Section | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Code Block |
---|
frevvo.box.connector.client.id=bttkldgy9r5td0kdu57v0h6h2gotjf03 frevvo.box.connector.client.secret=EM08T1IjiMFuyCP5OJWm5QPyTz0qcL4A frevvo.filesystem.connector.url=http(s)://<your server>:port/filesystem frevvo.filesystem.connector.metadata.prefix=md insight.enabled=true insight.service.url=http(s)://<your server>:port/insight frevvo.sharepoint.connector.url=http(s)://<your server>:port/sharepoint logging.level.=DEBUG |
Refer to the Tomcat Logfiles topic for more information about using the properties in this file to turn on DEBUG level logging for the frevvo log and the logfiles for any frevvo connectors you might be running.
Containers ,other than tomcat, may not have a mechanism like the frevvo.xml file where configuration changes can be made without having to manually expand files, change the web.xml and re-war it. Creating the frevvo-config.properties file and making the changes there provide a simple way for the System Administrator to mange configuration issues. For example, system administrators might prefer to distribute only one frevvo-config.properties file rather than deal with many different ones for a deployment across multiple nodes and clusters.
Let's, say you need to set the frevvo.link.default.url to http://mycompany.com and move the Data Sources panel to the top of the designer.
Create the frevvo-config.properties file. Refer to frevvo-config.properties location for information about where the file should reside. The context-parameters follow a simple context-parameter=value syntax (shown below) in the frevvo-config.properties file:
Code Block |
---|
frevvo.link.default.url=http://frevvo.com/
frevvo.data.sources.top=true |
Updating the frevvo-config.properties requires server re-start.
frevvo-config.properties location
- Expand the war, edit/create the /WEB-INF/frevvo-config.properties, re-zip the war. This is essentially the same as editing the web.xml directly.
- Create the file in the current working directory of the container you are using. will pick it up by default.
Place the frevvo-config.properties somewhere in the file system (outside the frevvo.war) and then add -Dspring.config.location=file:Drive:/path to frevvo-config.properties in the java executable call. For example, add it to <frevvo-home>\tomcat\bin\setenv.bat, setenv.sh or service.bat if you are using the tomcat container. Here is an example of the <frevvo-home>\tomcat\bin\setenv.bat file with the added parameter:
Code Block |
---|
set CATALINA_OPTS=%CATALINA_OPTS% -Dspring.config.location="file:///%CATALINA_HOME%/conf/,file:///%CATALINA_HOME%/conf/frevvo-config.properties" |
The value of frevvo.config can be a full path (e.g. Drive:/pathtomyfrevvo-config.properties), a path in the war (e.g. /WEB-INF/myfrevvo-config.properties) or a url (e.g. http://config/myfrevvo-config.properties). Be sure to include the frevvo-config.properties file name in the path statement.
Changing the admin password
...
Updating the frevvo-config.properties requires server re-start.
Changing the admin password
- Login to your server as user "admin@d", password "admin"
- On the page that is displayed, click the "Manage Tenants" link.
- Click the icon to manage tenant named "d (Default tenant)"
- Click "Manage Users"
- Click the icon for the admin user. This displays a profile form.
- Change the password as desired and submit the form.
...
- If you enter an email address in the frevvo.xml parameter and leave the Email address fields on the Edit Tenant screen blank - Doc action emails will use the frevvo.xml from email value and task notification will use tenant admin's email address.
- If you enter a value into the Email address fields on the Edit tenant page - Doc action and task notification emails will use this value. The value in the frevvo.xml file is overridden.
If you want to use the frevvo.xml value for Doc action emails, leave the tenant from email address blank. This would mean flow task notifications will use tenant admin's email address.
Debug sends more debugging info to the tomcat log files. And bounce.email sets an address to receive emails that cannot be delivered to the to email recipients.
...
is a multi-tenant application. See the administration section on Manage Tenants. However, it is possible that all you need is a single tenant. If this is your case, it simplifies the server login if you default the @<tenantname> so the user only needs to enter their username to login. Customers who default the tenant login normally would also customize the placeholder on the login screen. Please read that topic for details.
There are two files where the changes to default the tenant login to your tenant name can be made: web.xml or the frevvo.xml. The recommended approach is to add the configuration parameters to the frevvo.xm;l file as it keeps all your modified parameters in one place and makes it easy to upgrade to newer releases. Since the file is outside the frevvo war, you avoid the unzip/rezip of the of the frevvo.war that is needed if you make the changes in web.xml. Examples containing the context parameters for both files are shown below.
...
The maximum number of users that can be validated and uploaded with a csv file is controlled by the context parameter frevvo.userloader.maxUserLoadSize The default value is 10,000 and is configured in the web.xml file in the frevvo war.
In-house customers can increase the maximum number by adding a parameter in <frevvo-home>\tomcat\conf\catalina\localhost\frevvo.xml. The maximum number of users that should be configured with this parameter for uploads using the UI is 90,000.
Follow these Steps:
- Edit the <frevvo-home>\tomcat\conf\catalina\localhost\frevvo.xml file
Add the frevvo.userloader.maxUserLoadSize with a value for the maximum number of users per upload
Code Block <Parameter name="frevvo.userloader.maxUserLoadSize" value="<maximum number of users per upload>" override="false"/>
- Restart
If you have more than a few thousand users, we recommend using the API because it is programmatic and can be automated. This is a more resilient way to bulk load lots of users. The CSV Upload using the API has not been tested by frevvo with more than 150,000 users per upload.
Proxy Server configuration
...
can be configured to handle HTTPS connections from users. The tomcat bundle you downloaded from www.frevvo.com is pre-configured with a self-signed certificate for development and testing. This self-signed certificate enables to handle HTTPS connections out of the box. However before deploying your forms to production you may want to replace this with your own certificate.
...
Note |
---|
There will be three additional logfiles when running Tomcat as a Windows service:
|
...
Using Debug Mode to see logged in users
If the log level is set to DEBUG, then you will see user login and logout information in the <frevvo-home>\frevvo\tomcat\logs\frevvo.log file. Examples of log entries are shown below. Search for “Server num users” in the log file to quickly see the number of currently logged in/out users. Note the first log entry below shows the number of users currently logged in. Showing the list of currently logged in users via the UI to the superuser and tenant admins is planned for a future release.
User login:
10:01:40.813 |-DEBUG [http-nio-8082-exec-1] [ c.f.u.UsersMonitor] - Tenant (qa): login: num users: 1. Server num users: 1
--Number of currently logged in users
10:01:40.816 |-INFO [http-nio-8082-exec-1] [ c.f.b.d.DBUtil] - Getting User info for customer: fd tenant: qa
---User who is logging in
User Logout:
10:02:03.287 |-DEBUG [http-nio-8082-exec-5] [ c.f.u.UsersMonitor] - Tenant (qa): logout: num users: 0. Server num users: 0
10:02:03.287 |-DEBUG [http-nio-8082-exec-5] [f.f.w.SessionFormsListener] - Forcing a Subject qa@fd logout on session expiration ...
---User who is logging out
...
The following screen displays when a user tries to submit a form from a timed out session.
Editing Submissions
Designer users can view/edit submissions by clicking the edit link on the submissions panel. Non designer users can view/edit submissions by clicking on the Shared Items tab if they have been granted permission to do so by the designer via the Access Control feature. The frevvo.submission.edit .link parameter must be set to the default value of true, for the edit link to be visible to any user. To disable the edit link on the submission panel, change the default value of true to false for the frevvo.submissions.edit.link configuration parameter in <frevvo-home>/WEB-INF/web.xml file. The web.xml file must be unzipped from the frevvo.war before it can be edited. Follow the instructions above to unzip, modify and rezip the war file.
...
See the documentation on Tomcat Windows Service for more details.
TIFF Image Generator
Several connector wizards, such as the Email and the PaperVision/ImageSilo wizards, All connector wizards allow you to select the form image attached to submission emails and stored into PaperVision/ImageSilo to be in TIFF image format. If the TIFF option doesn't appear in the wizard's Send Snapshot dropdown, then you have not yet installed the necessary TIFF image generator software.
...
follow these steps to install the necessary files:
- Stop
- Download the jai-imageio-core-1.3.1.jar here.
- Add it to frevvo classpath i.e. tomcat/lib folder
- Deploy pve.war (PVE Connector) in tomcat/webapps folder. Download the latest version of the PVE Connector from our DocuPhase Forms Software Downloads Directory.
- Restart the server.
You will now see the TIFF option in the connector wizards Send Snapshot dropdown. Form additional installation details and for various hardware platforms, please refer to the Java Image I/O Installation Guide.
...
The image shows the TIFF format option for the PaperVision or ImageSilo Connector wizard.
Signature Date/Time
Digital Signatures require no configuration. However you can control the format of the date stamp that appears when forms are signed. These two parameters in <frevvo-home>\tomcat\webapps\frevvo\WEB-INF\web.xml are for signature configuration. The first you should never need to change.
...
no longer supports the web.xml parameters for frevvo.xforwarded.protocol.header, frevvo.xforwarded.host.header, and frevvo.xforwarded.port.headers. The general recommendation is to rely on the Servlet Container for handling dynamic proxies. A better approach is to use tomcat's RemoteIp Valve instead. Please see this documentation on the Apache Tomcat website for information about the RemotIp valve functionality. This tomcat valve has been incorporated nto our tomcat bundle.
Code Block |
---|
<Valve className="org.apache.catalina.valves.RemoteIpValve" internalProxies=".*" remoteIpHeader="x-forwarded-for" proxiesHeader ="x-forwarded-by" protocolHeader="x-forwarded-proto" /> |
...
Skew error when logging into an Azure SAML tenant
Users logging into a Azure SAML tenant may encounter the error "Access Denied. Authorization Required". Examination of the frevvo.log shows the following entry:
Code Block |
---|
Response issue time is either too old or with date in the future, skew 60, time 2016-06-01T05:49:25.330Z |
This error is typically caused by a clock synchronization issue between the SP (frevvo) and the Idp (Azure) or a genuine delay in the connection. If you get this error, you can change the value of the context parameter, com.frevvo.security.saml.response.skew, to specify the time in seconds allowed between the request and the response from Azure to a value greater than the default value of 60 seocnds.
If you are using the tomcat bundle, the configuration parameter - com.frevvo.security.saml.response.skew - can be added to the <frevvo-home>\tomcat\conf\catalina\localhost\frevvo.xml file. This is the recommended location.
...
Changing the Default Task Notification Email Message
If you want to change the default task notification email for your server, add this parameter in your \frevvo\tomcat\conf\Catalina\localhost\frevvo.xml file in the frevvo war section:
Code Block |
---|
<Parameter name="frevvo.task.notification.email.message" value="You can access your task list by clicking: {task.perform.url}" override="false"/> |
Change the value in this parameter to anything you want. The task.perform.url template {task.perform.url} is a built-in template in and it will always point the user directly to the task.
If you do not want the link in your task notification emails to go there, you can remove it. If you want the email notification link to point to the user's frevvo server's task list URL, then change the {task.perform.url} template to {task.list.url}.
The default message can include form control templates in addition to the built-in templates.
Security Vulnerabilities
The following security vulnerablities have been addressed as follows:
...