TRUE Connector
  • TRUE Connector
    • Prerequisite
    • Introduction
    • System requirements
    • Volumes
    • Default configuration
    • Starting and stopping containers
    • Component overview
  • REST API
  • Connector reachability
    • Connector ID
  • How to Exchange Data
  • Modifying configuration
    • Hostname validation
    • SSL/HTTPS
    • Change message format - Multipart/Mixed, Multipart/Form, Http-headers
    • WebSocket configuration (WSS)
    • IDSCPv2 configuration
    • Self Description validation
  • Advanced configuration
    • Supported Identity Providers
    • Extended jwt validation
    • Convert keystorage files
    • Validate protocol
    • Clearing House
    • Broker
    • Usage Control
    • MyData Usage Control
    • Audit logs
    • Firewall
    • NTP Server setup
    • Manage OS users
  • Contract Negotiation - simple flow
    • Get offered resource
    • Description Request Message
    • Contract Request Message
    • Contract Agreement request
    • Get offered resource after access is granted
  • Self Description API
    • Changing API password
    • Postman collection
  • License
  • Advanced doc
    • MYDATA_USAGE_CONTROL
    • PostgreSQL Configuration
    • Test cases
    • REST API
    • Testbed
    • Step to replicate True Connector installation in minikube.
    • Docker image signing and verification
  • Life cycle
  • Security
  • Roadmap
  • Traceability matrix
  • License
  • Contributing TRUE Connector
Powered by GitBook
On this page
  1. Advanced configuration

Firewall

TRUE Connector allows setting up HttpFirewall through Spring Security, and it is enabled by default configuration. Firewall is used both in Execution Core Container (ECC) and DataApp. To turn it off, please change following properties in .env file:

### PROVIDER Configuration
PROVIDER_DATA_APP_FIREWALL=false
PROVIDER_ECC_FIREWALL=false

### CONSUMER Configuration
CONSUMER_DATA_APP_FIREWALL=false
CONSUMER_ECC_FIREWALL=false

When Firewall is enabled, it will read properties defined in firewall.properties file located in Execution Core Container (ECC) and DataApp resources folder, which easily can be modified by needs of setup.

#Set which HTTP header names should be allowed (if want to allow all header names, keep it empty)
allowedHeaderNames=
#Set which values in header names should have the exact value and allowed (if want to allow any values keep it empty)
allowedHeaderValues=
#Set which HTTP methods should be allowed
allowedMethods=GET,POST
#Set if a backslash "\" or a URL encoded backslash "%5C" should be allowed in the path or not
allowBackSlash=true
#Set if a slash "/" that is URL encoded "%2F" should be allowed in the path or not
allowUrlEncodedSlash=true
#Set if double slash "//" that is URL encoded "%2F%2F" should be allowed in the path or not
allowUrlEncodedDoubleSlash=true
#Set if semicolon is allowed in the URL (i.e. matrix variables)
allowSemicolon=true
#Set if a percent "%" that is URL encoded "%25" should be allowed in the path or not
allowUrlEncodedPercent=true
#if a period "." that is URL encoded "%2E" should be allowed in the path or not
allowUrlEncodedPeriod=true

Last updated 1 year ago