• Document Up to Date
  • Updated On 4.0.3

Engine Project Configuration

Crafter Engine provides a flexible configuration system that allows site administrators to change the behavior of the project without the need to modify any code. Some properties are used by Crafter Engine itself, but developers can also add any custom property they need for their code. All properties will be available for developers in the Freemarker templates and Groovy scripts using the siteConfig variable.

XML Configuration Files

  • /config/engine/site-config.xml Main XML configuration for the project, this file will always be loaded by Crafter Engine. This file can be accessed easily from any project created through the out-of-the-box blueprints, by navigating from the Studio dashboard to Project Tools > Configuration, and finally picking up the Engine Project Configuration option from the list.

    Engine Project Configuration

  • /config/engine/{crafterEnv}-site-config.xml Environment specific XML configuration, these files will be loaded only when the value of the crafter.engine.environment property matches the crafterEnv placeholder in the file name.

  • $TOMCAT/shared/classes/crafter/engine/extension/sites/{siteName}/site-config.xml External XML configuration, this file will be always loaded by Crafter Engine when present and will allow to change configurations without having to modify the files in the project repository.

Note

Properties will be overridden according to the order the files are loaded which is the same as the list above: main site-config.xml, environment site-config.xml, external site-config.xml If the same property is present in all files the value from the external file will be used.

Note

Apache Commons Configuration (https://commons.apache.org/proper/commons-configuration/) is used to read all configuration files. The siteConfig variable is an instance of the XMLConfiguration class.

Configuration Properties

This example file contains the properties used by Crafter Engine (click on the triangle on the left to expand/collapse):

Sample file containing the properties used by Crafter Engine
  1<?xml version="1.0" encoding="UTF-8"?>
  2<!--
  3  ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
  4  ~
  5  ~ This program is free software: you can redistribute it and/or modify
  6  ~ it under the terms of the GNU General Public License version 3 as published by
  7  ~ the Free Software Foundation.
  8  ~
  9  ~ This program is distributed in the hope that it will be useful,
 10  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
 11  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 12  ~ GNU General Public License for more details.
 13  ~
 14  ~ You should have received a copy of the GNU General Public License
 15  ~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 16  -->
 17
 18<!--
 19    This file configures site properties used by Crafter Engine
 20
 21    Below are the properties used by Crafter Engine:
 22
 23    (General Properties)
 24    <indexFileName />  (The name of a page's index file)
 25    <defaultLocale />  (Default locale for the site)
 26
 27    (Navigation Properties)
 28    <navigation>
 29        <additionalFields /> (List of additional fields to include for dynamic navigation items)
 30    </navigation>
 31
 32    (Single Page Application Properties (React JS, Angular, Vue.js, etc.))
 33    <spa>
 34        <enabled /> (Enable/disable SPA mode, default is false)
 35        <viewName /> (The view name for the SPA (Single Page Application). Current view names can be a page URL (like /) or a template name (like /template/web/app.ftl). Default is /)
 36    </spa>
 37
 38    (Compatibility properties)
 39    <compatibility>
 40        <disableFullModelTypeConversion /> Disables full content model type conversion for backwards compatibility mode (false by default)
 41    </compatibility>
 42
 43
 44    (Filter Properties)
 45    <filters> (Defines the filter mappings)
 46        <filter>
 47            <script> (Specifies the complete path to the filter script)
 48                <mapping>
 49                    <include /> (Contains Ant patterns (separated by comma) that request URLs should match for the filter to be executed)
 50                    or
 51                    <exclude /> (Contains patterns that the requests shouldn't match)
 52                </mapping>
 53            </script>
 54        </filter>
 55    </filters>
 56
 57    (CORS Properties)
 58    <cors>
 59        <enable>true</enable> (Enable/disable CORS headers, default is false)
 60        (Values for each of the headers that will be added to responses)
 61        <accessControlMaxAge>3600</accessControlMaxAge>
 62        <accessControlAllowOrigin>*</accessControlAllowOrigin>
 63        <accessControlAllowMethods>GET\, OPTIONS</accessControlAllowMethods>
 64        <accessControlAllowHeaders>Content-Type</accessControlAllowHeaders>
 65        <accessControlAllowCredentials>true</accessControlAllowCredentials>
 66    </cors>
 67
 68    (Content Targeting Properties)
 69    <targeting>
 70        <enabled /> (Enable/disable content targeting, default is false)
 71        <rootFolders /> (Root folders handled for content targeting)
 72        <excludePatterns /> (Regex patterns used to exclude certain paths from content targeting)
 73        <availableTargetIds /> (Valid target IDs)
 74        <fallbackTargetId /> (Target ID used as a last resort when resolving targeted content)
 75        <mergeFolders /> (Sets whether the content of folders that have the same "family" of target IDs should be merged)
 76        <redirectToTargetedUrl /> (Sets whether the request should be redirected when the targeted URL is different from the current URL)
 77    </targeting>
 78
 79    (Profile Properties)
 80    <profile>
 81        <api>
 82            <accessTokenId /> (The access token to use for the Crafter Profile REST calls.  This should always be specified on multi-tenant configurations)
 83        </api>
 84    </profile>
 85
 86    (Security Properties)
 87    <security>
 88        <login>
 89            <formUrl /> (The URL of the login form page)
 90            <defaultSuccessUrl /> (The URL to redirect to if the login was successful and the user could not be redirected to the previous page)
 91            <alwaysUseDefaultSuccessUrl /> (Sets whether to always redirect to the default success URL after a successful login)
 92            <failureUrl /> (The URL to redirect to if the login fails)
 93        </login>
 94        <logout>
 95            <successUrl /> (The URL to redirect after a successful logout)
 96        </logout>
 97        <accessDenied>
 98            <errorPageUrl /> (The URL of the page to show when access has been denied to a user to a certain resource)
 99        </accessDenied>
100        <urlRestrictions> (Contains any number of restriction elements)
101            <restriction> (Restriction element, access is denied if a request matches the URL, and the expression evaluates to false)
102                <url /> (URL pattern)
103                <expression /> (Spring EL expression)
104            </restriction>
105        </urlRestrictions>
106    </security>
107
108    (Social Properties)
109    <socialConnections>
110        <facebookConnectionFactory>
111            <appId /> (The Facebook app ID required for establishing connections with Facebook)
112            <appSecret /> (The Facebook app secret required for establishing connections with Facebook)
113        </facebookConnectionFactory>
114    </socialConnections>
115
116    (Job Properties)
117    <jobs>
118        <jobFolder> (Specifies a folder which will be looked up for scripts to be scheduled using a certain cron expression)
119            <path /> (Path absolute to the site root)
120            <cronExpression /> (Cron expression)
121        </jobFolder>
122        <job> (Specifies a single script job to be scheduled)
123            <path />
124            <cronExpression />
125        </job>
126    </jobs>
127
128    (Cache Warm Up properties)
129    <cache>
130        <warmUp>
131            <descriptorFolders /> The descriptor folders that need to be pre-loaded in cache, separated by comma.
132            <contentFolders /> The content folders that need to be preloaded in cache, separated by comma.
133        </warmUp>
134    </cache>
135
136    (Header Mappings properties)
137    <headerMappings>
138        <mapping>
139            <urlPattern>/products/**</urlPattern> (Ant path pattern)
140            <headers>
141                <header>
142                    <name>Cache-Control</name>
143                    <value>max-age=60\, s-maxage=300</value>
144                </header>
145            </headers>
146        </mapping>
147        <mapping>
148            <urlPattern>/**/*.pdf</urlPattern> (Ant path pattern)
149            <headers>
150                <header>
151                    <name>X-Crafter-Document</name>
152                    <value>true</value>
153                </header>
154            </headers>
155        </mapping>
156    </headerMappings>
157
158    You can learn more about Crafter Engine site configuration in the docs at
159    http://craftercms.com/docs
160
161-->
162
163<site>
164    <!-- General properties -->
165    <indexFileName>index.xml</indexFileName>
166    <defaultLocale>en</defaultLocale>
167
168    <!-- Navigation properties -->
169    <!--
170    <navigation>
171        <additionalFields>navIcon,componentType</additionalFields>
172    </navigation>
173    -->
174
175    <!-- Compatibility properties -->
176    <compatibility>
177        <disableFullModelTypeConversion>false</disableFullModelTypeConversion>
178    </compatibility>
179
180
181    <!-- Filter properties -->
182    <filters>
183        <filter>
184            <script>/scripts/filters/testFilter1.groovy</script>
185            <mapping>
186                <include>/**</include>
187            </mapping>
188        </filter>
189        <filter>
190            <script>/scripts/filters/testFilter2.groovy</script>
191            <mapping>
192                <include>/**</include>
193            </mapping>
194        </filter>
195        <filter>
196            <script>/scripts/filters/testFilter3.groovy</script>
197            <mapping>
198                <include>/**</include>
199                <exclude>/static-assets/**</exclude>
200            </mapping>
201        </filter>
202    </filters>
203
204    <!-- CORS Properties -->
205    <cors>
206        <enable>true</enable>
207        <accessControlMaxAge>3600</accessControlMaxAge>
208        <accessControlAllowOrigin>*</accessControlAllowOrigin>
209        <accessControlAllowMethods>GET\, OPTIONS</accessControlAllowMethods>
210        <accessControlAllowHeaders>Content-Type</accessControlAllowHeaders>
211        <accessControlAllowCredentials>true</accessControlAllowCredentials>
212    </cors>
213
214    <!-- Content targeting properties -->
215    <targeting>
216        <enabled>true</enabled>
217        <rootFolders>/site/website</rootFolders>
218        <excludePatterns>/site/website/index\.xml</excludePatterns>
219        <availableTargetIds>en,ja,ja_JP,ja_JP_JP</availableTargetIds>
220        <fallbackTargetId>en</fallbackTargetId>
221        <mergeFolders>true</mergeFolders>
222        <redirectToTargetedUrl>false</redirectToTargetedUrl>
223    </targeting>
224
225    <!-- Profile properties -->
226    <profile>
227        <api>
228            <accessTokenId>${enc:q3l5YNoKH38RldAkg6EAGjxlI7+K7Cl4iEmMJNlemNOjcuhaaQNPLwAB824QcJKCbEeLfsg+QSfHCYNcNP/yMw==}</accessTokenId>
229        </api>
230    </profile>
231
232    <!-- Security properties -->
233    <security>
234        <login>
235            <formUrl>/signin</formUrl>
236            <defaultSuccessUrl>/home</defaultSuccessUrl>
237            <alwaysUseDefaultSuccessUrl>true</alwaysUseDefaultSuccessUrl>
238            <failureUrl>/signin?error=loginFailure</failureUrl>
239        </login>
240        <logout>
241            <successUrl>/home</successUrl>
242        </logout>
243        <accessDenied>
244            <errorPageUrl>/signin?error=accessDenied</errorPageUrl>
245        </accessDenied>
246        <urlRestrictions>
247            <restriction>
248                <url>/*</url>
249                <expression>hasRole('USER')</expression>
250            </restriction>
251        </urlRestrictions>
252    </security>
253
254    <!-- Social properties -->
255    <socialConnections>
256        <facebookConnectionFactory>
257            <appId>${enc:Nk4ZJWGGNIf9tt0X8BudixQhHekkBbG1AJE6myeqxp8=}</appId>
258            <appSecret>${enc:JOqVSAHHPYmIO8dC5VCz4KDBbKK466zKeAEowuDRqDammJ+07XmRbB+2ob5T8mg6gAEjDs5WxMuMiMPaDr4wOg==}</appSecret>
259        </facebookConnectionFactory>
260    </socialConnections>
261
262    <!-- Job properties -->
263    <jobs>
264        <jobFolder>
265            <path>/scripts/jobs/morejobs</path>
266            <cronExpression>0 0/15 * * * ?</cronExpression>
267        </jobFolder>
268        <job>
269            <path>/scripts/jobs/testJob.groovy</path>
270            <cronExpression>0 0/15 * * * ?</cronExpression>
271        </job>
272    </jobs>
273
274    <!-- Cache Warm Up properties -->
275    <cache>
276        <warmUp>
277            <descriptorFolders>/site:3</descriptorFolders>
278            <contentFolders>/scripts,/templates</contentFolders>
279        </warmUp>
280    </cache>
281
282    <!-- Header Mappings properties-->
283    <headerMappings>
284        <mapping>
285            <urlPattern>/products/**</urlPattern>
286            <headers>
287                <header>
288                    <name>Cache-Control</name>
289                    <value>max-age=60\, s-maxage=300</value>
290                </header>
291            </headers>
292        </mapping>
293        <mapping>
294            <urlPattern>/**/*.pdf</urlPattern>
295            <headers>
296                <header>
297                    <name>X-Crafter-Document</name>
298                    <value>true</value>
299                </header>
300            </headers>
301        </mapping>
302    </headerMappings>
303</site>


Crafter Engine Properties

  • indexFileName: The name of a page’s index file (default is index.xml).

  • defaultLocale: The default locale for the project. Used with content targeting through localization.

  • navigation.additionalFields: List of additional fields to include for dynamic navigation items (Example: <additionalFields>myTitle_s,myAuthor_s,…</additionalFields>)

  • spa: Used for Single Page Application (SPA) Properties (React JS, Angular, Vue.js, etc.). Contains <enabled> element which enables/disables SPA mode (default is false) and <viewName> element, the view name for the SPA (Single Page Application. Current view names can be a page URL (like /) or a template name (like /template/web/app.ftl). Default is /)

  • compatibility.disableFullModelTypeConversion: Disables full content model type conversion for backwards compatibility mode (false by default)

    Up to and including version 2: Crafter Engine, in the FreeMarker host only, converts model elements based on a suffix type hint, but only for the first level in the model, and not for _dt. For example, for contentModel.myvalue_i Integer is returned, but for contentModel.repeater.myvalue_i and contentModel.date_dt a String is returned. In the Groovy host no type of conversion was performed.

    In version 3 onwards: Crafter Engine converts elements with any suffix type hints (including _dt) at at any level in the content model and for both Freemarker and Groovy hosts.

  • filters: Used to define the filter mappings. Each <filter> element must contain a <script> element that specifies the complete path to the filter script, and a <mapping> element. In the <mapping> element, the <include> element contains the Ant patterns (separated by comma) that request URLs should match for the filter to be executed, while the <exclude> element contains the patterns that requests shouldn’t match.

  • cors.enable:true if CORS headers should be added to REST API responses when not in preview mode. Defaults to false.
    The elements <accessControlMaxAge>, <accessControlAllowOrigin>, <accessControlAllowMethods>, <accessControlAllowHeaders> and <accessControlAllowCredentials> have the values that will be copied to each response.

    <accessControlAllowOrigin> values are split using ,. Remember that commas inside patterns need to be escaped with a \, like this: <accessControlAllowOrigin>http://localhost:[8000\,3000],http://*.other.domain</accessControlAllowOrigin>

    <accessControlAllowMethods> and <accessControlAllowHeaders> values are split using ,. Remember to escape the commas , separating the values like this: <accessControlAllowHeaders>X-Custom-Header\, Content-Type</accessControlAllowHeaders> or <accessControlAllowMethods>GET\, OPTIONS</accessControlAllowMethods>

    Note

    When engine is in preview mode, it is a proxy and therefore will not add CORS headers to REST API responses even if CORS is enabled.

  • targeting.enabled:true if content targeting should be enabled. Defaults to false.

  • targeting.rootFolders: The root folders that should be handled for content targeting.

  • targeting.excludePatterns: Regex patterns that are used to exclude certain paths from content targeting.

  • targeting.availableTargetIds: The valid target IDs for content targeting (see Content Targeting Guide).

  • targeting.fallbackTargetId: The target ID that should be used as last resort when resolving targeted content. (see Content Targeting Guide).

  • targeting.mergeFolders: true if the content of folders that have the same “family” of target IDs should be merged. (see Content Targeting Guide).

  • targeting.redirectToTargetedUrl: true if the request should be redirected when the targeted URL is different from the current URL. (see Content Targeting Guide).

  • profile.api.accessToken: The access token to use for the Profile REST calls. This parameter should be always specified on multi-tenant configurations.

  • security.saml.token: The expected value for the secure key request header

  • security.saml.groups: Contains any number of <group> elements. Each <group> element contains a <name> element (The name of the group from the request header) and a <role> element (The value to use for the role in the profile).

  • security.saml.attributes: Contains any number of <attribute> elements. Each <attribute> element contains a <name> element (The name of the request header for the attribute) and a <field> element (The name of the field to use in the profile).

  • security.login.formUrl: The URL of the login form page. The default is /login.

  • security.login.defaultSuccessUrl: The URL to redirect to if the login was successful and the user couldn’t be redirected to the previous page. The default is /.

  • security.login.alwaysUseDefaultSuccessUrl: true if after successful login always redirect to the default success URL. The default is false.

  • security.login.failureUrl: The URL to redirect to if the login fails. The default is /login?login_error=true.

  • security.logout.successUrl: The URL to redirect after a successful logout. The default is /.

  • security.accessDenied.errorPageUrl: The URL of the page to show when access has been denied to a user to a certain resource. The default is /access-denied.

  • security.urlRestrictions: Contains any number of restriction elements. Each restriction is formed by an Ant-style path pattern (<url>) and a Spring EL expression (<expression>) executed against the current profile. If a request matches the URL, and the expression evaluates to false, access is denied. For more information, check UrlAccessRestrictionCheckingProcessor.java and AccessRestrictionExpressionRoot.java

    Note

    For the <url> Ant-style path pattern, <url>/*</url> indicates just one level of the URL and <url>/**</url> indicates all urls. For more information on Ant-style path pattern matching, see https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/util/AntPathMatcher.html

  • socialConnections.facebookConnectionFactory.appId: The Facebook app ID required for establishing connections with Facebook.

  • socialConnections.facebookConnectionFactory.appSecret: The Facebook app secret required for establishing connections with Facebook.

  • jobs.jobFolder: Specifies a folder which will be looked up for scripts to be scheduled using a certain cron expression. The folder path should be specified with <path>, and should be absolute to the project root. The cron expressions is specified in <cronExpression>.

  • jobs.job: Specifies a single script job to be scheduled. The job path should be specified in <path>, and the cron expression in <cronExpression>.

  • cache.warmUp.descriptorFolders: The descriptor folders (paths that contain XML that needs to be parsed, loaded and merged e.g. for inheritance. Most of the time this would be folders under /site) that need to be pre-loaded in cache, separated by comma, when not in preview mode. Specify the preload depth with :{depth} after the path. If no depth is specified, the folders and all their sub-folders will be fully preloaded. Example: <descriptorFolders>/site:3</descriptorFolders>

  • cache.warmUp.contentFolders: The content folders (mostly static, non-processed content, e.g. scripts, templates, static-assets) that need to be pre-loaded in cache, separated by comma, when not in preview mode. Specify the preload depth with :{depth} after the path. If no depth is specified, the folders and all their sub-folders will be fully pre-loaded. Example: <contentFolders>/scripts,/templates</contentFolders>

    Note

    Cache and ActiveCache do not function the same way as specified above when engine is in preview because the preview server does not cache to ensure the latest updates are seen immediately.

  • headerMappings.mapping.urlPattern Ant path pattern to match for adding headers to response

  • headerMappings.mapping.headers The headers that will be added to responses. Each <header> element must contain a <name> element that specifies the name of the header e.g. Cache-Control, and a <value> element containing directives, etc. (separated by an escaped comma) e.g. max-age=60\, s-maxage=300.

Note

Crafter Engine will not be able to load your Project Context if your configuration contains invalid XML or incorrect configuration.

Setting HTTP Response Headers

CrafterCMS supports adding headers to responses when there are matched configuration patterns in the Engine Project Configuration file

To setup HTTP response headers, do the following: - Configure the Ant path pattern to match for adding headers to response in headerMappings.mapping.urlPattern - Configure the <header> element and the <value>` element ` with your desired values under headerMappings.mapping.headers.

<headerMappings>
  <mapping>
    <urlPattern>/**/*.pdf</urlPattern>
    <headers>
      <header>
        <name>X-Crafter-Document</name>
        <value>true</value>
      </header>
    </headers>
  </mapping>
</headerMappings>

Setting Cache Headers

Cache headers allows specifying caching policies such as how an item is cached, maximum age before expiring, etc. These headers are extremely useful for indicating cache TTLs to CDNs and browsers on certain requests.

To setup cache headers, do the following:

  • Configure the Ant path pattern to match for adding headers to response in headerMappings.mapping.urlPattern

  • Configure the <header> element with the value Cache-Control and the element <value> with your desired Cache-Control directive under headerMappings.mapping.headers.

    See here for a list of available directives to use with Cache-Control.

Your configuration should look something like below:

    <headerMappings>
      <mapping>
        <urlPattern>/articles/**</urlPattern>
        <headers>
          <header>
            <name>Cache-Control</name>
            <value>max-age=60\, s-maxage=300</value>
          </header>
        <headers>
      </mapping>
    </headerMappings>

Please note that the Cache-Control header inserted to responses by default is set to No-Cache.

Spring Configuration

Each project can also have it’s own Spring application context. Just as with site-config.xml, beans can be overwritten using the following locations:

Spring Configuration Files
  • /config/engine/application-context.xml (This file can be accessed easily from any project created through the out-of-the-box blueprints, by navigating from the Studio dashboard to Project Tools > Configuration, and finally picking up the Engine Project Application Context option from the dropdown).

    Engine Project Application Context
  • /config/engine/{crafterEnv}-application-context.xml

  • $TOMCAT/shared/classes/crafter/engine/extension/sites/{siteName}/application-context.xml

The application context inherits from Engine’s own service-context.xml, and any class in Engine’s classpath can be used, including Groovy classes declared under /scripts/classes/*.

As an example, assuming you have defined a Groovy class under /scripts/classes/mypackage/MyClass.groovy, you can define a bean like this:

application-context.xml
 1      <?xml version="1.0" encoding="UTF-8"?>
 2      <beans xmlns="http://www.springframework.org/schema/beans"
 3             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
 5
 6  <bean class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer" parent="crafter.properties"/>
 7
 8  <bean id="greeting" class="mypackage.MyClass">
 9    <property name="myproperty" value="${myvalue}"/>
10  </bean>
11
12</beans>

A org.springframework.context.support.PropertySourcesPlaceholderConfigurer (like above) can be specified in the context so that the properties of site-config.xml can be used as placeholders, like ${myvalue}. By making the placeholder configurer inherit from crafter.properties, you’ll also have access to Engine’s global properties (like crafter.engine.preview).

Note

Crafter Engine will not be able to load your Project Context if your context file contains invalid XML, incorrect configuration or if your beans do not properly handle their own errors on initialization.