
• The run mode publish needs to be added if the project code processes replication events (reverse replication) in a publish environment. For example, when the dispatcher is used to flush from the publish environment or when standard replication to other publish instances occurs.

Configure:

• The Paths, locations to listen for repository events ready for distribution.

Configure:

• Target Path to define where is a request to "/" will point to.

• Disable this on production instances to ensure performance and security.

This is useful when developing as it allows the use of suffixes such as ?debug=layout when accessing a page. For example, http://localhost:4502/cf#/content/geometrixx/en/support.html?debug=layout will provide layout information that may be of interest to the developer.

Configure:

• WCM Mode to define the default mode.
• On an author instance this might be edit, preview or design.
  The other modes can be accessed from the sidekick, or the suffix ?wcmmode=disabled can be used to emulate a production environment.
• On a publish instance this must be set to disabled to ensure that no other mode is accessible.

Configure:

• List of rewrite configurations to specify a list of locations for content-based linkchecker configurations. The configurations can be based on run mode; this is important to distinguish between author and publish environments, as linkchecker settings may differ.

Configure the various settings used with the newsletter.

Configure:

• URL to send data to configure the URL used to track page statistics (is vital if a tracker request goes through the dispatcher); for example, the default is http://localhost:4502/libs/wcm/stats/tracker.

Control if, and how, versions are managed in your system:

• Create Version on Activation, enabled in a standard installation
• Enable Purging
  
• Purge Paths, the paths that a search action will search
  
• Max Version Age, the maximum age (in days) of a version
  
• Max Number Versions, the maximum number of versions to keep

See Configuring Version Purge for more information.

Configure the email settings for notifications sent by a workflow.

Configure access to the underlying content repository.

• The Admin Password should be changed after installation to ensure the security of your instance.
• Other changes should not be necessary and care must be taken as they can affect access to the repository.

When rendering graphics you can use DrawText to embed text. For this you can also install your own fonts:

• Define the Font Path to be searched for project specific fonts.
  For example, /apps/myapp/fonts.

Proxy configuration for all code using the day commons HTTP client, used when a HTTP is made; for example upon replication.

The HTTP client in Day Commons is based on the Apache HTTP client.

Therefore it is recommended that developers use the HTTP client in Day Commons as opposed to writing their own or directly using the Apache HTTP commons.

System wide settings for the basic authentication method of the HTTP request. 

When using closed user groups you can configure (amongst others):

• HTTP Realm
• The Default Login Page
  

Configure access to an external database being used as a source for content.

This is a Factory Configuration, so multiple instances can be configured.

Configure hostname and access details for the mail server. Please refer to the Configuring the Mail Service section.

Configure Single Sign On (SSO) details; these are often needed in enterprise author setups, often in conjunction with LDAP.

Various configuration properties are available:

• Path
  Path that this authentication handler will be used on. If this parameter is left empty the authentication handler is disabled.
  
• Header Names
  The name(s) of headers that might contain a user ID.
  
• Cookie Names
  The name(s) of cookies that might contain a user ID.
• Parameter Names
  The name(s) of request parameters that might contain a user ID.
• ID Format
  The format that the user ID is encoded with. 
  • Basic for the Basic format.
    
  • AsIs if the value should be used "as is" or as a regular expression matched to provide the value.
    For example, if you specify ^<DOMAIN>\\(.+)$ this will match against a header (cookie, parameter) starting with <DOMAIN>\ and followed by the user ID (where <DOMAIN> is replaced by your own domain name). The user ID is then used as the value for SSO. If you need to use groups in your regular expression, you can specify the group by appending |<group-index> to the regular expression (the group index starts with 1). So the above example can be written as ^<DOMAIN>\\(.+)$|1.
    
• Trusted Credential Attribute
  The name of the attribute (in the trusted credentials) that is set with the user information.
  Note: The value of Trusted Credential Attribute must be equal to the attribute you configure in repository.xml (by default <param name="trust_credentials_attribute" value="TrustedInfo"/>). This is the name of the Attribute used in the SimpleCredentials object to provide the userid from the SsoAuthenticationHandler to the authenticator CRXLoginModule. Therefore this has to be the same in the two configurations.
• Disable Login Page
  This box is checked if the Login Page of this authenticator should be disabled. Usually:
  • unchecked on author environments
    
  • checked on publish environments
    
• HTTP Realm
  Name of the HTTP realm, this is displayed in the login window seen by the user.
• Default Login Page
  Absolute path of the page to use to display the default login form.
• Login Form Clients
  Lists identifiers of clients which are known to support form based HTTP (Basic) authentication.
• UTF-8 Credentials
  Lists the identifiers of clients that are known to encode non-ASCII credentials using UTF-8 character encoding.

Configure the email settings for emails sent by a wiki.