final case class PublicServerConfig(address: String = "127.0.0.1", internalPort: Option[Port] = None, tls: Option[TlsBaseServerConfig] = None, keepAliveServer: Option[BasicKeepAliveServerConfig] = Some( BasicKeepAliveServerConfig() ), nonceExpirationInterval: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofMinutes(1), maxTokenExpirationInterval: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofHours(1), useExponentialRandomTokenExpiration: Boolean = false, overrideMaxRequestSize: Option[NonNegativeInt] = None) extends ServerConfig with UniformCantonConfigValidation with Product with Serializable
The public server configuration ServerConfig used by the synchronizer.
- nonceExpirationInterval
Expiration interval for a nonce that is generated for an authentication challenge. As an authentication request is expected to be followed up with almost immediately to generate an authentication token the nonce expiry should be short. The nonce is automatically invalided on use.
- maxTokenExpirationInterval
Expiration time interval for authentication tokens. Tokens are used to authenticate participants. Choose a shorter interval for better security and a longer interval for better performance.
- useExponentialRandomTokenExpiration
If enabled, the token expiration interval will be exponentially distributed with the following parameters:
scaleof0.75 * maxTokenExpirationInterval;- value is re-sampled to fit into the interval [maxTokenExpirationInterval / 2, maxTokenExpirationInterval]. This is useful to avoid the thundering herd problem when many tokens expire at the same time and should result in nearly uniform distribution of token expiration intervals. If disabled, the token expiration interval will be constant.
- overrideMaxRequestSize
overrides the default maximum request size in bytes on the sequencer node
- Alphabetic
- By Inheritance
- PublicServerConfig
- UniformCantonConfigValidation
- CustomCantonConfigValidation
- CantonConfigValidation
- ServerConfig
- Serializable
- Product
- Equals
- AnyRef
- Any
- Hide All
- Show All
- Public
- Protected
Instance Constructors
- new PublicServerConfig(address: String = "127.0.0.1", internalPort: Option[Port] = None, tls: Option[TlsBaseServerConfig] = None, keepAliveServer: Option[BasicKeepAliveServerConfig] = Some(
BasicKeepAliveServerConfig()
), nonceExpirationInterval: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofMinutes(1), maxTokenExpirationInterval: NonNegativeFiniteDuration = NonNegativeFiniteDuration.ofHours(1), useExponentialRandomTokenExpiration: Boolean = false, overrideMaxRequestSize: Option[NonNegativeInt] = None)
- nonceExpirationInterval
Expiration interval for a nonce that is generated for an authentication challenge. As an authentication request is expected to be followed up with almost immediately to generate an authentication token the nonce expiry should be short. The nonce is automatically invalided on use.
- maxTokenExpirationInterval
Expiration time interval for authentication tokens. Tokens are used to authenticate participants. Choose a shorter interval for better security and a longer interval for better performance.
- useExponentialRandomTokenExpiration
If enabled, the token expiration interval will be exponentially distributed with the following parameters:
scaleof0.75 * maxTokenExpirationInterval;- value is re-sampled to fit into the interval [maxTokenExpirationInterval / 2, maxTokenExpirationInterval]. This is useful to avoid the thundering herd problem when many tokens expire at the same time and should result in nearly uniform distribution of token expiration intervals. If disabled, the token expiration interval will be constant.
- overrideMaxRequestSize
overrides the default maximum request size in bytes on the sequencer node
Value Members
- final def !=(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- final def ##: Int
- Definition Classes
- AnyRef → Any
- final def ==(arg0: Any): Boolean
- Definition Classes
- AnyRef → Any
- val address: String
The address of the interface to be listening on
The address of the interface to be listening on
- Definition Classes
- PublicServerConfig → ServerConfig
- def adminToken: Option[String]
If defined, the admin-token based authoriztion will be supported when accessing this node through the given
addressandport.If defined, the admin-token based authoriztion will be supported when accessing this node through the given
addressandport.- Definition Classes
- PublicServerConfig → ServerConfig
- final def asInstanceOf[T0]: T0
- Definition Classes
- Any
- def authServices: Seq[AuthServiceConfig]
If any defined, enforces token based authorization when accessing this node through the given
addressandport.If any defined, enforces token based authorization when accessing this node through the given
addressandport.- Definition Classes
- PublicServerConfig → ServerConfig
- lazy val clientConfig: SequencerApiClientConfig
- def clone(): AnyRef
- Attributes
- protected[lang]
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
- def connection: String
- final def doValidate(edition: CantonEdition): Seq[CantonConfigValidationError]
Returns all validation errors that are specific to this Canton configuration class.
Returns all validation errors that are specific to this Canton configuration class. Successful validation should return an empty sequence.
Validation errors of subconfigurations should not be reported by this method, but via the type class derivation.
- Attributes
- protected
- Definition Classes
- UniformCantonConfigValidation → CustomCantonConfigValidation
- final def eq(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- final def getClass(): Class[_ <: AnyRef]
- Definition Classes
- AnyRef → Any
- Annotations
- @IntrinsicCandidate() @native()
- def instantiateServerInterceptors(tracingConfig: TracingConfig, apiLoggingConfig: ApiLoggingConfig, loggerFactory: NamedLoggerFactory, grpcMetrics: GrpcServerMetrics, authServices: Seq[AuthServiceConfig], adminToken: Option[CantonAdminToken], jwtTimestampLeeway: Option[JwtTimestampLeeway], telemetry: Telemetry): CantonServerInterceptors
Use the configuration to instantiate the interceptors for this server
Use the configuration to instantiate the interceptors for this server
- Definition Classes
- ServerConfig
- val internalPort: Option[Port]
Port to be listening on (must be greater than 0).
Port to be listening on (must be greater than 0). If the port is None, a default port will be assigned on startup.
NOTE: If you rename this field, adapt the corresponding product hint for config reading. In the configuration the field is still called
portfor usability reasons.- Definition Classes
- PublicServerConfig → ServerConfig
- final def isInstanceOf[T0]: Boolean
- Definition Classes
- Any
- def jwtTimestampLeeway: Option[JwtTimestampLeeway]
Leeway parameters for the jwt processing algorithms used in the authorization services
Leeway parameters for the jwt processing algorithms used in the authorization services
- Definition Classes
- PublicServerConfig → ServerConfig
- val keepAliveServer: Option[BasicKeepAliveServerConfig]
server keep alive settings
server keep alive settings
- Definition Classes
- PublicServerConfig → ServerConfig
- final def maxInboundMessageSize: NonNegativeInt
This setting has no effect.
This setting has no effect. Therfore hardcoding it to 0.
- Definition Classes
- PublicServerConfig → ServerConfig
- val maxTokenExpirationInterval: NonNegativeFiniteDuration
- final def ne(arg0: AnyRef): Boolean
- Definition Classes
- AnyRef
- val nonceExpirationInterval: NonNegativeFiniteDuration
- final def notify(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- final def notifyAll(): Unit
- Definition Classes
- AnyRef
- Annotations
- @IntrinsicCandidate() @native()
- val overrideMaxRequestSize: Option[NonNegativeInt]
- def port: Port
Returns the configured or the default port that must be assigned after config loading and before config usage.
Returns the configured or the default port that must be assigned after config loading and before config usage.
We split between
portandinternalPortto offer a clean API to users of the config in the form ofport, which must always return a configured or default port, and the internal representation that may be None before being assigned a default port.- Definition Classes
- ServerConfig
- def productElementNames: Iterator[String]
- Definition Classes
- Product
- def serverCertChainFile: Option[PemFileOrString]
server cert chain file if TLS is defined
server cert chain file if TLS is defined
Used for synchronizer internal GRPC sequencer connections
- Definition Classes
- PublicServerConfig → ServerConfig
- def sslContext: Option[SslContext]
If defined, dictates to use TLS when connecting to this node through the given
addressandport.If defined, dictates to use TLS when connecting to this node through the given
addressandport. Server authentication is always enabled. Subclasses may decide whether to support client authentication.- Definition Classes
- PublicServerConfig → ServerConfig
- final def synchronized[T0](arg0: => T0): T0
- Definition Classes
- AnyRef
- val tls: Option[TlsBaseServerConfig]
- val useExponentialRandomTokenExpiration: Boolean
- final def validate[T >: PublicServerConfig.this.type](edition: CantonEdition)(implicit validator: CantonConfigValidator[T]): Either[NonEmpty[Seq[CantonConfigValidationError]], Unit]
- Definition Classes
- CantonConfigValidation
- final def wait(arg0: Long, arg1: Int): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])
- final def wait(arg0: Long): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException]) @native()
- final def wait(): Unit
- Definition Classes
- AnyRef
- Annotations
- @throws(classOf[java.lang.InterruptedException])