Server Configuration¶
.config¶
NB! Whenever you change anything in the .config file, you must restart the server (i.e. restart the windows service)
connectionStrings¶
This is the connection string for the Totalview Database
<configuration>
...
<connectionStrings>
<add name="TimeServer" connectionString="Password=SomePassword;Persist Security Info=True;MultipleActiveResultSets=True;User ID=TotalviewUser;Initial Catalog=Totalview;Data Source=TotalviewSqlServer"/>
</connectionStrings>
...
</configuration>
appSettings¶
Different application settings
NoOfReconnects (default value 1): How often the server will try and reconnect to the database on startup.
UseAuthenticationPortal (default value false): If this is set to true, then the AuthenticationPortalURL must be specified.
AuthenticationPortalURL (default empty): Url for the Authentication Portal to use. E.g. totalview.example.com/Authentication
SigningCredentialsPrivateKey (default empty): This is the private key for signing the Time Client Session Token (JWT). This key should be a random 256 length key. You can use any string here, but it is simplest to generate it with a tool like https://passwordsgenerator.net/
WCFPaymentApiKey (default empty): This is the Api Key that the client must have in the header for every request to the Payment Service. If this is empty or none existing then no validation is done, and every call can be made. This key should be a random 32 length key. You can use any string here, but it is simplest to generate it with a tool like https://passwordsgenerator.net/
WCFAccountApiKey (default empty): This is the Api Key that the client must have in the header for every request to the Account Service. If this is empty or none existing then no validation is done, and every call can be made.. This key should be a random 32 length key. You can use any string here, but it is simplest to generate it with a tool like https://passwordsgenerator.net/
<configuration>
...
<appSettings>
<add key="NoOfReconnects" value="1" />
<add key="UseAuthenticationPortal" value="true"/>
<add key="AuthenticationPortalURL" value="totalview.example.com/Authentication"/>
<add key="SigningCredentialsPrivateKey" value="7TO4LJQQKM4O3SGGX0K0SV0GPDF9GCNZ3MXOMTNKMGZYRSCVVHJMZ2L1KE2160XXT342CGBV77DM4LRFAEW44GSONI0JZHUTUSLWE8W4PEJDY6JT8I88PWR6FK7R5KMKTF2DDVFX3JHJQLX1QNWU8O3CRPKGP6ZWZVKRJXXPRDAXTVO3OZOS01FKQ8KN8Q6T2FEM15L5UUX47BX6W0SI0VTTQPM7371W484NRK742R1SKLKR1UKMRTKWVD6QL10A"/>
<add key="WCFPaymentApiKey" value="RU9hHdu4B79wgOZypdIA1xOkFNhIWzPC"/>
<add key="WCFAccountApiKey" value="0MqrszFQCN8OS578T8vD5OygAYZoYWSO"/>
</appSettings>
...
</configuration>
system.serviceModel¶
Used for configuring the endpoints for the Totalview Time Client.
Also you configure endpoints used by external services here like Payment and Accounts
To configure then endpoint, you can change the baseAddress. There is a host/baseAddresses section for each service.
To configure for TLS please follow the guide on HTTPS Time Server Configuration
IP Filter¶
To only allow only certain IP addresses, you can add the IPFilter tag to the service behavior, the list of allowed IP addresses have to be comma seperated.
The IP Filter needs both IPv4 and IPv6 addresses (Use 127.0.0.1 and ::1 for localhost only).
<configuration>
...
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="MEX">
...
<IPFilter filter="127.0.0.1, ::1" />
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
...
</configuration>