• Document Up to Date

Engine Site Configuration

Crafter Engine provides a flexible configuration system that allows site administrators to change the behavior of the site without the need to modify any code. Some properties are used by Crafter Engine itself, but developers can also add any custom property they need for their code. All properties will be available for developers in the Freemarker templates and Groovy scripts using the siteConfig variable.

XML Configuration Files

  • /config/engine/site-config.xml Main XML configuration for the site, this file will always be loaded by Crafter Engine. This file can be accessed easily from any site created through the out-of-the-box blueprints, by navigating from the Studio dashboard to Site Config > Configuration, and finally picking up the Engine Site Configuration option from the dropdown.

    Engine Site Configuration

  • /config/engine/{crafterEnv}-site-config.xml Environment specific XML configuration, these files will be loaded only when the value of the crafter.engine.environment property matches the crafterEnv placeholder in the file name.

  • $TOMCAT/shared/classes/crafter/engine/extension/sites/{siteName}/site-config.xml External XML configuration, this file will be always loaded by Crafter Engine when present and will allow to change configurations without having to modify the files in the site repository.

Note

Properties will be overridden according to the order the files are loaded which is the same as the list above: main site-config.xml, environment site-config.xml, external site-config.xml If the same property is present in all files the value from the external file will be used.

Note

Apache Commons Configuration (https://commons.apache.org/proper/commons-configuration/) is used to read all configuration files. The siteConfig variable is an instance of the XMLConfiguration class.

Configuration Properties

This example file contains the properties used by Crafter Engine:

site-config.xml
  1  <?xml version="1.0" encoding="UTF-8"?>
  2
  3  <!--
  4    This file configures site properties used by Crafter Engine
  5
  6    Below are the properties used by Crafter Engine:
  7
  8    (General Properties)
  9    <indexFileName />  (The name of a page's index file)
 10    <defaultLocale />  (Default locale for the site)
 11
 12    (Navigation Properties)
 13    <navigation>
 14      <additionalFields /> (List of additional fields to include for dynamic navigation items)
 15    </navigation>
 16
 17    (Single Page Application Properties (React JS, Angular, Vue.js, etc.))
 18    <spa>
 19      <enabled /> (Enable/disable SPA (Single Page Application) mode, default is false)
 20      <viewName /> (The view name for the SPA, which can be a page URL (like /) or a template name (like /template/web/app.ftl). Default is /)
 21    </spa>
 22
 23    (Compatibility properties)
 24    <compatibility>
 25      <disableFullModelTypeConversion /> Disables full content model type conversion for backwards compatibility mode (false by default)
 26    </compatibility>
 27
 28    (Filter Properties)
 29    <filters> (Defines the filter mappings)
 30      <filter>
 31        <script> (Specifies the complete path to the filter script)
 32          <mapping>
 33            <include /> (Contains Ant patterns (separated by comma) that request URLs should match for the filter to be executed)
 34              or
 35            <exclude /> (Contains patterns that the requests shouldn't match)
 36          </mapping>
 37        </script>
 38      </filter>
 39    </filters>
 40
 41    (CORS Properties)
 42    <cors>
 43      <enable>true</enable> (Enable/disable CORS headers, default is false)
 44      (Values for each of the headers that will be added to responses)
 45      <accessControlMaxAge>3600</accessControlMaxAge>
 46      <accessControlAllowOrigin>*</accessControlAllowOrigin>
 47      <accessControlAllowMethods>GET\, POST\, PUT</accessControlAllowMethods>
 48      <accessControlAllowHeaders>Content-Type</accessControlAllowHeaders>
 49      <accessControlAllowCredentials>true</accessControlAllowCredentials>
 50    </cors>
 51
 52    (Content Targeting Properties)
 53    <targeting>
 54      <enabled /> (Enable/disable content targeting, default is false)
 55      <rootFolders /> (Root folders handled for content targeting)
 56      <excludePatterns /> (Regex patterns used to exclude certain paths from content targeting)
 57      <availableTargetIds /> (Valid target IDs)
 58      <fallbackTargetId /> (Target ID used as a last resort when resolving targeted content)
 59      <mergeFolders /> (Sets whether the content of folders that have the same "family" of target IDs should be merged)
 60      <redirectToTargetedUrl /> (Sets whether the request should be redirected when the targeted URL is different from the current URL)
 61    </targeting>
 62
 63    (Profile Properties)
 64    <profile>
 65      <api>
 66        <accessTokenId /> (The access token to use for the Crafter Profile REST calls.  This should always be specified on multi-tenant configurations)
 67      </api>
 68    </profile>
 69
 70    (Security Properties)
 71    <security>
 72      <saml>
 73        <token/> (The expected value for the secure key request header)
 74        <groups>
 75          <group>
 76                <name/> (The name of the group from the request header)
 77                <role/> (The value to use for the role in the profile)
 78              </group>
 79        </groups>
 80        <attributes>
 81          <attribute>
 82                <name/> (The name of the request header for the attribute)
 83                <field/> (The name of the field to use in the profile)
 84              </attribute>
 85        </attributes>
 86      </saml/>
 87      <login>
 88        <formUrl /> (The URL of the login form page)
 89        <defaultSuccessUrl /> (The URL to redirect to if the login was successful and the user could not be redirected to the previous page)
 90        <alwaysUseDefaultSuccessUrl /> (Sets whether to always redirect to the default success URL after a successful login)
 91        <failureUrl /> (The URL to redirect to if the login fails)
 92      </login>
 93      <logout>
 94        <successUrl /> (The URL to redirect after a successful logout)
 95      </logout>
 96      <accessDenied>
 97        <errorPageUrl /> (The URL of the page to show when access has been denied to a user to a certain resource)
 98      </accessDenied>
 99      <urlRestrictions> (Contains any number of restriction elements)
100        <restriction> (Restriction element, access is denied if a request matches the URL, and the expression evaluates to false)
101          <url /> (URL pattern)
102          <expression /> (Spring EL expression)
103        </restriction>
104      </urlRestrictions>
105    </security>
106
107    (Social Properties)
108    <socialConnections>
109      <facebookConnectionFactory>
110        <appId /> (The Facebook app ID required for establishing connections with Facebook)
111        <appSecret /> (The Facebook app secret required for establishing connections with Facebook)
112      </facebookConnectionFactory>
113    </socialConnections>
114
115    (Job Properties)
116    <jobs>
117      <jobFolder> (Specifies a folder which will be looked up for scripts to be scheduled using a certain cron expression)
118        <path /> (Path absolute to the site root)
119        <cronExpression /> (Cron expression)
120      </jobFolder>
121      <job> (Specifies a single script job to be scheduled)
122        <path />
123        <cronExpression />
124      </job>
125    </jobs>
126
127    (Cache Warm Up properties)
128    <cache>
129      <warmUp>
130        <descriptorFolders /> The descriptor folders that need to be pre-loaded in cache, separated by comma.
131        <contentFolders /> The content folders that need to be preloaded in cache, separated by comma.
132      </warmUp>
133    </cache>
134
135    You can learn more about Crafter Engine site configuration here:
136    http://docs.craftercms.org/en/3.0/site-administrators/engine/engine-site-configuration.html
137
138-->
139
140<site>
141  <!-- General properties -->
142  <indexFileName>index.xml</indexFileName>
143  <defaultLocale>en</defaultLocale>
144
145  <!-- Navigation properties -->
146  <!--
147  <navigation>
148    <additionalFields>navIcon,componentType</additionalFields>
149  </navigation>
150  -->
151
152  <!-- Compatibility properties -->
153  <compatibility>
154    <disableFullModelTypeConversion>false</disableFullModelTypeConversion>
155  </compatibility>
156
157
158  <!-- Filter properties -->
159  <filters>
160    <filter>
161      <script>/scripts/filters/testFilter1.groovy</script>
162      <mapping>
163        <include>/**</include>
164      </mapping>
165    </filter>
166    <filter>
167      <script>/scripts/filters/testFilter2.groovy</script>
168      <mapping>
169        <include>/**</include>
170      </mapping>
171    </filter>
172    <filter>
173      <script>/scripts/filters/testFilter3.groovy</script>
174      <mapping>
175        <include>/**</include>
176        <exclude>/static-assets/**</exclude>
177      </mapping>
178    </filter>
179  </filters>
180
181  <!-- CORS Properties -->
182  <cors>
183    <enable>true</enable>
184    <accessControlMaxAge>3600</accessControlMaxAge>
185    <accessControlAllowOrigin>*</accessControlAllowOrigin>
186    <accessControlAllowMethods>GET\, POST\, PUT</accessControlAllowMethods>
187    <accessControlAllowHeaders>Content-Type</accessControlAllowHeaders>
188    <accessControlAllowCredentials>true</accessControlAllowCredentials>
189  </cors>
190
191  <!-- Content targeting properties -->
192  <targeting>
193    <enabled>true</enabled>
194    <rootFolders>/site/website</rootFolders>
195    <excludePatterns>/site/website/index\.xml</excludePatterns>
196    <availableTargetIds>en,ja,ja_JP,ja_JP_JP</availableTargetIds>
197    <fallbackTargetId>en</fallbackTargetId>
198    <mergeFolders>true</mergeFolders>
199    <redirectToTargetedUrl>false</redirectToTargetedUrl>
200  </targeting>
201
202  <!-- Profile properties -->
203  <profile>
204    <api>
205      <accessTokenId>${enc:q3l5YNoKH38RldAkg6EAGjxlI7+K7Cl4iEmMJNlemNOjcuhaaQNPLwAB824QcJKCbEeLfsg+QSfHCYNcNP/yMw==}</accessTokenId>
206    </api>
207  </profile>
208
209  <!-- Security properties -->
210  <security>
211    <saml>
212      <token>SOME_RANDOM_TOKEN</token>
213      <groups>
214        <group>
215          <name>MEMBER</name>
216          <role>memberUser</role>
217        </group>
218      </groups>
219      <attributes>
220        <attribute>
221          <name>givenName</name>
222          <field>firstName</field>
223        </attribute>
224      </attributes>
225    </saml>
226    <login>
227      <formUrl>/signin</formUrl>
228      <defaultSuccessUrl>/home</defaultSuccessUrl>
229      <alwaysUseDefaultSuccessUrl>true</alwaysUseDefaultSuccessUrl>
230      <failureUrl>/signin?error=loginFailure</failureUrl>
231    </login>
232    <logout>
233      <successUrl>/home</successUrl>
234    </logout>
235    <accessDenied>
236      <errorPageUrl>/signin?error=accessDenied</errorPageUrl>
237    </accessDenied>
238    <urlRestrictions>
239      <restriction>
240        <url>/*</url>
241        <expression>hasRole('USER')</expression>
242      </restriction>
243    </urlRestrictions>
244  </security>
245
246  <!-- Social properties -->
247  <socialConnections>
248    <facebookConnectionFactory>
249      <appId>${enc:ENCRYPTED_APP_ID}</appId>
250      <appSecret>${enc:ENCRYPTED_APP_SECRET}</appSecret>
251    </facebookConnectionFactory>
252  </socialConnections>
253
254  <!-- Job properties -->
255  <jobs>
256    <jobFolder>
257      <path>/scripts/jobs/morejobs</path>
258      <cronExpression>0 0/15 * * * ?</cronExpression>
259    </jobFolder>
260    <job>
261      <path>/scripts/jobs/testJob.groovy</path>
262      <cronExpression>0 0/15 * * * ?</cronExpression>
263    </job>
264  </jobs>
265
266  <!-- Cache Warm Up properties -->
267  <cache>
268    <warmUp>
269      <descriptorFolders>/site:3</descriptorFolders>
270      <contentFolders>/scripts,/templates</contentFolders>
271    </warmUp>
272  </cache>
273</site>

Crafter Engine Properties

  • indexFileName: The name of a page’s index file (default is index.xml).

  • defaultLocale: The default locale for the site. Used with content targeting through localization.

  • navigation.additionalFields: List of additional fields to include for dynamic navigation items (Example: <additionalFields>myTitle_s,myAuthor_s,…</additionalFields>)

  • spa: Used for Single Page Application (SPA) Properties (React JS, Angular, Vue.js, etc.). Contains <enabled> element which enables/disables SPA mode (default is false) and <viewName> element, the view name for the SPA (Single Page Application. Current view names can be a page URL (like /) or a template name (like /template/web/app.ftl). Default is /)

  • compatibility.disableFullModelTypeConversion: Disables full content model type conversion for backwards compatibility mode (false by default)

    Up to and including version 2: Crafter Engine, in the FreeMarker host only, converts model elements based on a suffix type hint, but only for the first level in the model, and not for _dt. For example, for contentModel.myvalue_i Integer is returned, but for contentModel.repeater.myvalue_i and contentModel.date_dt a String is returned. In the Groovy host no type of conversion was performed.

    In version 3 onwards: Crafter Engine converts elements with any suffix type hints (including _dt) at at any level in the content model and for both Freemarker and Groovy hosts.

  • filters: Used to define the filter mappings. Each <filter> element must contain a <script> element that specifies the complete path to the filter script, and a <mapping> element. In the <mapping> element, the <include> element contains the Ant patterns (separated by comma) that request URLs should match for the filter to be executed, while the <exclude> element contains the patterns that requests shouldn’t match.

  • cors.enable:true if CORS headers should be added to REST API responses. Defaults to false. The elements <accessControlMaxAge>, <accessControlAllowOrigin>, <accessControlAllowMethods>, <accessControlAllowHeaders> and <accessControlAllowCredentials> have the values that will be copied to each response.

  • targeting.enabled:true if content targeting should be enabled. Defaults to false.

  • targeting.rootFolders: The root folders that should be handled for content targeting.

  • targeting.excludePatterns: Regex patterns that are used to exclude certain paths from content targeting.

  • targeting.availableTargetIds: The valid target IDs for content targeting (see Content Targeting Guide).

  • targeting.fallbackTargetId: The target ID that should be used as last resort when resolving targeted content. (see Content Targeting Guide).

  • targeting.mergeFolders: true if the content of folders that have the same “family” of target IDs should be merged. (see Content Targeting Guide).

  • targeting.redirectToTargetedUrl: true if the request should be redirected when the targeted URL is different from the current URL. (see Content Targeting Guide).

  • profile.api.accessToken: The access token to use for the Profile REST calls. This parameter should be always specified on multi-tenant configurations.

  • security.saml.token: The expected value for the secure key request header

  • security.saml.groups: Contains any number of <group> elements. Each <group> element contains a <name> element (The name of the group from the request header) and a <role> element (The value to use for the role in the profile).

  • security.saml.attributes: Contains any number of <attribute> elements. Each <attribute> element contains a <name> element (The name of the request header for the attribute) and a <field> element (The name of the field to use in the profile).

  • security.login.formUrl: The URL of the login form page. The default is /login.

  • security.login.defaultSuccessUrl: The URL to redirect to if the login was successful and the user couldn’t be redirected to the previous page. The default is /.

  • security.login.alwaysUseDefaultSuccessUrl: true if after successful login always redirect to the default success URL. The default is false.

  • security.login.failureUrl: The URL to redirect to if the login fails. The default is /login?login_error=true.

  • security.logout.successUrl: The URL to redirect after a successful logout. The default is /.

  • security.accessDenied.errorPageUrl: The URL of the page to show when access has been denied to a user to a certain resource. The default is /access-denied.

  • security.urlRestrictions: Contains any number of restriction elements. Each restriction is formed by an Ant-style path pattern (<url>) and a Spring EL expression (<expression>) executed against the current profile. If a request matches the URL, and the expression evaluates to false, access is denied. For more information, check UrlAccessRestrictionCheckingProcessor.java and AccessRestrictionExpressionRoot.java

    Note

    For the <url> Ant-style path pattern, <url>/*</url> indicates just one level of the URL and <url>/**</url> indicates all urls. For more information on Ant-style path pattern matching, see https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/util/AntPathMatcher.html

  • socialConnections.facebookConnectionFactory.appId: The Facebook app ID required for establishing connections with Facebook.

  • socialConnections.facebookConnectionFactory.appSecret: The Facebook app secret required for establishing connections with Facebook.

  • jobs.jobFolder: Specifies a folder which will be looked up for scripts to be scheduled using a certain cron expression. The folder path should be specified with <path>, and should be absolute to the site root. The cron expressions is specified in <cronExpression>.

  • jobs.job: Specifies a single script job to be scheduled. The job path should be specified in <path>, and the cron expression in <cronExpression>.

  • cache.warmUp.descriptorFolders: The descriptor folders that need to be pre-loaded in cache, separated by comma. Specify the preload depth with :{depth} after the path. If no depth is specified, the folders and all their sub-folders will be fully preloaded. Example: <descriptorFolders>/site:3</descriptorFolders>

  • cache.warmUp.contentFolders: The content folders that need to be pre-loaded in cache, separated by comma. Specify the preload depth with :{depth} after the path. If no depth is specified, the folders and all their sub-folders will be fully pre-loaded. Example: <contentFolders>/scripts,/templates</contentFolders>

Note

Crafter Engine will not be able to load your Site Context if your configuration contains invalid XML or incorrect configuration.

Spring Configuration

Each site can also have it’s own Spring application context. Just as with site-config.xml, beans can be overwritten using the following locations:

Spring Configuration Files

  • /config/engine/application-context.xml (This file can be accessed easily from any site created through the out-of-the-box blueprints, by navigating from the Studio dashboard to Site Config > Configuration, and finally picking up the Engine Site Application Context option from the dropdown).

    Engine Site Application Context

  • /config/engine/{crafterEnv}-application-context.xml

  • $TOMCAT/shared/classes/crafter/engine/extension/sites/{siteName}/application-context.xml

The application context inherits from Engine’s own service-context.xml, and any class in Engine’s classpath can be used, including Groovy classes declared under /scripts/classes/*.

As an example, assuming you have defined a Groovy class under /scripts/classes/mypackage/MyClass.groovy, you can define a bean like this:

application-context.xml
 1      <?xml version="1.0" encoding="UTF-8"?>
 2      <beans xmlns="http://www.springframework.org/schema/beans"
 3             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
 5
 6  <bean class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer" parent="crafter.properties"/>
 7
 8  <bean id="greeting" class="mypackage.MyClass">
 9    <property name="myproperty" value="${myvalue}"/>
10  </bean>
11
12</beans>

A org.springframework.context.support.PropertySourcesPlaceholderConfigurer (like above) can be specified in the context so that the properties of site-config.xml can be used as placeholders, like ${myvalue}. By making the placeholder configurer inherit from crafter.properties, you’ll also have access to Engine’s global properties (like crafter.engine.preview).

Note

Crafter Engine will not be able to load your Site Context if your context file contains invalid XML, incorrect configuration or if your beans do not properly handle their own errors on initialization.