Engine Project Configuration
Crafter Engine provides a flexible configuration system that allows site administrators to change
the behavior of the project without the need to modify any code. Some properties are used by Crafter
Engine itself, but developers can also add any custom property they need for their code. All
properties will be available for developers in the Freemarker templates and Groovy scripts using the
siteConfig
variable.
XML Configuration Files
/config/engine/site-config.xml
Main XML configuration for the project, this file will always be loaded by Crafter Engine. This file can be accessed easily from any project created through the out-of-the-box blueprints, by navigating from the Studio dashboard toProject Tools
>Configuration
, and finally picking up theEngine Project Configuration
option from the list.
/config/engine/{crafterEnv}-site-config.xml
Environment specific XML configuration, these files will be loaded only when the value of thecrafter.engine.environment
property matches the crafterEnv placeholder in the file name.
$TOMCAT/shared/classes/crafter/engine/extension/sites/{siteName}/site-config.xml
External XML configuration, this file will be always loaded by Crafter Engine when present and will allow to change configurations without having to modify the files in the project repository.
Note
Properties will be overridden according to the order the files are loaded which is the same as the list above: main site-config.xml, environment site-config.xml, external site-config.xml If the same property is present in all files the value from the external file will be used.
Note
Apache Commons Configuration (https://commons.apache.org/proper/commons-configuration/) is used
to read all configuration files. The siteConfig
variable is an instance of the
XMLConfiguration
class.
Configuration Properties
This example file contains the properties used by Crafter Engine (click on the triangle on the left to expand/collapse):
Sample file containing the properties used by Crafter Engine
1<?xml version="1.0" encoding="UTF-8"?>
2<!--
3 ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
4 ~
5 ~ This program is free software: you can redistribute it and/or modify
6 ~ it under the terms of the GNU General Public License version 3 as published by
7 ~ the Free Software Foundation.
8 ~
9 ~ This program is distributed in the hope that it will be useful,
10 ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
11 ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 ~ GNU General Public License for more details.
13 ~
14 ~ You should have received a copy of the GNU General Public License
15 ~ along with this program. If not, see <http://www.gnu.org/licenses/>.
16 -->
17
18<!--
19 This file configures site properties used by Crafter Engine
20
21 Below are the properties used by Crafter Engine:
22
23 (General Properties)
24 <indexFileName /> (The name of a page's index file)
25 <defaultLocale /> (Default locale for the site)
26
27 (Navigation Properties)
28 <navigation>
29 <additionalFields /> (List of additional fields to include for dynamic navigation items)
30 </navigation>
31
32 (Single Page Application Properties (React JS, Angular, Vue.js, etc.))
33 <spa>
34 <enabled /> (Enable/disable SPA mode, default is false)
35 <viewName /> (The view name for the SPA (Single Page Application). Current view names can be a page URL (like /) or a template name (like /template/web/app.ftl). Default is /)
36 </spa>
37
38 (Compatibility properties)
39 <compatibility>
40 <disableFullModelTypeConversion /> Disables full content model type conversion for backwards compatibility mode (false by default)
41 </compatibility>
42
43
44 (Filter Properties)
45 <filters> (Defines the filter mappings)
46 <filter>
47 <script> (Specifies the complete path to the filter script)
48 <mapping>
49 <include /> (Contains Ant patterns (separated by comma) that request URLs should match for the filter to be executed)
50 or
51 <exclude /> (Contains patterns that the requests shouldn't match)
52 </mapping>
53 </script>
54 </filter>
55 </filters>
56
57 (CORS Properties)
58 <cors>
59 <enable>true</enable> (Enable/disable CORS headers, default is false)
60 (Values for each of the headers that will be added to responses)
61 <accessControlMaxAge>3600</accessControlMaxAge>
62 <accessControlAllowOrigin>*</accessControlAllowOrigin>
63 <accessControlAllowMethods>GET\, OPTIONS</accessControlAllowMethods>
64 <accessControlAllowHeaders>Content-Type</accessControlAllowHeaders>
65 <accessControlAllowCredentials>true</accessControlAllowCredentials>
66 </cors>
67
68 (Content Targeting Properties)
69 <targeting>
70 <enabled /> (Enable/disable content targeting, default is false)
71 <rootFolders /> (Root folders handled for content targeting)
72 <excludePatterns /> (Regex patterns used to exclude certain paths from content targeting)
73 <availableTargetIds /> (Valid target IDs)
74 <fallbackTargetId /> (Target ID used as a last resort when resolving targeted content)
75 <mergeFolders /> (Sets whether the content of folders that have the same "family" of target IDs should be merged)
76 <redirectToTargetedUrl /> (Sets whether the request should be redirected when the targeted URL is different from the current URL)
77 </targeting>
78
79 (Profile Properties)
80 <profile>
81 <api>
82 <accessTokenId /> (The access token to use for the Crafter Profile REST calls. This should always be specified on multi-tenant configurations)
83 </api>
84 </profile>
85
86 (Security Properties)
87 <security>
88 <login>
89 <formUrl /> (The URL of the login form page)
90 <defaultSuccessUrl /> (The URL to redirect to if the login was successful and the user could not be redirected to the previous page)
91 <alwaysUseDefaultSuccessUrl /> (Sets whether to always redirect to the default success URL after a successful login)
92 <failureUrl /> (The URL to redirect to if the login fails)
93 </login>
94 <logout>
95 <successUrl /> (The URL to redirect after a successful logout)
96 </logout>
97 <accessDenied>
98 <errorPageUrl /> (The URL of the page to show when access has been denied to a user to a certain resource)
99 </accessDenied>
100 <urlRestrictions> (Contains any number of restriction elements)
101 <restriction> (Restriction element, access is denied if a request matches the URL, and the expression evaluates to false)
102 <url /> (URL pattern)
103 <expression /> (Spring EL expression)
104 </restriction>
105 </urlRestrictions>
106 </security>
107
108 (Social Properties)
109 <socialConnections>
110 <facebookConnectionFactory>
111 <appId /> (The Facebook app ID required for establishing connections with Facebook)
112 <appSecret /> (The Facebook app secret required for establishing connections with Facebook)
113 </facebookConnectionFactory>
114 </socialConnections>
115
116 (Job Properties)
117 <jobs>
118 <jobFolder> (Specifies a folder which will be looked up for scripts to be scheduled using a certain cron expression)
119 <path /> (Path absolute to the site root)
120 <cronExpression /> (Cron expression)
121 </jobFolder>
122 <job> (Specifies a single script job to be scheduled)
123 <path />
124 <cronExpression />
125 </job>
126 </jobs>
127
128 (Cache Warm Up properties)
129 <cache>
130 <warmUp>
131 <descriptorFolders /> The descriptor folders that need to be pre-loaded in cache, separated by comma.
132 <contentFolders /> The content folders that need to be preloaded in cache, separated by comma.
133 </warmUp>
134 </cache>
135
136 (Header Mappings properties)
137 <headerMappings>
138 <mapping>
139 <urlPattern>/products/**</urlPattern> (Ant path pattern)
140 <headers>
141 <header>
142 <name>Cache-Control</name>
143 <value>max-age=60\, s-maxage=300</value>
144 </header>
145 </headers>
146 </mapping>
147 <mapping>
148 <urlPattern>/**/*.pdf</urlPattern> (Ant path pattern)
149 <headers>
150 <header>
151 <name>X-Crafter-Document</name>
152 <value>true</value>
153 </header>
154 </headers>
155 </mapping>
156 </headerMappings>
157
158 You can learn more about Crafter Engine site configuration in the docs at
159 http://craftercms.com/docs
160
161-->
162
163<site>
164 <!-- General properties -->
165 <indexFileName>index.xml</indexFileName>
166 <defaultLocale>en</defaultLocale>
167
168 <!-- Navigation properties -->
169 <!--
170 <navigation>
171 <additionalFields>navIcon,componentType</additionalFields>
172 </navigation>
173 -->
174
175 <!-- Compatibility properties -->
176 <compatibility>
177 <disableFullModelTypeConversion>false</disableFullModelTypeConversion>
178 </compatibility>
179
180
181 <!-- Filter properties -->
182 <filters>
183 <filter>
184 <script>/scripts/filters/testFilter1.groovy</script>
185 <mapping>
186 <include>/**</include>
187 </mapping>
188 </filter>
189 <filter>
190 <script>/scripts/filters/testFilter2.groovy</script>
191 <mapping>
192 <include>/**</include>
193 </mapping>
194 </filter>
195 <filter>
196 <script>/scripts/filters/testFilter3.groovy</script>
197 <mapping>
198 <include>/**</include>
199 <exclude>/static-assets/**</exclude>
200 </mapping>
201 </filter>
202 </filters>
203
204 <!-- CORS Properties -->
205 <cors>
206 <enable>true</enable>
207 <accessControlMaxAge>3600</accessControlMaxAge>
208 <accessControlAllowOrigin>*</accessControlAllowOrigin>
209 <accessControlAllowMethods>GET\, OPTIONS</accessControlAllowMethods>
210 <accessControlAllowHeaders>Content-Type</accessControlAllowHeaders>
211 <accessControlAllowCredentials>true</accessControlAllowCredentials>
212 </cors>
213
214 <!-- Content targeting properties -->
215 <targeting>
216 <enabled>true</enabled>
217 <rootFolders>/site/website</rootFolders>
218 <excludePatterns>/site/website/index\.xml</excludePatterns>
219 <availableTargetIds>en,ja,ja_JP,ja_JP_JP</availableTargetIds>
220 <fallbackTargetId>en</fallbackTargetId>
221 <mergeFolders>true</mergeFolders>
222 <redirectToTargetedUrl>false</redirectToTargetedUrl>
223 </targeting>
224
225 <!-- Profile properties -->
226 <profile>
227 <api>
228 <accessTokenId>${enc:q3l5YNoKH38RldAkg6EAGjxlI7+K7Cl4iEmMJNlemNOjcuhaaQNPLwAB824QcJKCbEeLfsg+QSfHCYNcNP/yMw==}</accessTokenId>
229 </api>
230 </profile>
231
232 <!-- Security properties -->
233 <security>
234 <login>
235 <formUrl>/signin</formUrl>
236 <defaultSuccessUrl>/home</defaultSuccessUrl>
237 <alwaysUseDefaultSuccessUrl>true</alwaysUseDefaultSuccessUrl>
238 <failureUrl>/signin?error=loginFailure</failureUrl>
239 </login>
240 <logout>
241 <successUrl>/home</successUrl>
242 </logout>
243 <accessDenied>
244 <errorPageUrl>/signin?error=accessDenied</errorPageUrl>
245 </accessDenied>
246 <urlRestrictions>
247 <restriction>
248 <url>/*</url>
249 <expression>hasRole('USER')</expression>
250 </restriction>
251 </urlRestrictions>
252 </security>
253
254 <!-- Social properties -->
255 <socialConnections>
256 <facebookConnectionFactory>
257 <appId>${enc:Nk4ZJWGGNIf9tt0X8BudixQhHekkBbG1AJE6myeqxp8=}</appId>
258 <appSecret>${enc:JOqVSAHHPYmIO8dC5VCz4KDBbKK466zKeAEowuDRqDammJ+07XmRbB+2ob5T8mg6gAEjDs5WxMuMiMPaDr4wOg==}</appSecret>
259 </facebookConnectionFactory>
260 </socialConnections>
261
262 <!-- Job properties -->
263 <jobs>
264 <jobFolder>
265 <path>/scripts/jobs/morejobs</path>
266 <cronExpression>0 0/15 * * * ?</cronExpression>
267 </jobFolder>
268 <job>
269 <path>/scripts/jobs/testJob.groovy</path>
270 <cronExpression>0 0/15 * * * ?</cronExpression>
271 </job>
272 </jobs>
273
274 <!-- Cache Warm Up properties -->
275 <cache>
276 <warmUp>
277 <descriptorFolders>/site:3</descriptorFolders>
278 <contentFolders>/scripts,/templates</contentFolders>
279 </warmUp>
280 </cache>
281
282 <!-- Header Mappings properties-->
283 <headerMappings>
284 <mapping>
285 <urlPattern>/products/**</urlPattern>
286 <headers>
287 <header>
288 <name>Cache-Control</name>
289 <value>max-age=60\, s-maxage=300</value>
290 </header>
291 </headers>
292 </mapping>
293 <mapping>
294 <urlPattern>/**/*.pdf</urlPattern>
295 <headers>
296 <header>
297 <name>X-Crafter-Document</name>
298 <value>true</value>
299 </header>
300 </headers>
301 </mapping>
302 </headerMappings>
303</site>
Crafter Engine Properties
indexFileName: The name of a page’s index file (default is
index.xml
).defaultLocale: The default locale for the project. Used with content targeting through localization.
navigation.additionalFields: List of additional fields to include for dynamic navigation items (Example: <additionalFields>myTitle_s,myAuthor_s,…</additionalFields>)
spa: Used for Single Page Application (SPA) Properties (React JS, Angular, Vue.js, etc.). Contains
<enabled>
element which enables/disables SPA mode (default is false) and<viewName>
element, the view name for the SPA (Single Page Application. Current view names can be a page URL (like/
) or a template name (like/template/web/app.ftl
). Default is/
)compatibility.disableFullModelTypeConversion: Disables full content model type conversion for backwards compatibility mode (false by default)
Up to and including version 2: Crafter Engine, in the FreeMarker host only, converts model elements based on a suffix type hint, but only for the first level in the model, and not for _dt. For example, for contentModel.myvalue_i Integer is returned, but for contentModel.repeater.myvalue_i and contentModel.date_dt a String is returned. In the Groovy host no type of conversion was performed.
In version 3 onwards: Crafter Engine converts elements with any suffix type hints (including _dt) at at any level in the content model and for both Freemarker and Groovy hosts.
filters: Used to define the filter mappings. Each
<filter>
element must contain a<script>
element that specifies the complete path to the filter script, and a<mapping>
element. In the<mapping>
element, the<include>
element contains the Ant patterns (separated by comma) that request URLs should match for the filter to be executed, while the<exclude>
element contains the patterns that requests shouldn’t match.cors.enable:
true
if CORS headers should be added to REST API responses when not in preview mode. Defaults to false.
The elements<accessControlMaxAge>
,<accessControlAllowOrigin>
,<accessControlAllowMethods>
,<accessControlAllowHeaders>
and<accessControlAllowCredentials>
have the values that will be copied to each response.
<accessControlAllowOrigin>
values are split using,
. Remember that commas inside patterns need to be escaped with a\
, like this:<accessControlAllowOrigin>http://localhost:[8000\,3000],http://*.other.domain</accessControlAllowOrigin>
<accessControlAllowMethods>
and<accessControlAllowHeaders>
values are split using,
. Remember to escape the commas,
separating the values like this:<accessControlAllowHeaders>X-Custom-Header\, Content-Type</accessControlAllowHeaders>
or<accessControlAllowMethods>GET\, OPTIONS</accessControlAllowMethods>
Note
When engine is in preview mode, it is a proxy and therefore will not add CORS headers to REST API responses even if CORS is enabled.
targeting.enabled:
true
if content targeting should be enabled. Defaults to false.targeting.rootFolders: The root folders that should be handled for content targeting.
targeting.excludePatterns: Regex patterns that are used to exclude certain paths from content targeting.
targeting.availableTargetIds: The valid target IDs for content targeting (see Content Targeting Guide).
targeting.fallbackTargetId: The target ID that should be used as last resort when resolving targeted content. (see Content Targeting Guide).
targeting.mergeFolders:
true
if the content of folders that have the same “family” of target IDs should be merged. (see Content Targeting Guide).targeting.redirectToTargetedUrl:
true
if the request should be redirected when the targeted URL is different from the current URL. (see Content Targeting Guide).profile.api.accessToken: The access token to use for the Profile REST calls. This parameter should be always specified on multi-tenant configurations.
security.saml.token: The expected value for the secure key request header
security.saml.groups: Contains any number of
<group>
elements. Each<group>
element contains a<name>
element (The name of the group from the request header) and a<role>
element (The value to use for the role in the profile).security.saml.attributes: Contains any number of
<attribute>
elements. Each<attribute>
element contains a<name>
element (The name of the request header for the attribute) and a<field>
element (The name of the field to use in the profile).security.login.formUrl: The URL of the login form page. The default is /login.
security.login.defaultSuccessUrl: The URL to redirect to if the login was successful and the user couldn’t be redirected to the previous page. The default is /.
security.login.alwaysUseDefaultSuccessUrl:
true
if after successful login always redirect to the default success URL. The default is false.security.login.failureUrl: The URL to redirect to if the login fails. The default is /login?login_error=true.
security.logout.successUrl: The URL to redirect after a successful logout. The default is /.
security.accessDenied.errorPageUrl: The URL of the page to show when access has been denied to a user to a certain resource. The default is /access-denied.
security.urlRestrictions: Contains any number of restriction elements. Each restriction is formed by an Ant-style path pattern (
<url>
) and a Spring EL expression (<expression>
) executed against the current profile. If a request matches the URL, and the expression evaluates to false, access is denied. For more information, check UrlAccessRestrictionCheckingProcessor.java and AccessRestrictionExpressionRoot.javaNote
For the
<url>
Ant-style path pattern,<url>/*</url>
indicates just one level of the URL and<url>/**</url>
indicates all urls. For more information on Ant-style path pattern matching, see https://docs.spring.io/spring/docs/current/javadoc-api/org/springframework/util/AntPathMatcher.htmlsocialConnections.facebookConnectionFactory.appId: The Facebook app ID required for establishing connections with Facebook.
socialConnections.facebookConnectionFactory.appSecret: The Facebook app secret required for establishing connections with Facebook.
jobs.jobFolder: Specifies a folder which will be looked up for scripts to be scheduled using a certain cron expression. The folder path should be specified with
<path>
, and should be absolute to the project root. The cron expressions is specified in<cronExpression>
.jobs.job: Specifies a single script job to be scheduled. The job path should be specified in
<path>
, and the cron expression in<cronExpression>
.cache.warmUp.descriptorFolders: The descriptor folders (paths that contain XML that needs to be parsed, loaded and merged e.g. for inheritance. Most of the time this would be folders under
/site
) that need to be pre-loaded in cache, separated by comma, when not in preview mode. Specify the preload depth with:{depth}
after the path. If no depth is specified, the folders and all their sub-folders will be fully preloaded. Example: <descriptorFolders>/site:3</descriptorFolders>cache.warmUp.contentFolders: The content folders (mostly static, non-processed content, e.g. scripts, templates, static-assets) that need to be pre-loaded in cache, separated by comma, when not in preview mode. Specify the preload depth with
:{depth}
after the path. If no depth is specified, the folders and all their sub-folders will be fully pre-loaded. Example: <contentFolders>/scripts,/templates</contentFolders>Note
Cache and ActiveCache do not function the same way as specified above when engine is in preview because the preview server does not cache to ensure the latest updates are seen immediately.
headerMappings.mapping.urlPattern Ant path pattern to match for adding headers to response
headerMappings.mapping.headers The headers that will be added to responses. Each
<header>
element must contain a<name>
element that specifies the name of the header e.g.Cache-Control
, and a<value>
element containing directives, etc. (separated by an escaped comma) e.g.max-age=60\, s-maxage=300
.
Note
Crafter Engine will not be able to load your Project Context if your configuration contains invalid XML or incorrect configuration.
Setting HTTP Response Headers
CrafterCMS supports adding headers to responses when there are matched configuration patterns in
the Engine Project Configuration file
To setup HTTP response headers, do the following:
- Configure the Ant path pattern to match for adding headers to response in headerMappings.mapping.urlPattern
- Configure the <header>
element and the <value>` element ` with your desired values under headerMappings.mapping.headers.
<headerMappings>
<mapping>
<urlPattern>/**/*.pdf</urlPattern>
<headers>
<header>
<name>X-Crafter-Document</name>
<value>true</value>
</header>
</headers>
</mapping>
</headerMappings>
Setting Cache Headers
Cache headers allows specifying caching policies such as how an item is cached, maximum age before expiring, etc. These headers are extremely useful for indicating cache TTLs to CDNs and browsers on certain requests.
To setup cache headers, do the following:
Configure the Ant path pattern to match for adding headers to response in headerMappings.mapping.urlPattern
Configure the
<header>
element with the valueCache-Control
and the element<value>
with your desired Cache-Control directive under headerMappings.mapping.headers.See here for a list of available directives to use with
Cache-Control
.
Your configuration should look something like below:
<headerMappings>
<mapping>
<urlPattern>/articles/**</urlPattern>
<headers>
<header>
<name>Cache-Control</name>
<value>max-age=60\, s-maxage=300</value>
</header>
<headers>
</mapping>
</headerMappings>
Please note that the Cache-Control
header inserted to responses by default is set to No-Cache
.
Spring Configuration
Each project can also have it’s own Spring application context. Just as with site-config.xml, beans can be overwritten using the following locations:
- Spring Configuration Files
/config/engine/application-context.xml
(This file can be accessed easily from any project created through the out-of-the-box blueprints, by navigating from the Studio dashboard toProject Tools
>Configuration
, and finally picking up theEngine Project Application Context
option from the dropdown)./config/engine/{crafterEnv}-application-context.xml
$TOMCAT/shared/classes/crafter/engine/extension/sites/{siteName}/application-context.xml
The application context inherits from Engine’s own service-context.xml, and any class in Engine’s
classpath can be used, including Groovy classes declared under /scripts/classes/*
.
As an example, assuming you have defined a Groovy class under /scripts/classes/mypackage/MyClass.groovy
,
you can define a bean like this:
1 <?xml version="1.0" encoding="UTF-8"?>
2 <beans xmlns="http://www.springframework.org/schema/beans"
3 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
5
6 <bean class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer" parent="crafter.properties"/>
7
8 <bean id="greeting" class="mypackage.MyClass">
9 <property name="myproperty" value="${myvalue}"/>
10 </bean>
11
12</beans>
A org.springframework.context.support.PropertySourcesPlaceholderConfigurer
(like above) can be
specified in the context so that the properties of site-config.xml
can be used as placeholders,
like ${myvalue}
. By making the placeholder configurer inherit from crafter.properties, you’ll
also have access to Engine’s global properties (like crafter.engine.preview
).
Note
Crafter Engine will not be able to load your Project Context if your context file contains invalid XML, incorrect configuration or if your beans do not properly handle their own errors on initialization.