txture.properties - configuration file
The txture.properties file is part of the txture_home directory and an initial configuration starting point. The below example includes basic settings, that will mostly likely work for a start. Each setting is commented in the example below. Your Txture consultant will prepare this file for you when deploying on-premises.
Sections
Database
The single most important line of the txture.properties file is the database configuration.
This is required for startup and must be a JDBC connection string to a PostgreSQL 15 (or newer) server with valid credentials.
For the docker-compose.yml in the installation instructions, the following string is suitable:
txture.db.jdbc.url=jdbc:postgresql://txture-db:5432/{{txture_postgres_db_name}}?user={{txture_postgres_user}}&password={{txture_postgres_password}}
Authentication
All settings concerning the user authentication in Txture are reflected in the txture.properties file as well.
Their common prefix is txture.security.auth with sub settings for the individual authentication mechanisms.
Please note that only one of the authentication mechanisms can be activated (this setting is configured via txture.security.auth.enabled - see example below).
For details about the configuration of the individual authentication mechanisms, please consult the respective section in the user management documentation.
SMTP / Email Configuration
Settings with the txture.mail.sender. prefix are used to configure an SMTP account and/or server that is used by Txture to send out emails.
Emails are used for:
- Notifications about changes
- Surveys
- User invites
The configuration of an SMTP account is optional, but aforementioned features will not work if no account configured. The detailed settings are described in the example below.
Example file
# =================================================================================================
# TXTURE APPLICATION PROPERTIES
# -------------------------------------------------------------------------------------------------
# This file allows you to edit the startup properties used by the Txture server.
# Unless directed otherwise explicitly, please only change the values specified in the [PUBLIC]
# section.
# =================================================================================================
# JDBC connection string to PostgreSQL (replace all variables enclosed by curly brackets)
txture.db.jdbc.url=jdbc:postgresql://{{txture_postgres_hostname}}:5432/{{txture_postgres_db_name}}?user={{txture_postgres_user}}&password={{txture_postgres_password}}
# =================================================================================================
# PUBLIC PROPERTIES
# -------------------------------------------------------------------------------------------------
# You may need to change the following properties to adapt Txture to your environment.
# =================================================================================================
# PROPERTY: txture.server.url
# DESCRIPTION: Sets the URL of the Txture server that drives the REST-API.
# DEFAULT: No default. Required property.
txture.server.url=http://localhost:8080/txture
# PROPERTY: txture.api.gateway
# DESCRIPTION: Sets the URL of the API gateway that forwards calls to processing microservices
# DEFAULT: https://api.txture.io
txture.api.gateway=https://api.txture.io
# -------------------------------------------------------------------------------------------------
# SECURITY PROPERTIES
# These properties control how Txture authenticates users.
# -------------------------------------------------------------------------------------------------
# DEFAULT ADMINISTRATOR (permanently available)
# -------------------------------------------------------------------------------------------------
# PROPERTY: txture.security.admin.username
# DESCRIPTION: This property defines the username for the default administrator. Initially this
# username is set to "admin".
txture.security.admin.username=admin
# PROPERTY: txture.security.admin.password
# DESCRIPTION: This property defines the password for the default administrator. A BCrypt hash is
# expected to reflect this password. Please note that the adminstrator password will be reset to
# this value on each startup (prevent lock-outs).
txture.security.admin.password=$2a$10$b4KwqpBuLuEF84JOZuWz0On8ZSuofb/X5FRskGJmcspBG3F6YnBwK
# NON-SSO (AUTHENTICATION) CONFIGURATION
# -------------------------------------------------------------------------------------------------
# - txture.security.auth.enabled=local
# means the internal user database is used as the source for validation for a
# username and password.
# - txture.security.auth.enabled=ad
# means that Microsoft Active Directory (AD) is used to authenticate users.
# - txture.security.auth.enabled=ldap
# means that LDAP is used to validate the provided credentials.
# - txture.security.auth.enabled=maintenance
# means that only the default administrator can authenticate. Note that this settings
# implicitly disables SSO, if it was enabled.
# - txture.security.auth.enabled=false
# means that no application side authentication is performed. This value should be
# set if SSO should be the exclusive method for users to access the application.
txture.security.auth.enabled=local
# PROPERTY: txture.security.auth.ad.url
# DESCRIPTION: This property defines the (LDAP) URL to connect to an AD domain controller.
txture.security.auth.ad.url=ldap://your.AD.controller:3268
# PROPERTY: txture.security.auth.ad.domain
# DESCRIPTION: This property defines the AD domain to which users that sign in need to be related
# to.
txture.security.auth.ad.domain=COMPANY
# PROPERTY: txture.security.auth.ad.filter
# DESCRIPTION: This property defines the filter that allows to match a given username@domain (which
# in an actual authentication step replaces '{1}') or just username (which in an actual authentication
# step replaces '{0}') to a single AD object. Note that this filter must
# result in a single AD object to be considered for further credential checks.
txture.security.auth.ad.filter=(&(objectClass=user)(sAMAccountName={1}))
# PROPERTY: txture.security.auth.ldap.url
# DESCRIPTION: This property defines the URL (and port) of the LDAP server to connect to.
txture.security.auth.ldap.url=ldap://your.ldap.server:3268
# PROPERTY: txture.security.auth.ldap.manager.dn
# DESCRIPTION: This property defines the LDAP distinguished name (DN) which can be bound to an LDAP
# connection. Note that this manager DN needs to have (read-only) administrative rights.
txture.security.auth.ldap.manager.dn=cn=Administrator,cn=Users,dc=txture,dc=example,dc=com
# PROPERTY: txture.security.auth.ldap.manager.password
# DESCRIPTION: This property defines the password with which the manager DN ca be bound to an LDAP
# connection. The way this password is provided (plain or hashed) depends on the LDAP server setup.
txture.security.auth.ldap.manager.password=txture123!
# PROPERTY: txture.security.auth.ldap.pattern
# DESCRIPTION: This property defines the base DN that reflects the subtree in LDAP off which all
# operations are started from.
txture.security.auth.ldap.baseDn=dc=txture,dc=example,dc=com
# PROPERTY: txture.security.auth.ldap.filter
# DESCRIPTION: This property defines the filter that allows to match a given username (which in an
# actual authentication step replaces '{0}') to a single LDAP object. Note that this filter must
# result in a single LDAP object to be considered for further credential checks.
txture.security.auth.ldap.filter=(&(objectClass=user)(sAMAccountName={0}))
# SSO CONFIGURATION
# -------------------------------------------------------------------------------------------------
# PROPERTY: txture.security.sso.enabled
# DESCRIPTION: This property defines whether SSO is enabled (or not) and which SSO method is used.
# Valid modes and values for this property are
#
# - txture.security.sso.enabled=header
# means that a pre-authenticated token that reflects the username is sent with each
# HTTP request. The determined username is only checked for existence within the
# internal user database. Please note the dedicated section of properties related to
# header authentication under 'txture.security.sso.header.*'
# - txture.security.sso.enabled=ntlm
# means that a token that reflects the username is sent with each
# HTTP request and gets pre-authenticated via a challenge-response against the
# (Windows) infrastructure. The determined username is finally checked for existence
# within the internal user database. Please note the dedicated section of properties
# related to NTLM authentication under 'txture.security.sso.ntlm.*'
# - txture.security.sso.enabled=false
# means that SSO is disabled and that a login screen should be presented to users.
txture.security.sso.enabled=false
# PROPERTY: txture.security.sso.header.name
# DESCRIPTION: This property defines the name of the header parameter that contains the user name.
txture.security.sso.header.name=REMOTE_USER
# PROPERTY: txture.security.sso.header.pattern
# DESCRIPTION: This property defines the pattern (as regular expression) that needs to be applied
# to received header values in order to mask the actual contained user name. Note that in order
# to extract a part of the given value, a matching group must be defined (by using '(' and ')').
txture.security.sso.header.pattern=(.*)
# PROPERTY: txture.security.sso.ntlm.pattern
# DESCRIPTION: This property defines the pattern (as regular expression) that needs to be applied
# to the 'remote user' header property in order to mask the actual contained user name. Note that
# in order to extract a part of the given value, a matching group must be defined (by using '('
# and ')').
txture.security.sso.ntlm.pattern=.*?\\\\(.*)
# =================================================================================================
# INTERNAL PROPERTIES
# -------------------------------------------------------------------------------------------------
# Please do not change these properties unless directed explicitly.
# =================================================================================================
# -------------------------------------------------------------------------------------------------
# LOGGING PROPERTIES
# These properties control log properties such as log-level, automatic error and health reporting
# -------------------------------------------------------------------------------------------------
# PROPERTY: txture.log.verbose
# DESCRIPTION: This property enables or disables the debug/verbose-logging mode in Txture.
#
# - txture.log.verbose=false
# means that the debug/verbose-logging mode is disabled. This is the default.
# - txture.log.verbose=true
# means that the debug/verbose-logging mode is enabled.
txture.log.verbose=false
# PROPERTY: txture.reportErrors
# DESCRIPTION: This property enables or disables automatic bug report submission. Please feel free
# to activate error reporting in order to help us identify issues.
#
# - txture.reportErrors=false
# means that automatic bug reporting is disabled. This is the default.
# - txture.reportErrors=true
# means that automatic bug reporting is enabled.
txture.reportErrors=false
# PROPERTY: txture.statistics.report.enabled
# DESCRIPTION: This property enables or disables automatic health status submission.
#
# - txture.statistics.report.enabled=false
# means that automatic health status submission is disabled. This is the default.
# - txture.statistics.report.enabled=true
# means that automatic health status submission is enabled.
txture.statistics.report.enabled=false
# -------------------------------------------------------------------------------------------------
# EMAIL PROPERTIES
# These properties control the settings for email delivery. Emails are used for surveys and
# welcome emails.
# -------------------------------------------------------------------------------------------------
txture.mail.sender.protocol=smtp
txture.mail.sender.host=YOURSMTPHOST
txture.mail.sender.port=587
# defines whether a username/password authentication will be used
txture.mail.sender.smtp.auth=true
txture.mail.sender.username=USER
txture.mail.sender.password=PASSWORD
# defines whether TLS encryption will be attempted
txture.mail.sender.smtp.starttls.enable=true
txture.mail.sender.address=your-email@example.com