Blacklist

This Support system makes it possible for systems with operator role or proper permissions to ban other systems from the Local Cloud.

There are operations that provide some information about the blacklist. These are available for every system.

Learn more:
Abstract System Description (SysD)

Services

blacklistDiscovery

The purpose of blacklistDiscovery is to provide information about the blacklist. This service is offered for both Application and Core/Support systems.

Learn more:
Abstract Service Description (SD)
generic_http (IDD) | generic_https (IDD)
generic_mqtt (IDD) | generic_mqtts (IDD)
since: v5.0.0

lookup

This service operation returns the blacklist entries that are in force and apply to the requester. Note that lookup is enabled even if the requester is blacklisted.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

check

This service operation allows systems to check whether another system is blacklisted.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

---

blacklistManagement

Its purpose is to manage (query, create and remove) blacklist entries in bulk. The service is offered for administrative Support systems.

Learn more:
Abstract Service Description (SD)
generic_http (IDD) | generic_https (IDD)
generic_mqtt (IDD) | generic_mqtts (IDD)
since: v5.0.0

query

This service operation returns existing blacklist entries according to the given filters.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

create

This service operation creates active blacklist entries in bulk.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

remove

This service operation inactivates every entry that applies to the specified systems. Note that this will not remove the entry from the database.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

---

generalManagement

Its purpose is to get some information about the hosting system’s behavior, such as log entries and configuration settings. The service is offered for administrative Support systems.

Learn more:
Abstract Service Description (SD)
generic_http (IDD) | generic_https (IDD)
generic_mqtt (IDD) | generic_mqtts (IDD)
since: v5.0.0

get-log

This service operation lists the log entries of the system that matches the filtering requirements.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

get-config

This service operation lists the current values of the specified configuration settings.

Example: generic_http | generic_https
Example: generic_mqtt | generic_mqtts

Configuration

The system configuration properties can be found in the application.properties file located at /src/main/resources folder.

Note: During the build process this file is going to be built into the executable JAR, but also going to be copied next to the JAR file. Any modification in the configuration file located next to the executable JAR file will override the built in configuration property value.

General parameters

See the general configuration properties.

Database parameters

spring.datasource.url

URL to the database.

spring.datasource.username

Username to the database.

spring.datasource.password

Password to the database.

spring.datasource.driver-class-name

The driver provides the connection to the database and implements the protocol for transferring the query and result between client and database.

spring.jpa.show-sql

Set to true in order to log out the SQL queries.

spring.jpa.properties.hibernate.format sql

Set to true to log out SQL queries in pretty format. (Effective only when 'spring.jpa.show-sql' is 'true')

spring.jpa.hibernate.ddl-auto

Auto initialization of database tables. Value must be always 'none'.

Custom parameters

enable.management.filter

Enable or disable authorization for accessing the management services. Can be true of false.

management.policy

Way of authorizing the management service requester systems. Can be:

• sysop-only, when the authenticated requester system has system-operator role that ensures overall management permission.
• whitelist, sysop-only and when the authenticated requester system is whitelisted in the management.whitelist configuration property that ensures overall management permission.
• authorization, sysop-only and whitelist and when the authenticated requester system has appropriate service permission according to the ConsumerAuthorization Core system.

management.whitelist

Name of the systems which can access to management services in case of whitelist policy is effective.

max.page.size

Specifies the maximum number of records a page can contain in case of pageable service responses.

whitelist

Name of the systems that cannot be blacklisted. By starting the application, existing blacklist records belonging to these systems will be inactivated as well.

Logging configuration

The logging configuration properties can be found in the log4j2.xml file located at src/main/resources folder.

Note: During the build process this file is going to be built into the executable JAR, but it is also possible to override it by an external file. For that use the following command when starting the system:

java -jar arrowhead-blacklist-x.x.x.jar
     -Dlog4j.configurationFile=path-to-external-file

JDBC_LEVEL

Set this to change the level of log messages in the database. Levels: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF.

CONSOLE FILE LEVEL

Set this to change the level of log messages in consol and the log file. Levels: ALL, TRACE, DEBUG, INFO, WARN, ERROR, FATAL, OFF.

LOG_DIR

Set this to change the directory of log files.

Changelog

v5.0.0

Related in CL-5.0.0

• general
• arrowhead-common-utils
• arrowhead-data-transfer-objects
• arrowhead-blacklist