Global Option Settings

The global option setting controls many of the functional aspects of the expansion. The build engine, the security settings and expansion-specific settings are defined here.

Base comps mode

Should be set to “NONE” if the ‘Use java EE security’ option is to be used.

Counter default

If set to “GLOBAL”, the expanded project will make sure that all instances of all elements have different database id’s.

Use app anchors

A legacy setting from when app anchors were first introduced. Clashes with the current anchors, and shoud therefore be set to FALSE

Use legacy finders

Expand finders as used in a previous version of the expanders.

Use java EE security

If set to “FALSE”, the expanded application will not use authentication or authorization provided by the account component. Requires ‘Base comps mode’ to be set to “NONE”.

Build engine

Java build engine, options are “ANT” or “MAVEN”.

Bean interface policy

Can be set to “LOCAL”, “REMOTE” or “BOTH”. Will expand Local, Remote or both interfaces for each ejb bean in the application.

If this setting is set to “LOCAL”, RMI will not be available.

Enforce HTTP Method

The option enforceHttpMethod replaces the environment variable for expansion.

It makes policy on https methods more strict for security reasons. E.g. if a find action request is received with a POST method instead of GET, the request will be rejected.

For earlier version the environment variable ENFORCE_HTTP_METHOD can be used.

note that enforceHttpMethod should be defined with the attribute value="true" in the xml

Use CSRF protection

The option useCsrfProtection replaces the environment variable for expansion. It adds extra security to prevent replay attacks on requests to the backend (see Cross-site request forgery).

For earlier version the environment variable USER_CSRF_PROTECTION can be used.

note that useCsrfProtection should be defined with the attribute value="true" in the xml

Generate artifact label

The option generateArtifactLabel adds a tag to the version of the component pom.xml files to include expansion information (see Generate artifact label)

note that generateArtifactLabel should be defined with the attribute value="true" in the xml`

Example xml

<globalOptionSettings name="3.1 SECURE">
  <baseCompsMode>GENERATE</baseCompsMode>
  <counterDefault>IDENTITY</counterDefault>
  <useAppAnchors>FALSE</useAppAnchors>
  <useLegacyFinders>FALSE</useLegacyFinders>
  <useJavaEESecurity>FALSE</useJavaEESecurity>
  <buildEngine>MAVEN</buildEngine>
  <description/>
  <beanInterfacePolicy>BOTH</beanInterfacePolicy>
  <enforceHttpMethod value="true"/>
  <useCsrfProtection value="true"/>
  <generateArtifactLabel value="true"/>
</globalOptionSettings>

Version

Release Change
201803 Added ‘generateArtifactLabel’, ‘useCsrfProtection’ and ‘enforceHttpMethod’