Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version 2

changes.mady.by.user Megan Ellis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...


Section


Column
width800px

configuration properties are configured in the frevvo-config.properties file in the <frevvo-home>\tomcat\conf directory. The frevvo-config.properties is a standard java properties file. Any valid context parameter can be configured as a property in this file. This file contains properties that define global customizations that apply to the frevvo.war <frevvo home>\tomcat\webapps\frevvo directory and the frevvo connector warfiles (Database Connector, Filesystem, SharePoint). For example, you can provide the client secret information for the Google Connector with a property in this file. 

The properties that can be added to the frevvo-config.properties file are discussed below. The configuration properties in the frevvo-config.properties file will override the properties configured in <frevvo-home>\tomcat\conf\server.xml file. Parameters, previously configured in the web.xml file included in the frevvo.war must be added to the frevvo-config.properties file as well.

Info

frevvo only supports/certifies  running in the tomcat container. Refer to our Supported Platforms for the list of Application Servers supported/certified by frevvo.

Converting Context Parameters to Properties  

The configuration properties follow a simple property name=value syntax. Let's say you had context parameters to default the tenant login and customize the placeholder on the login screen in the frevvo.xml file of your previous installation.

 The context parameters in frevvo.xml would look like this:

Code Block
titlefrevvo.xml from your previous Live Forms installation
<Parameter name="frevvo.default.login.tenant.id" value="your_tenant_id" override="false"/>
<Parameter name="frevvo.login.username.placeholder" value="user@<your_tenant_name>" override="false"/>

The configuration properties follow a simple property name=value syntax. Follow these steps to convert configuration parameters from previous releases to properties in the frevvo-config.properties file.

  1. Navigate to <frevvo-home>/tomcat/conf directory.

  2. Edit the frevvo-config.properties file.

  3. The Parameter name becomes the property name.
  4. Add an equal sign
  5. Add the value after the equal sign
  6. Repeat this for all custom parameters
  7. Save the file
Code Block
titlefrevvo-config.properties file in the v7.4.x installation
#Custom Tenant Id and Placeholder
frevvo.default.login.tenant.id=<your_tenant_id>
frevvo.login.username.placeholder=<@<your tenant name>

Here is an example of a frevvo-config.properties file that provides the client id and secret for the Box connector, the URL for the Filesystem connector, a property to turn on/off the Insight Server and a property to turn on DEBUG level logging for the frevvo.log and any frevvo connector logfiles.

Code Block
frevvo.box.connector.client.id=bttkldgy9r5td0kdu57v0h6h2gotjf03
frevvo.box.connector.client.secret=EM08T1IjiMFuyCP5OJWm5QPyTz0qcL4A 
frevvo.filesystem.connector.url=http(s)://<your server>:port/filesystem 
insight.enabled=true insight.service.url=http(s)://<your server>:port/insight 
frevvo.sharepoint.connector.url=http(s)://<your server>:port/sharepoint 
logging.level.root=DEBUG

Updating the frevvo-config.properties requires server re-start. You do not have to restart the Insight server.

frevvo tomcat bundle

In the frevvo tomcat bundle, the frevvo-config.properties file is located in the <frevvo-home>\tomcat\conf directory. The path to the frevvo-config.properties file is specified in the <frevvo-home>\tomcat\bin\sentenv.bat.sh files

Code Block
set CATALINA_OPTS=%CATALINA_OPTS% -Dspring.config.location="file:///%CATALINA_HOME%/conf/,file:///%CATALINA_HOME%/conf/frevvo-config.properties"



Column
width400px

On this page:

Table of Contents
maxLevel1


...

If you are using tomcat, emails sent are tracked in the <frevvo-home>\tomcat\logs\frevvo.log file when the INFO log level is enabled. Look for an entry like "Sending email to <email address> with subject <the subject of your email>. If an error occurs when sending, the message "Could not send email to <email address> with subject <the subject of your email> including the actual exception that caused the problem will be logged.

...

 is a multi-tenant application. See the administration section on Manage Tenants. However, it is possible that all you need is a single tenant. If this is your case, it simplifies the  server login if you default the @<tenantname> so the user only needs to enter their username to login. Customers who default the tenant login normally would also customize the placeholder on the login screen. Please read that topic for details.

  1. Stop Live Forms if it is running.
  2. Navigate to the <frevvo-home>\tomcat\conf directory
  3. Open the frevvo-config.properties file with a text editor.

  4. Add the frevvo.default.login.tenant.id property to the <frevvo-home>\tomcat\conf\frevvo-config.properties file and set the param-value to the name of your one tenant.

    Code Block
    titlefrevvo-config.properties
    frevvo.default.login.tenant.id=<your_tenant_id>


  5. Save the file
  6. Restart .

...

You may want to customize the user@tenant placeholder on the login screen to reflect the name of your tenant to minimize confusion for your users or to remove the @tenant from the placeholder if you have defaulted the tenant login. 


In-house customers can change the default placeholder on the login screen by modifying the values for the frevvo.login.username.placeholder property.

...

Note
  • There will be three additional logfiles when running Tomcat as a Windows service:
    • frevvoforms - stderr.YYYYMMDD and frevvoforms - stdout.YYYYMMDD for standard error messages and standard output stream, respectively. This is the default Tomcat behavior.
    • commons-daemon.YYYY-MM-DD.log for Windows Service errors
  • The Insight server no longer creates a log since the insight.war is integrated into frevvo.war. The messages formerly in the insight logs are now found in the in the <frevvo-home>/tomcat/frevvo_YYYY-MM-DD.log

...

Log Message property names that include a . (period) make it difficult to filter these messages using cloud watch filters. Properties have been renamed to include the _ (underscore) instead of the . (period) i.e. tenant.id = tenant_id.

Excerpt
hiddentrue

The <frevvo-home>\tomcat\lib\logback.xml file in the tomcat bundle is embedded in the frevvo.war. It contains a logback pattern that will log the tenant.idsubject.idcorrelation.idsession.idowner.idapplication.id, and type.id (formtype or flowtype) for all log messages.. The pattern in the logback.xml file in the frevvo.war is shown below.

Code Block
<pattern><![CDATA[%d{HH:mm:ss.SSS} |-%-5level [%20.21thread{5}] [%25.26logger{5}] [%X{tenant.id} %X{subject.id}] [%X{correlation.id} %X{session.id}] [%X{owner.id} %X{application.id} %X{type.id}] - %msg%n]]></pattern>

This additional information can be extremely helpful when troubleshooting errors particularly in the frevvo cloud environment. The example shows an INFO message that specifies the tenant, mycompany and the userid, max, associated with the entry:

Code Block
22:05:12.471 |-INFO  [http-nio-8082-exec-1] [   c.f.u.HttpClientHolder] [mycompany max] [f7ec10f5-bd0e-4a3d-b848-9192e646a62d 61E88E450BC436C4087C136DB94F0DC2] [  ] - Installing HTTPClient credential for user maryann and scope BASIC 'frevvo Trac'@dev.frevvo.com

The logback.xml file also controls logging for frevvo connector war files added to tomcat/webapps directory. The pattern in the logback.xml can be overridden to a pattern of your choice with the environmental variables CONSOLE_LOG_PATTERN or FILE_ LOG PATTERN. An example of the default settings

Code Block
<property name="CONSOLE_LOG_PATTERN" value="${CONSOLE_LOG_PATTERN:-%clr(%d{yyyy-MM-dd HH:mm:ss.SSS}){faint} %clr(${LOG_LEVEL_PATTERN:-%5p}) %clr(${PID:- }){magenta} %clr(---){faint} %clr([%15.15t]){faint} %clr(%-40.40logger{39}){cyan} [%X{tenant.id} %X{subject.id}] [%X{correlation.id} %X{session.id}] [%X{owner.id} %X{application.id} %X{type.id}] %clr(:){faint} %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>

<property name="FILE_LOG_PATTERN" value="${FILE_LOG_PATTERN:-%d{yyyy-MM-dd HH:mm:ss.SSS} ${LOG_LEVEL_PATTERN:-%5p} ${PID:- } --- [%t] %-40.40logger{39} [%X{tenant.id} %X{subject.id}] [%X{correlation.id} %X{session.id}] [%X{owner.id} %X{application.id} %X{type.id}] : %m%n${LOG_EXCEPTION_CONVERSION_WORD:-%wEx}}"/>



Debugging log file levels

...

no longer supports the web.xml parameters for frevvo.xforwarded.protocol.header, frevvo.xforwarded.host.header, and frevvo.xforwarded.port.headers. The general recommendation is to rely on the Servlet Container for handling dynamic proxies. A better approach is to use tomcat's RemoteIp Valve instead.  Please see this documentation on the Apache Tomcat website for information about the RemoteIp valve functionality. This tomcat valve has been incorporated into our tomcat bundle.

Code Block
 <Valve className="org.apache.catalina.valves.RemoteIpValve"
            internalProxies=".*" 
            remoteIpHeader="x-forwarded-for" 
            proxiesHeader ="x-forwarded-by" 
            protocolHeader="x-forwarded-proto" />

...

Skew error when logging into an Azure SAML tenant

Users logging into a Azure SAML tenant may encounter the error "Access Denied.  Authorization Required". Examination of the frevvo.log shows the following entry:

Code Block
Response issue time is either too old or with date in the future, skew 60, time 2016-06-01T05:49:25.330Z

This error is typically caused by a clock synchronization issue between the Service Provider (frevvo) and the Identity Provider (Azure) or a genuine delay in the connection. If you get this error, adding the com.frevvo.security.saml.response.skew property can be used to specify the time in seconds allowed between the request and the response from Azure to a value greater than the default value of 60 seocnds.

Follow these steps:

  1. Stop Live Forms if it is running.
  2. Navigate to <frevvo-home>\tomcat\conf
  3. Open the frevvo-config.properties file with a text editor.

  4. Add the parameter shown below with a value greater than the default value of 60 seconds. The example shown increases the timer to 120 seconds.

    Code Block
    com.frevvo.security.saml.response.skew=120


  5. Save the file.

  6. Restart .
  7. Retry the login.

...

Changing the Default Task Notification Email Message

If you want to change the default subject and body of the task notification email for your  server, add these properties to the frevvo-config.properties file.

Code Block
frevvo.task.notification.email.subject=New task
frevvo.task.notification.email.message=You can access your task list by clicking <a href="{task.perform.url}">this link</a>

Change the value in this parameter to anything you want. The task.perform.url template {task.perform.url} is a built-in template in  and it will always point to the specific task. Refer to the Task Notification Email Link topic for some other options. If you wrap the templates in an HTML <a> tag, it will generate a clickable link in the email.

If you do not want the link in your task notification emails to go there, you can remove it. The default message can include form control templates. 

Security Vulnerabilities

The following security vulnerablities have been addressed as follows:

...

  1. Stop Live Forms if it is running.
  2. Navigate to <frevvo-home>\tomcat\conf
  3. Open the frevvo-config.properties file with a text editor.

  4. Add the frevvo-certificate.signature property with a value of true.

    Code Block
    frevvo.certificate.signature=true


  5. Save the file.

  6.  Restart .  

 

 

 

 

  1.