Skip to content

Configuration

Jump to bottom
samatstarion edited this page Apr 27, 2026 · 4 revisions

Configuration

The CDP4-COMET Web application is configured using a json file called appsettings.json in the root of the application.

Configuration Sections

The COMET-Webservices are configured using multiple configuration sections:

  • Web Application configuration
  • Server configuration
  • Health probes
  • Logging

Web Application configuration

  • AllowedHosts: The hosts on which the web application is listening
  • StringTablePath: the path to the table where GUI configuration settings are stored (naming of pages and components)
  • MaxUploadFileSizeInMb: the maximum size of files that can be uploaded to the Common and Domain file stores.
  • ServerConfiguration
    • ServerAddress: the address of the CDP4-COMET server that the web application shall connect to. In case this is left empty the user can provide the address
    • FullTrustConfiguration:
      • IsVisible: determines whether the full trust checkbox on the login page is visible
      • IsTrusted: whether the SSL certificate returned by the server shall be trused or not. Possible values are FullTrust, NoTrust, UserDefined.
    • BookInputConfiguration:
      • ShowShortName: when true the ShortName of a book is shown in the GUI, otherwise not
      • ShowName: when true the Name of a book is shown in the GUI, otherwise not
 "AllowedHosts": "*",
 "StringTablePath": "wwwroot/DefaultTextConfiguration.json",
 "MaxUploadFileSizeInMb": 500,
 "ServerConfiguration": {
   "ServerAddress": "",
   "FullTrustConfiguration": {
     "IsVisible": false,
     "IsTrusted": "FullTrust"
   },
   "BookInputConfiguration": {
     "ShowName": true,
     "ShowShortName": true
   }
 }

Health probes

The CDP4-COMET Web application exposes three HTTP probe endpoints, intended for use by container orchestrators (Docker, Kubernetes) to determine the application's lifecycle state:

  • GET /healthzLiveness: returns 200 Healthy as long as the process is alive. Performs no checks.
  • GET /health/startupStartup: returns 200 Healthy once the application has finished bootstrapping (after the string-table and configuration services have been initialized). Returns 503 Service Unavailable while startup is still in progress.
  • GET /readyReadiness: identical to /health/startup — the application is considered ready as soon as bootstrap completes.

The optional Health configuration section restricts which Host headers may reach the three endpoints:

  • AllowedHosts: array of hostnames that are allowed to reach the probes. When the array is empty (or the section is omitted), no host restriction is applied and the probes accept any Host header. This is the default and is the recommended setting for in-cluster orchestrator probing.
"Health": {
  "AllowedHosts": []
}

To restrict the probes to a specific hostname (for example when they are exposed through a reverse proxy):

"Health": {
  "AllowedHosts": [ "health.internal" ]
}

Requests with a Host header that does not match an entry in AllowedHosts receive a 404 Not Found.

Serilog

Serilog is used as logging library. The configuration is adopted from the Serilog documentation. The provided configuration supports logging to the console and a file.

"Serilog": {
  "Using": [ "Serilog.Sinks.Console", "Serilog.Sinks.File" ],
  "MinimumLevel": {
    "Default": "Information",
    "Override": {
      "Microsoft": "Warning",
      "System": "Warning"
    }
  },
  "WriteTo:Async": {
    "Name": "Async",
    "Args": {
      "configure": [
        {
          "Name": "File",
          "Args": {
            "path": "logs/log-comet-web-.txt",
            "rollingInterval": "Day",
            "rollOnFileSizeLimit": true
          }
        }
      ]
    }
  },
  "Enrich": [ "FromLogContext", "WithMachineName", "WithProcessId", "WithThreadId" ],
  "Properties": {
    "Application": "comet-web",
    "Environment": "Production"
  }
}

Authentication

By default, the web application supports the Basic Authentication, where following information are provided at once:

  • Server Address (if not specified via the configuration)
  • UserName
  • Password

With new WebServices feature, new authentication schemes are supported (JWT-based).

To enable the support of new authentication schemes, the configuration of the deployed application have to set to true the ServerConfiguration:AllowMultipleStepsAuthentication to true.

In case of an external authorization provider, like Keycloak (requires to have a WebServices-EE), we may specify the requires Client Secret to allow OpenId communication. This could be perfomed by specifying that secret via the ServerConfiguration:ExternalAuthorizationClientSecret value.

Here is an example of the configuration that specify that the Web Application should target a specific CDP4-COMET WebServices, supporting multiple steps authentication and where the OpenId authentication provider requires a client secret. This configuration can be specify either inside the appsettings.json file or via the docker-compose environment variable in case of a Blazor-Server based application.

{
  "ServerConfiguration": {
    "ServerAddress: "http://localhost:5000",
    "AllowMultipleStepsAuthentication": true,
    "ExternalAuthorizationClientSecret": "your-client-secret"
  }
}

copyright @ Starion Group S.A.

  1. Purpose
  2. Configuration
  3. Structure and Architecture
    1. Disposables
    2. SingleIterationApplicationTemplate
  4. 3D Viewer
  5. Related Software
  6. Common Library
    1. Routing
  7. Testing and Debugging
  8. Build and Release
  9. Continous Deployment
  10. Getting Started
  11. Contributing and Licensing

Clone this wiki locally