diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.cer b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.cer
index 271a34c..a02049e 100644
Binary files a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.cer and b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.cer differ
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.keystore b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.keystore
index f9f21a4..4926729 100644
Binary files a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.keystore and b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0.keystore differ
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0_aliasMap.conf b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0_aliasMap.conf
new file mode 100644
index 0000000..5ae3e7f
--- /dev/null
+++ b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0_aliasMap.conf
@@ -0,0 +1,2 @@
+"shrine-server-srv1" = "shrine-server-srv1"
+"shrine-server-srv2" = "shrine-server-srv2"
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0_downstreamNodes.conf b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0_downstreamNodes.conf
new file mode 100644
index 0000000..bf2f67f
--- /dev/null
+++ b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv0_downstreamNodes.conf
@@ -0,0 +1,2 @@
+"shrine-server-srv1" = "https://shrine-server-srv1:6443/shrine/rest/adapter/requests"
+"shrine-server-srv2" = "https://shrine-server-srv2:6443/shrine/rest/adapter/requests"
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.cer b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.cer
index 326cf56..9c42be0 100644
Binary files a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.cer and b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.cer differ
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.keystore b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.keystore
index 2bb7cef..48f5990 100644
Binary files a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.keystore and b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1.keystore differ
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1_aliasMap.conf b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1_aliasMap.conf
new file mode 100644
index 0000000..35e88d2
--- /dev/null
+++ b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1_aliasMap.conf
@@ -0,0 +1,2 @@
+"shrine-server-srv0" = "shrine-server-srv0"
+"shrine-server-srv2" = "shrine-server-srv2"
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1_downstreamNodes.conf b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1_downstreamNodes.conf
new file mode 100644
index 0000000..f559b24
--- /dev/null
+++ b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv1_downstreamNodes.conf
@@ -0,0 +1,2 @@
+"shrine-server-srv0" = "https://shrine-server-srv0:6443/shrine/rest/adapter/requests"
+"shrine-server-srv2" = "https://shrine-server-srv2:6443/shrine/rest/adapter/requests"
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.cer b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.cer
index 483e731..090a87a 100644
Binary files a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.cer and b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.cer differ
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.keystore b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.keystore
index f750387..10ecdf6 100644
Binary files a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.keystore and b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2.keystore differ
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2_aliasMap.conf b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2_aliasMap.conf
new file mode 100644
index 0000000..84f889b
--- /dev/null
+++ b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2_aliasMap.conf
@@ -0,0 +1,2 @@
+"shrine-server-srv0" = "shrine-server-srv0"
+"shrine-server-srv1" = "shrine-server-srv1"
diff --git a/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2_downstreamNodes.conf b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2_downstreamNodes.conf
new file mode 100644
index 0000000..b9c90d0
--- /dev/null
+++ b/configuration-profiles/dev-3nodes-samehost/shrine-server-srv2_downstreamNodes.conf
@@ -0,0 +1,2 @@
+"shrine-server-srv0" = "https://shrine-server-srv0:6443/shrine/rest/adapter/requests"
+"shrine-server-srv1" = "https://shrine-server-srv1:6443/shrine/rest/adapter/requests"
diff --git a/documentation/generate-configuration-profile.sh b/documentation/generate-configuration-profile.sh
index db0505b..39eab41 100644
--- a/documentation/generate-configuration-profile.sh
+++ b/documentation/generate-configuration-profile.sh
@@ -1,61 +1,66 @@
#!/bin/bash
set -e
shopt -s nullglob
# usage: bash generate-configuration-profile.sh CONFIGURATION_FOLDER KEYSTORE_PASSWORD NODE_DNS_1 NODE_IP_1 NODE_DNS_2 NODE_IP_3 NODE_DNS_3 NODE_IP_3 ...
if [ $# -lt 4 ]
then
echo "Wrong number of arguments, usage: bash generate-configuration-profile.sh CONFIGURATION_FOLDER KEYSTORE_PASSWORD NODE_DNS_1 NODE_IP_1 NODE_DNS_2 NODE_IP_3 NODE_DNS_3 NODE_IP_3 ..."
exit
fi
# arguments
CONF_FOLDER="$1"
KEYSTORE_PW="$2"
shift
shift
# clean up previous entries
mkdir -p "$CONF_FOLDER"
-rm -f "$CONF_FOLDER"/*.keystore "$CONF_FOLDER"/shrine_downstream_nodes.conf "$CONF_FOLDER"/shrine_alias_map.conf "$CONF_FOLDER"/*.cer
+rm -f "$CONF_FOLDER"/*.keystore "$CONF_FOLDER"/*.conf "$CONF_FOLDER"/*.cer
# generate private and keystore for each node
NODE_IDX="-1"
while [ $# -gt 0 ]
do
NODE_DNS="$1"
NODE_IP="$2"
NODE_IDX=$((NODE_IDX+1))
KEYSTORE="$CONF_FOLDER/$NODE_DNS.keystore"
shift
shift
# generate the node certificate in the keystore and export it
keytool -genkeypair -keysize 2048 -alias "$NODE_DNS" -validity 7300 \
-dname "CN=$NODE_DNS, OU=$NODE_DNS, O=SHRINE Network, L=Lausanne, S=VD, C=CH" -ext "SAN=IP:$NODE_IP" \
-keyalg RSA -keypass "$KEYSTORE_PW" -storepass "$KEYSTORE_PW" -keystore "$KEYSTORE"
keytool -export -alias "$NODE_DNS" -storepass "$KEYSTORE_PW" -file "$CONF_FOLDER/$NODE_DNS.cer" -keystore "$KEYSTORE"
# add entry in the downstream nodes and alias map
echo "\"$NODE_DNS\" = \"https://$NODE_DNS:6443/shrine/rest/adapter/requests\"" >> "$CONF_FOLDER/shrine_downstream_nodes.conf"
echo "\"$NODE_DNS\" = \"$NODE_DNS\"" >> "$CONF_FOLDER/shrine_alias_map.conf"
#todo: unlynx keys
done
# import certificates of network nodes into the keystores
for KEYSTORE in "$CONF_FOLDER"/*.keystore
do
for CERTIFICATE in "$CONF_FOLDER"/*.cer
do
- NODE_DNS=$(basename "$CERTIFICATE" ".cer")
- if [ "$NODE_DNS" != $(basename "$KEYSTORE" ".keystore") ]
+ OTHER_NODE_DNS=$(basename "$CERTIFICATE" ".cer")
+ CURRENT_NODE_DNS=$(basename "$KEYSTORE" ".keystore")
+ if [ "$OTHER_NODE_DNS" != "$CURRENT_NODE_DNS" ]
then
- keytool -noprompt -import -v -trustcacerts -alias "$NODE_DNS" -file "$CERTIFICATE" -keystore "$KEYSTORE" -keypass "$KEYSTORE_PW" -storepass "$KEYSTORE_PW"
+ keytool -noprompt -import -v -trustcacerts -alias "$OTHER_NODE_DNS" -file "$CERTIFICATE" -keystore "$KEYSTORE" -keypass "$KEYSTORE_PW" -storepass "$KEYSTORE_PW"
+
+ # generate aliasMap and downstreamNodes
+ echo "\"$OTHER_NODE_DNS\" = \"https://$OTHER_NODE_DNS:6443/shrine/rest/adapter/requests\"" >> "$CONF_FOLDER/${CURRENT_NODE_DNS}_downstreamNodes.conf"
+ echo "\"$OTHER_NODE_DNS\" = \"$OTHER_NODE_DNS\"" >> "$CONF_FOLDER/${CURRENT_NODE_DNS}_aliasMap.conf"
fi
done
keytool -list -v -keystore "$KEYSTORE" -storepass "$KEYSTORE_PW"
done
diff --git a/shrine-server/Dockerfile b/shrine-server/Dockerfile
index c4923c2..69eac46 100644
--- a/shrine-server/Dockerfile
+++ b/shrine-server/Dockerfile
@@ -1,143 +1,122 @@
FROM tomcat:8.0-jre8
# variables CATALINA_HOME exists and set
ARG I2B2_DOMAIN_NAME_ARG="i2b2demo"
ENV SHRINE_VERSION="fork/1.22.8-medco" \
SHRINE_SRC_DIR="/opt/shrine-src" \
SHRINE_ADAPTER_MAPPINGS_URL="https://open.med.harvard.edu/svn/shrine-ontology/SHRINE_Demo_Downloads/trunk/AdapterMappings_i2b2_DemoData.xml" \
SHRINE_MYSQL_JAR_URL="http://central.maven.org/maven2/mysql/mysql-connector-java/5.1.40/mysql-connector-java-5.1.40.jar" \
I2B2_DOMAIN_NAME="$I2B2_DOMAIN_NAME_ARG" \
CONF_DIR="/opt/medco-configuration" \
ADMIN_PASSWORD="prigen2017" \
DB_PASSWORD="pFjy3EjDVwLfT2rB9xkK"
# system and tomcat prerequisites
RUN apt-get -y update && \
apt-get -y install git maven zip wget unzip openjdk-8-jdk-headless && \
apt-get -y clean && \
echo "<?xml version='1.0' encoding='utf-8'?><tomcat-users><role rolename=\"admin-gui\" /><user username=\"admin\"" \
"password=\"$ADMIN_PASSWORD\" roles=\"admin-gui\" /></tomcat-users>" > "$CATALINA_HOME/conf/tomcat-users.xml" && \
echo 'export CATALINA_OPTS=" -Dakka.daemonic=on "' > "$CATALINA_HOME/bin/setenv.sh" && \
echo '{ "allow_root": true }' > /root/.bowerrc
# download and compile shrine wars
WORKDIR "$SHRINE_SRC_DIR"
RUN git clone https://c4science.ch/source/shrine-medco.git . && \
git checkout $SHRINE_VERSION
# install
# todo: reorganize properly this part (cache and build shrine parts)
# cache
RUN mvn -e -pl commons/test-commons install -DskipTests
RUN mvn -e -N install -DskipTests
RUN mvn -e -pl commons/util install -DskipTests
RUN mvn -e -pl commons/config install -DskipTests
RUN mvn -e -pl commons/data-commons install -DskipTests
RUN mvn -e -pl commons/protocol-query install -DskipTests
#RUN mvn dependency:resolve
# breakdown modules installation
RUN mvn -e -pl commons/protocol install -DskipTests
RUN mvn -e -pl tools install -DskipTests
RUN mvn -e -pl tools/utility-commons install -DskipTests
RUN mvn -e -pl apps/meta-app install -DskipTests
RUN mvn -e -pl apps/meta-war install -DskipTests
RUN mvn -e -pl commons/crypto install -DskipTests
RUN mvn -e -pl commons/client install -DskipTests
RUN mvn -e -pl tools/batch-querier install -DskipTests
RUN mvn -e -pl commons/auth install -DskipTests
RUN mvn -e -pl adapter/adapter-api install -DskipTests
RUN mvn -e -pl apps/dashboard-app install -DskipTests
RUN mvn -e -pl apps/dashboard-war install -DskipTests
RUN mvn -e -pl commons/email install -DskipTests
RUN mvn -e -pl apps/steward-app install -DskipTests
RUN mvn -e -pl apps/steward-war install -DskipTests
RUN mvn -e -pl apps/proxy install -DskipTests
RUN mvn -e -pl hms-support install -DskipTests
RUN mvn -e -pl hub/broadcaster-aggregator install -DskipTests
RUN mvn -e -pl tools/monitor install -DskipTests
#RUN cd hms-support && mvn -e -pl hms-core/shrine-hms-core install && cd ..
#RUN mvn -e -pl qep/service install
RUN mvn -e -pl hub/broadcaster-service install -DskipTests
RUN mvn -e -pl adapter/adapter-service install -DskipTests
#RUN mvn -e -pl tools/adapter-queries-to-qep install
RUN mvn -e -pl commons/ont-support install -DskipTests
#RUN mvn -e -pl tools/scanner install
RUN mvn -e -pl tools/mapping-automation install -DskipTests
#RUN mvn -e -pl apps/shrine-app install
#RUN mvn -e -pl apps/war install
RUN mvn -e -pl install install -DskipTests
#RUN mvn -e -pl integration install
RUN mvn -e -pl shrine-webclient install -DskipTests
# compilation and installation
RUN mvn -e install -Dmaven.test.skip=true
RUN cp "$SHRINE_SRC_DIR/apps/steward-war/target/steward.war" \
"$SHRINE_SRC_DIR/apps/dashboard-war/target/shrine-dashboard.war" \
"$SHRINE_SRC_DIR/apps/proxy/target/shrine-proxy.war" \
"$CATALINA_HOME/webapps/" && \
cp "$SHRINE_SRC_DIR/apps/war/target/shrine-cell.war" "$CATALINA_HOME/webapps/shrine.war" && \
cp "$SHRINE_SRC_DIR/apps/meta-war/target/shrine-metadata.war" "$CATALINA_HOME/webapps/shrine-meta.war" && \
cp -r "$SHRINE_SRC_DIR/shrine-webclient/src/main/html" "$CATALINA_HOME/webapps/shrine-client"
# shrine webclient
WORKDIR "$SHRINE_SRC_DIR-webclient"
RUN git clone https://c4science.ch/source/shrine-medco.git . && \
git checkout $SHRINE_VERSION && \
mvn -e -pl shrine-webclient install -DskipTests && \
rm -rf "$CATALINA_HOME/webapps/shrine-client" && \
cp -r "$SHRINE_SRC_DIR-webclient/shrine-webclient/src/main/html" "$CATALINA_HOME/webapps/shrine-client"
# configuration
RUN wget "$SHRINE_ADAPTER_MAPPINGS_URL" -O "$CATALINA_HOME/lib/AdapterMappings.xml" && \
wget "$SHRINE_MYSQL_JAR_URL" -P "$CATALINA_HOME/lib/"
COPY conf/shrine.conf "$CATALINA_HOME/lib/"
COPY conf/server.xml conf/context.xml "$CATALINA_HOME/conf/"
COPY conf/i2b2_config_data.js "$CATALINA_HOME/webapps/shrine-client/"
COPY conf/cell_config_data.js "$CATALINA_HOME/webapps/shrine-client/js-i2b2/cells/SHRINE/"
-RUN sed -i "s#SHRINE_DOWNSTREAM_NODES_FILE_PATH#$CONF_DIR/shrine_downstream_nodes.conf#g" "$CATALINA_HOME/lib/shrine.conf" && \
- sed -i "s#SHRINE_ALIAS_MAP_FILE_PATH#$CONF_DIR/shrine_alias_map.conf#g" "$CATALINA_HOME/lib/shrine.conf" && \
-
- sed -i "s/SHRINE_KEYSTORE_PASSWORD/$ADMIN_PASSWORD/g" "$CATALINA_HOME/conf/server.xml" && \
+RUN sed -i "s/SHRINE_KEYSTORE_PASSWORD/$ADMIN_PASSWORD/g" "$CATALINA_HOME/conf/server.xml" && \
sed -i "s/SHRINE_DB_PASSWORD/$DB_PASSWORD/g" "$CATALINA_HOME/conf/context.xml" && \
sed -i "s/SHRINE_WEBCLIENT_DOMAIN/$I2B2_DOMAIN_NAME/g" "$CATALINA_HOME/webapps/shrine-client/i2b2_config_data.js" && \
sed -i "s/SHRINE_WEBCLIENT_NAME/Domain $I2B2_DOMAIN_NAME/g" "$CATALINA_HOME/webapps/shrine-client/i2b2_config_data.js"
# configuration dependent on the arguments todo: log
ARG SHRINE_DEBUG_LEVEL_ARG="?"
ARG SHRINE_NODE_NAME_ARG="MedCo node 1"
ARG SHRINE_KEYSTORE_NODE_ALIAS_ARG="TODO"
ENV SHRINE_DEBUG_LEVEL="$SHRINE_DEBUG_LEVEL_ARG" \
SHRINE_NODE_NAME="$SHRINE_NODE_NAME_ARG" \
SHRINE_KEYSTORE_NODE_ALIAS="$SHRINE_KEYSTORE_NODE_ALIAS_ARG"
-RUN sed -i "s/SHRINE_KEYSTORE_PRIVATE_KEY_ALIAS/$SHRINE_KEYSTORE_NODE_ALIAS/g" "$CATALINA_HOME/conf/server.xml" && \
+RUN sed -i "s#SHRINE_DOWNSTREAM_NODES_FILE_PATH#$CONF_DIR/${SHRINE_KEYSTORE_NODE_ALIAS}_downstreamNodes.conf#g" "$CATALINA_HOME/lib/shrine.conf" && \
+ sed -i "s#SHRINE_ALIAS_MAP_FILE_PATH#$CONF_DIR/${SHRINE_KEYSTORE_NODE_ALIAS}_aliasMap.conf#g" "$CATALINA_HOME/lib/shrine.conf" && \
+
+ sed -i "s/SHRINE_KEYSTORE_PRIVATE_KEY_ALIAS/$SHRINE_KEYSTORE_NODE_ALIAS/g" "$CATALINA_HOME/conf/server.xml" && \
sed -i "s#SHRINE_KEYSTORE_FILE_PATH#$CONF_DIR/$SHRINE_KEYSTORE_NODE_ALIAS.keystore#g" "$CATALINA_HOME/conf/server.xml"
EXPOSE 6060 6443
VOLUME $CONF_DIR
WORKDIR $CONF_DIR
-
-# todo: exernal script to generate keys for unlynx + shrine keystore
-#mkdir /opt/shrine
-#keytool -genkeypair -keysize 2048 -alias 192.168.56.11 -dname "CN=192.168.56.11, OU=PriGen VM Node 1, O=SHRINE Network, L=Lausanne, S=VD, C=CH" -ext "SAN=IP:192.168.56.11" -keyalg RSA -keypass prigen -storepass prigen -keystore /opt/shrine/shrine.keystore -validity 7300
-#keytool -list -v -keystore /opt/shrine/shrine.keystore -storepass prigen
-#keytool -export -alias 192.168.56.11 -storepass prigen -file /opt/shrine/192.168.56.11.cer -keystore /opt/shrine/shrine.keystore
-#alias: localnode
-
-#For SHRINE 1.22.8, we strongly recommend that the network configuration is a "Hub-and-spoke". For hub-and-spoke systems, we recommend four certificates in SHRINE's shrine.keystore on nodes:
-#The node's signing cert so that its QEP can sign queries.
-#The hub's public CA cert so that its adapter can verify other nodes' signatures.
-#The hub's public https cert so that the node will trust the hub as a server.
-#A cert for this node to use to serve https, referenced in the server.xml file. (Use a cert signed by a public cert authority to avoid a warning in users' browsers.)
-#See what certs are there and remove any extras. SHRINE will verify that the signing cert is signed by the hub's public cert. Also, check that you are not relying on an expired cert. See Generate a Certificate Signing Request .
-
-#todo: https://open.med.harvard.edu/wiki/pages/viewpage.action?pageId=23986702
-#QEP User
-#The Steward application requires set of user credentials that it will use to submit queries through to SHRINE. It is recommended that this be a dedicated user separate from any other account. Additionally, it will need to have the parameter "qep" defined (name: qep, value: true, type: text), which can be set in the Manage Users section of the i2b2 Admin Panel.
-#In shrine.conf, make sure there is a shrineSteward block in the queryEntryPoint section, and that the qepUserName and qepPassword properties match the user with the qep parameter.
-#Steward User
-#In Steward application deployments that require manual topic approval, a trusted user will have to be given permission to review proposed research topics and approve/reject them. To mark a user as such, add the "DataSteward" parameter (name: DataSteward, value: true, type: text) to that user in the Manage Users section of the i2b2 Admin Panel.
diff --git a/shrine-server/conf/shrine.conf b/shrine-server/conf/shrine.conf
index e2a28a8..295776e 100644
--- a/shrine-server/conf/shrine.conf
+++ b/shrine-server/conf/shrine.conf
@@ -1,196 +1,196 @@
shrine {
pmEndpoint {
url = "http://i2b2-server:8080/i2b2/services/PMService/getServices"
timeout {
seconds = 10
}
}
ontEndpoint {
url = "http://i2b2-server:8080/i2b2/services/OntologyService/"
}
hiveCredentials {
# todo: parameters to take into account
domain = ${I2B2_DOMAIN_NAME}
username = "medcouser"
password = ${ADMIN_PASSWORD}
crcProjectId = "MedCo"
ontProjectId = "SHRINE"
}
queryEntryPoint {
create = true
includeAggregateResults = false
maxQueryWaitTime {
minutes = 5
}
trustModelIsHub = false
attachSigningCert = false
authenticationType = "pm"
authorizationType = "shrine-steward"
shrineSteward {
qepUserName = "AGG_SERVICE_ACCOUNT" // name of user the steward will submit queries as
qepPassword = ${DB_PASSWORD}
stewardBaseUrl = "https://localhost:6443" // typically hostname+port of Tomcat server running steward.war
}
}
hub {
create = true
- shouldQuerySelf = false
+ shouldQuerySelf = true
maxQueryWaitTime {
minutes = 4.5
}
downstreamNodes {
include file("SHRINE_DOWNSTREAM_NODES_FILE_PATH")
}
}
adapter {
crcEndpoint {
url = "http://i2b2-server:8080/i2b2/services/MedCoQueryService/"
}
setSizeObfuscation = false
adapterMappingsFileName = "AdapterMappings.xml"
# lockout disabled
adapterLockoutAttemptsThreshold = 0
maxSignatureAge {
minutes = 5
}
//obfuscation {
//binSize = 5 //by default. Round to the nearest binSize. Use 1 for no effect (to match SHRINE 1.21 and earlier).
//sigma = 6.5 //by default. Noise to inject. Use 0 for no effect. (Use 1.33 to match SHRINE 1.21 and earlier).
//clamp = 10 //by default. Maximum ammount of noise to inject. (Use 3 to match SHRINE 1.21 and earlier).
//}
// disabled
botDefense {
countsAndMilliseconds = [ //to turn off, use an empty json list
// {count = 10, milliseconds = 60000}, //allow up to 10 queries in one minute by default
// {count = 200, milliseconds = 36000000} //allow up to 200 queries in 10 hours by default
]
}
}
- networkStatusQuery = "\\\\NON_SENSITIVE_CLEAR\\medco\\clinical\\nonsensitive\\GENDER\\Male\\"
+ networkStatusQuery = "\\\\ENCRYPTED_KEY\\TEST_ENTRY\\"
humanReadableNodeName = ${SHRINE_NODE_NAME}
shrineDatabaseType = "mysql"
keystore {
file = ${CONF_DIR}/${SHRINE_KEYSTORE_NODE_ALIAS}.keystore
password = ${ADMIN_PASSWORD}
privateKeyAlias = ${SHRINE_KEYSTORE_NODE_ALIAS}
keyStoreType = "JKS"
// maps site alias (from downstream nodes) to the keystore alias
aliasMap = {
include file("SHRINE_ALIAS_MAP_FILE_PATH")
}
}
breakdownResultOutputTypes {
PATIENT_AGE_COUNT_XML {
description = "Age patient breakdown"
}
PATIENT_RACE_COUNT_XML {
description = "Race patient breakdown"
}
PATIENT_VITALSTATUS_COUNT_XML {
description = "Vital Status patient breakdown"
}
PATIENT_GENDER_COUNT_XML {
description = "Gender patient breakdown"
}
}
steward {
//Can be Pending, Approved, or TopcisIgnoredJustLog
//Pending - new topics start in the Pending state; researchers must wait for the Steward to approve them
//Approved - new topics start in the Approved state; researchers can use them immediately
//TopicsIgnoredJustLog - all queries are logged and approved; researchers don't need to create topics
createTopicsMode = Approved
database {
dataSourceFrom = "JNDI" // Can be JNDI or testDataSource. Use testDataSource for tests, JNDI everywhere else
jndiDataSourceName = "java:comp/env/jdbc/stewardDB" //leave out for tests
slickProfileClassName = "slick.driver.MySQLDriver$" // Can be scala.slick.driver.H2Driver$
// scala.slick.driver.MySQLDriver$
// scala.slick.driver.PostgresDriver$
// scala.slick.driver.SQLServerDriver$
// scala.slick.driver.JdbcDriver$
// com.typesafe.slick.driver.oracle.OracleDriver$
//
// (Yes, with the $ on the end)
// Note that SQLServerDriver and OracleDriver are not included with
// Slick by default. Either use JdbcDriver, or experiment with the
// closed-source package at:
// http://slick.typesafe.com/doc/2.1.0/extensions.html
}
emailDataSteward {
sendAuditEmails = false
// todo: fill if emails necessary
}
}
authenticate {
usersource {
domain = ${I2B2_DOMAIN_NAME}
}
}
problem {
problemHandler = "net.shrine.problem.LogAndDatabaseProblemHandler$"
}
dashboard {
gruntWatch = false //false for production, true for mvn tomcat7:run . Allows the client javascript and html files to be loaded via gruntWatch .
happyBaseUrl = "https://shrine-server:6443/shrine/rest/happy"
statusBaseUrl = "https://shrine-server:6443/shrine/rest/internalstatus"
database {
dataSourceFrom = "JNDI" //Can be JNDI or testDataSource . Use testDataSource for tests, JNDI everywhere else
jndiDataSourceName = "java:comp/env/jdbc/problemDB" //or leave out for tests
slickProfileClassName = "slick.driver.MySQLDriver$" // Can be
// slick.driver.H2Driver$
// slick.driver.MySQLDriver$
// slick.driver.PostgresDriver$
// slick.driver.SQLServerDriver$
// slick.driver.JdbcDriver$
// freeslick.OracleProfile$
// freeslick.MSSQLServerProfile$
//
// (Yes, with the $ on the end)
createTablesOnStart = false //for testing with H2 in memory, when not running unit tests. Set to false normally
}
}
metaData {
// todo: put appropriate info
siteAdminsContactInfo = ["admin1@example.com", "admin2@example.com"]
dataStewardContactInfo = "data.steward@example.com"
}
email {
// todo: fill if emails necessary
}
status {
permittedHostOfOrigin = "shrine-server"
}
}