Backend Connections

The various configuration options for the Backend Connections are presented and described below.

Creating a Backend Connection

Add a new component in the Backend Connections tab.
The type of Backend Connection is selected using the "Type" input field. Depending on the type selected, the specific configuration options are displayed.

General module configuration

These are the configuration parameters that are available for all Backend Connections.

Setting (Key) Group Type Description

Setting (Key)	Group	Type	Description
ModuleHeader (`moduleHeader_enabled`)	Module	bool	Enables the ModuleHeader to be deactivated/activated
Module_Description (`moduleHeader_description`)	Module	text	Enables a short description of the module to be stored. Can be displayed in the ModuleHeader, for example.
Module_Icon (`module_iconCls`)	Module	text	Displayed FontAwesome icon of the Backend Connection instance.
Module_Name (`module_name`)	Module	text	Name of the module

ModuleHeader
(moduleHeader_enabled)

Module

bool

Enables the ModuleHeader to be deactivated/activated

Module_Description
(moduleHeader_description)

Module

text

Enables a short description of the module to be stored. Can be displayed in the ModuleHeader, for example.

Module_Icon
(module_iconCls)

Module

text

Displayed FontAwesome icon of the Backend Connection instance.

Module_Name
(module_name)

Module

text

Name of the module

Connection types

There are various connection types, which are described below.

`http_proxy`

This enables the setup of an internal proxy for HTTP connections through the BPC. This enables, for example, access via External Content module component to a server that requires a login via BasicAuth or is not directly accessible, but only via proxy.

Setting (Key) Group Type Description

Setting (Key)	Group	Type	Description
Connection_Password (`connectionPassword`)	Module	text	Password for authentication of the Connection (BasicAuth on the target server)
Connection_Username (`connectionUsername`)	Connection	text	Username for authentication of the Connection
Connection_Timeout (`connectionTimeout`)	Connection	number	Maximum timeout of the Connection. Default: 180
Connection_CheckCsrfToken (`checkCsrfToken`)	Security	bool	Enables the deactivation/activation of the CSRF token check.
Connection_FilterBpcSession (`filterSessionCookie`)	Security	bool	Enables the session filter to be deactivated/activated. Default: true
Connection_InjectUserSessionJWT (`injectSessionJwt`)	Security	bool	A JWT is set in the header, which contains the session information. Default: false Example Call GET /?_dc=1569249450661 HTTP/1.1 X-Bpc-Session: SESSIONID. Cookie: oidc.userInfoJWT=eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyODA0MTg3MS00M2EzLTQ0NDAtYWUyZS1hNGFiZTM1NDViMzIifQ.eyJzdWIiOiI3ZmEwMWYxYS0wNzY5LTQ4Y2UtOTQzMS1hODU4Yjk5Y2ExN2EiLCJhdWQiOiJicGMtY29yZSIsImFkZHJlc3MiOnt9LCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiYnBjX3JvbGVzIjpbImJwY2FkbWluIiwiYnBjdXNlciIsImFDbGllbnRSb2xlIl0sIm5hbWUiOiJUaW1vIFZpcnQiLCJpc3MiOiJodHRwOi8vZGV2MDYudmlydGltby5uZXQ6ODA5MS9hdXRoL3JlYWxtcy9icGMiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJicGNhZG1pbiIsImdpdmVuX25hbWUiOiJUaW1vIiwiZmFtaWx5X25hbWUiOiJWaXJ0IiwiZW1haWwiOiJicGNhZG1pbkBleGFtcGxlLmNvbSJ9.tP3jJo86ONW0lbM47ne_Z0KgMIXCt645hkwK1Why4MtB1Z8e9Lxw4I76n-4zYkLGgADka1G6LkWI4nCDjbtJ7g; oidc=7fa01f1a-0769-48ce-9431-a858b99ca17a Accept: /,* Accept-Language: de-DE,de;q=0.9,en;q=0.8,en-US;q=0.7 accept-encoding: gzip, deflate, br Host: xyz.local:1234 Connection: keep-alive In this configuration we have two different pieces of user session information: Cookie `oidc.userInfoJWT` contains the JWT with user data as it comes from the keycloak. This is signed and can be validated via OIDC. Header `X-Bpc-Session` contains the serialized BpcUserSession as JWT (plain, not signed)
Connection_UntrustedCertificates (`allowUntrustedConnections`)	Security	text	All certificates are trusted and the Common Name (CN) check is skipped. Default: false
Http_Header_Filter (`httpHeaderFilter`)	Proxy	json	List of header names that are to be filtered out. For security reasons, the BPC API key header (`X-APIKey`) is always filtered. Default: `[ "X-Frame-Options" ]`
ProxyServer_Port (`proxyServerPort`)	Proxy	number	The Port under which the proxy server can be reached. Default: 80
ProxyServer_URL (`proxyServer`)	Proxy	text	The address of the proxy server to be used. Remains empty if a direct connection to the target server is possible.
Target_BaseURL (`connectionBaseUrl`)	Target	text	This Parameter defines the base URL to the target system and is prefixed each time it is used.

Connection_Password
(connectionPassword)

Module

text

Password for authentication of the Connection (BasicAuth on the target server)

Connection_Username
(connectionUsername)

Connection

text

Username for authentication of the Connection

Connection_Timeout
(connectionTimeout)

Connection

number

Maximum timeout of the Connection.
Default: 180

Connection_CheckCsrfToken
(checkCsrfToken)

Security

bool

Enables the deactivation/activation of the CSRF token check.

Connection_FilterBpcSession
(filterSessionCookie)

Security

bool

Enables the session filter to be deactivated/activated.
Default: true

Connection_InjectUserSessionJWT
(injectSessionJwt)

Security

bool

A JWT is set in the header, which contains the session information.
Default: false

Example Call

GET /?_dc=1569249450661 HTTP/1.1
X-Bpc-Session: SESSIONID.
Cookie: oidc.userInfoJWT=eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyODA0MTg3MS00M2EzLTQ0NDAtYWUyZS1hNGFiZTM1NDViMzIifQ.eyJzdWIiOiI3ZmEwMWYxYS0wNzY5LTQ4Y2UtOTQzMS1hODU4Yjk5Y2ExN2EiLCJhdWQiOiJicGMtY29yZSIsImFkZHJlc3MiOnt9LCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiYnBjX3JvbGVzIjpbImJwY2FkbWluIiwiYnBjdXNlciIsImFDbGllbnRSb2xlIl0sIm5hbWUiOiJUaW1vIFZpcnQiLCJpc3MiOiJodHRwOi8vZGV2MDYudmlydGltby5uZXQ6ODA5MS9hdXRoL3JlYWxtcy9icGMiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJicGNhZG1pbiIsImdpdmVuX25hbWUiOiJUaW1vIiwiZmFtaWx5X25hbWUiOiJWaXJ0IiwiZW1haWwiOiJicGNhZG1pbkBleGFtcGxlLmNvbSJ9.tP3jJo86ONW0lbM47ne_Z0KgMIXCt645hkwK1Why4MtB1Z8e9Lxw4I76n-4zYkLGgADka1G6LkWI4nCDjbtJ7g; oidc=7fa01f1a-0769-48ce-9431-a858b99ca17a
Accept: */*,*
Accept-Language: de-DE,de;q=0.9,en;q=0.8,en-US;q=0.7
accept-encoding: gzip, deflate, br
Host: xyz.local:1234
Connection: keep-alive

In this configuration we have two different pieces of user session information:

Cookie oidc.userInfoJWT contains the JWT with user data as it comes from the keycloak. This is signed and can be validated via OIDC.
Header X-Bpc-Session contains the serialized BpcUserSession as JWT (plain, not signed)

Connection_UntrustedCertificates
(allowUntrustedConnections)

Security

text

All certificates are trusted and the Common Name (CN) check is skipped.
Default: false

Http_Header_Filter
(httpHeaderFilter)

Proxy

json

List of header names that are to be filtered out. For security reasons, the BPC API key header (X-APIKey) is always filtered.

Default:

[
  "X-Frame-Options"
]

ProxyServer_Port
(proxyServerPort)

Proxy

number

The Port under which the proxy server can be reached.
Default: 80

ProxyServer_URL
(proxyServer)

Proxy

text

The address of the proxy server to be used. Remains empty if a direct connection to the target server is possible.

Target_BaseURL
(connectionBaseUrl)

Target

text

This Parameter defines the base URL to the target system and is prefixed each time it is used.

`identity_provider`

This connection type enables the configuration of the identity provider used Identity provider.

The exact configuration parameters can be found under Configuration of the Identity Provider .

`deployment_system`

This connection type enables the configuration of the BPC systems that are to be addressed as source and target at Deployment.

Setting (Key) Group Type Description

Setting (Key)	Group	Type	Description
DeploymentSystem_SortPriority (`sortPriority`)	Config	number	Adjustment of the sort order (selection box in the Deployment dialog). Default: 1000
DeploymentSystem_URL+ (`url`)	Target	text	Base URL to the target system and is prefixed each time it is used. Default: https://example.com:8181
DeploymentSystem_AllowUntrustedConnections (`allowUntrustedConnection`)	Connection	bool	Allow untrusted connections. Default: false
DeploymentSystem_ApiKey (`api_key`)	Connection	text	API Key of the target system

DeploymentSystem_SortPriority
(sortPriority)

Config

number

Adjustment of the sort order (selection box in the Deployment dialog). Default: 1000

DeploymentSystem_URL+ (url)

Target

text

Base URL to the target system and is prefixed each time it is used.
Default: https://example.com:8181

DeploymentSystem_AllowUntrustedConnections
(allowUntrustedConnection)

Connection

bool

Allow untrusted connections.
Default: false

DeploymentSystem_ApiKey
(api_key)

Connection

text

API Key of the target system

`data_source`

This connection type is used for the configuration of database connections Database connections connections. For these connections, it is necessary that the appropriate database driver is installed beforehand Database driver must first be installed

Setting (Key) Group Type Description

Setting (Key)	Group	Type	Description
DataSource_Configuration (`configuration`)	Datasource	json	Additional data source configuration options that are not covered by the general options (DataSource_User, …). Default: `{ "pool": "dbcp2", "xa": "true", "pool.maxTotal": "10", "pool.maxIdle": "5", "pool.minIdle": "2" }`
DataSource_DriverName (`driverName`)	Datasource	text/combobox	Database drivers such as oracle, mysql, mariadb
DataSource_Password (`password`)	Datasource	text	Password of the database user
DataSource_URL (`url`)	Datasource	text	JDBC Connection URL to the database. Default: jdbc:oracle:thin:@example.com:1521:XE
DataSource_User (`user`)	Datasource	text	Name of the database user

DataSource_Configuration
(configuration)

Datasource

json

Additional data source configuration options that are not covered by the general options (DataSource_User, …).

Default:

{
    "pool": "dbcp2",
    "xa": "true",
    "pool.maxTotal": "10",
    "pool.maxIdle": "5",
    "pool.minIdle": "2"
}

DataSource_DriverName
(driverName)

Datasource

text/combobox

Database drivers such as oracle, mysql, mariadb

DataSource_Password
(password)

Datasource

text

Password of the database user

DataSource_URL
(url)

Datasource

text

JDBC Connection URL to the database.
Default: jdbc:oracle:thin:@example.com:1521:XE

DataSource_User
(user)

Datasource

text

Name of the database user

In most cases, only a read-only connection is required for the connection to the database. To prevent security problems, it is recommended to use a database user with read-only rights in accordance with the least privilege principle.

DataSource_Configuration

The "DataSource_Configuration" configuration parameter is mainly used to configure the pool used with the data connections. A data source holds a pool with n connections to the database. The individual replication jobs each retrieve such a connection and return it to the pool once the work is done. The size should therefore be selected sensibly. Setting this value too high (>8 or >16) is not necessarily advantageous or can even lead to errors if, for example, the Oracle database does not allow so many simultaneous connections (= ask DB Admin for the appropriate number). Further pool settings can be found HERE.

Setting	Type	Example	Description
pool	String	dbcp2	the pool to be used
xa	String	true	as XA resource. Activates the option for distributed transactionshttps://docs.oracle.com/cd/E13218_01/wlp/docs81/sp2/db/5XA.html[(JDBC XA]). It is recommended to set this to true.
pool.minIdle	String	2	The minimum number of connections that can remain idle in the pool, without extra ones being created, or zero to create none.
pool.maxIdle	String	5	The maximum number of connections that can remain idle in the pool, without extra ones being released, or negative for no limit.
pool.maxTotal	String	10	Max. number of database Connections in the pool. Max. number of database connections in the pool

Setting

Type

Example

Description

pool

String

dbcp2

the pool to be used

String

true

as XA resource. Activates the option for distributed transactionshttps://docs.oracle.com/cd/E13218_01/wlp/docs81/sp2/db/5XA.html[(JDBC XA]). It is recommended to set this to true.

pool.minIdle

String

The minimum number of connections that can remain idle in the pool, without extra ones being created, or zero to create none.

pool.maxIdle

String

The maximum number of connections that can remain idle in the pool, without extra ones being released, or negative for no limit.

pool.maxTotal

String

Max. number of database Connections in the pool. Max. number of database connections in the pool

If Closed Connection errors occur repeatedly with Oracle, include the following settings.

Setting	Type	Example	Description
pool.testOnBorrow	String	true	Validation of the DB connection on removal from the pool. Default: false
pool.testOnReturn	String	true	Validation of the DB connection when returning to the pool. Default: false
factory.validationQuery	String	select 1 from dual	SQL query that returns exactly one hit. This is used to test the connection. Default: -
factory.validationQueryTimeout	String	15	Execution timeout in seconds for the defined validation query. Default: no timeout

Setting

Type

Example

Description

pool.testOnBorrow

String

true

Validation of the DB connection on removal from the pool.
Default: false

pool.testOnReturn

String

true

Validation of the DB connection when returning to the pool.
Default: false

factory.validationQuery

String

select 1 from dual

SQL query that returns exactly one hit. This is used to test the connection.
Default: -

factory.validationQueryTimeout

String

Execution timeout in seconds for the defined validation query.
Default: no timeout

Copy&Paste

{

    "pool.testOnBorrow": "true",
    "pool.testOnReturn": "true",
    "factory.validationQuery": "select 1 from dual",
    "factory.validationQueryTimeout": "15"

}

Documentation on the Parameters: BasicDataSource Configuration Parameters

pool.testOnBorrow seems to be deactivated by default, contrary to what is described in the documentation!

Keywords: