Configuration

Swagger/OpenAPI

Most settings for routing, validation and CORS can be set in swagger.yaml. See OpenAPI Integrations for detailed information.

Dynamic Configuration

If you need to define configuration settings dynamically, you can use the conf/config.xml file.

It supports the same settings as in swagger.yaml:

<config>
<flat>
<definition src="swagger.yaml"/>
<validation request="true" response="report-only"/>
<cors allowed-origins="http://localhost:9000" allow-credentials="true"/>
</flat>
</config>

The difference is, that you may use Dynamic Attribute Values and if-clauses as in the flow:

<config>
<flat>
<validation request="true" if="$server/role = 'dev'"/>
<validation request="report-only" if="$server/role = 'prod'"/>
</flat>
</config>

LDAP TLS Configuration

If you use the ldap-lookup() or ldap-query() function and connect to the LDAP server via TLS (ldaps://... URL), you may have to provide the corresponding CA certificate using the following config setting in your config file:

<config>
<flat>
<ldap cacert-src="path/to/ca-certificate.cer"/>
</flat>
</config>

The path is resolved relative to the config.xml file.

LDAP Timeout

LDAP requests via ldap-lookup() or ldap-query() use FLAT_MAX_TIMEOUT as the default timeout. If you want to set a lower timeout for LDAP requests, use the setting below in your config file:

<config>
<flat>
<ldap timeout="3"/>
</flat>
</config>