There are different components in Alfresco, such as a database, e-mail, search, audit, and so on, each with its own configuration properties. The following section covers details about all of these configurations.
A database is one of the key attributes of Alfresco. It is generally configured at the time of installation. Along with db connection parameters, there are some tuning parameters for database connection pooling. These parameters are based on a repository's read/write operation. Alfresco supports multiple databases such as MySQL, PostgreSQL, Oracle, and so on. Configuring a proper connection for a URL allows for connection to the supported database.
Here are some important database properties. Add and modify the values of these properties in the alfresco-global.properties file. Default settings are present in the repository.properties file:
db.name: The name of the database; by default, it isalfrescodb.driver: The full, qualified name of the JDBC driver class; for the PostgreSQL database, it isorg.postgresql.Driver.db.url: The JDBC connection URL, for example, for a PostgreSQL connection, it isjdbc:postgresql://localhost:5445/${db.name}.db.username: The username to connect to a database.db.password: The password to connect to a database.db.pool.initial: The number of connections to be kept open when the DB connection pool is initialized.db.pool.max: The maximum number of connections that can be opened in the DB connection pool; this is an important property to configure depending on the type of database. It's value should be less than the max value set for the database connection that's supported.db.pool.validate.query: The SQL query to validate whether a connection is still alive. The value of this property changes based on the database type. This property is useful to use along with other flags whentestOnBorrow,testonreturnis enabled. Here are the properties that control this flag:db.pool.validate.borrow=truedb.pool.validate.return=false
Here are the properties related to evicting or abandoning a connection from the connection pool:
db.pool.evict.interval: The sleep interval in milliseconds between each eviction process. By default, it is set to-1, which means disabled.db.pool.evict.idle.min: The idle time in milliseconds before a connection can be evicted.db.pool.evict.validate: The flag required to validate a connection before eviction.db.pool.abandoned.detect: The flag required to enable or disable the detection of an abandoned connection.db.pool.abandoned.time: Time taken in milliseconds for an abandoned connection to become eligible for removal.db.pool.abandoned.log: The flag required to log an abandoned connection. If enabled, it will print in a log file when any abandoned connection is removed.
Refer to http://commons.apache.org/proper/commons-dbcp/configuration.html for more details about database connection pool configurations.
The content store in Alfresco is a filesystem location where binary files are stored. Configuring it is very easy, but this should be done only at time of installation.
Add and modify the following properties in alfresco-global.properties to configure the content store:
dir.root=/mnt/data/alf_data<Specify the path of the Root directory where contentstore would be created. Make sure it is always absolute path>
dir.contentstore=${dir.root}/contentstore<Contenstore specific path.
dir.contentstore.deleted=${dir.root}/contentstore.deleted<File location for deleted contentstore. Files purged from Alfresco system are stored in this directory. You can specify a different path if you want to keep this directory in different location.>Alfresco also allows multiple content stores, and you can store documents in the selected content store. More details about this are covered in Chapter 8, The Basics of the Alfresco Content Store.
Alfresco 5.x supports only one search engine, Solr. Older versions of Alfresco used to also support Lucene, which is now deprecated. Solr can be installed as embedded within the Alfresco installation, or it can be installed on a separate instance.
Here are the three properties that you can add and modify in alfresco-global.properties:
index.subsystem.name=solr4<Defines the search subsystem you want. Values could be either solr4, solr, or none.>
dir.keystore=${dir.root}/keystore<This is the path of the certificate keystore as alfresco and solr uses https connection to communicate.>
solr.port.ssl=8443 : <Solrapplication SSL port>Further details on how to switch between different search subsystems, and configuring and tuning Solr will be covered in Chapter 5, Search.
Google Docs is one of the subsystems in Alfresco. It allows users to edit documents stored in Alfresco using Google Docs. Documents in Alfresco are checked out in Google Docs and once edited, they are checked-in to Alfresco. There will be only a single Google account used by all, so make sure you create a Google account that can be configured in Alfresco.
Add and modify the following properties in the alfresco-global.properties file from <TOMCAT_HOME>/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/googledocs/default/googledocs.properties and configure it as per your needs:
googledocs.googleeditable.enabled=true<Flag to enable/disable the Google docs> googledocs.username <Google account username> googledocs.password <Google account password>
You can also configure Google Docs using the mechanism that extends any subsystem, as explained in the Configuring Subsystem in Alfresco section.
Alfresco captures certain actions taken by a user on any node in the repository via an audit mechanism. Using audit, trail administrators can identify which user viewed, created, copied, or deleted content in the repository. Let's look at an example where the Alfresco repository is being used to manage all the contracts of an organization. It becomes critical to maintain a history of all the actions taken by users in the system on these contracts from a security perspective. So, Alfresco should be configured to enable this audit and the kind of data that needs to be audited.
Auditing in Alfresco can be easily configured based on requirements. You can control the amount of data that you want to audit.
Here are the default settings from repository.properites located at <TOMCAT_HOME>/webapps/alfresco/WEB-INF/classes/alfresco. To configure audit properties, add and modify the required properties in alfresco-global.properties:
audit.enabled=true < Flag to enable or disable the audit> audit.alfresco-access.enabled=false<Configure it to enable the audit alfresco-access application. This is alfresco default audit application. This property need to be enabled which enables data capture for audit> audit.dod5015.enabled=false <This flag is for enabling audit for records management module> audit.filter.alfresco-access.default.enabled=true audit.filter.alfresco-access.transaction.user=~System;~null;.* <This filters determines the user for whom you want to capture the audit. Current default configuration audits all users activity except System user> audit.filter.alfresco-access.transaction.type=cm:folder;cm:content;st:site<This filter allows you to control the type of data to audit. If you have custom type defined like org:contract for contract documents, you can add those to capture audit for only certain types of documents> audit.filter.alfresco- access.transaction.path=~/sys:archivedItem;~/ver:;.*<Filters out the path of the transaction. Default configuration audits anything except archived item>
You can change these filters as per your business needs to audit only certain amounts of data.
The document stored in Alfresco can be accessed via a filesystem using CIFS/FTP with the File Servers subsystem, which is one of the unique qualities of Alfresco. Alfresco authenticated users can only retrieve documents using this protocol.
The File servers subsystem can be configured via alfresco-global.properties or JMX. To configure xml files, use a standard extension mechanism for the subsystem.
The following are some generic filesystem properties you might need to change based on your system needs.
Modify this property value if the name of the filesystem needs to be changed:
filesystem.name=Alfresco
Modify the following property value if the root directory where the filesystem should open needs to be changed:
filesystem.storeName=${spaces.store}
filesystem.rootPath=${protocols.rootPath}The SMB/CIFS protocol is implemented based on a Java socket code, which leverages Alfresco to use CIFS on any platform. The default settings use the JNI-based implementation for Windows and a Java socket for Linux and other platforms.
Now, to configure CIFS based on your network and requirements, you need to add and modify these properties in the alfresco-global.properties file. The default settings are in <TOMCAT_HOME>/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers.properties:
cifs.enabled: This property enables or disables CIFScifs.serverName: This should be a unique 16-character server name. If you have multiple instances of Alfresco on the same machine, you need to have different names. The default value is${localname}A.cifs.domain: If a value is specified, it shows the domain/workgroup that the server belongs to. By default, it takes the domain of the server.cifs.broadcast: This specifies a broadcast mask for a network.cifs.bindto: This is mainly required if you want to use CIFS on a Unix-based platform. Specify the network adapter that it should be bound to. By default, it is bound to all adapters.cifs.hostannounce: This is a flag that allows the CIFS server to be announced in a local domain or workgroup.cifs.disableNativeCode: This property will only be effected on Windows. It allows you to disable the use of a native JNI-based CIFS implementation. If you deactivate JNI, you need to make some changes to the Windows configuration for CIFS to work with a default Java socket-based implementation.cifs.sessionTimeout: The CIFS session timeout value in seconds. If no I/O operation occurs within this specified interval, the server will terminate the session. You can increase it as per the standard across all systems.
The following four properties are useful when you have your Alfresco server on a Unix-based platform. CIFS needs access to privileged ports; for that, Alfresco should be started as the root user. If this is not the case, then you have to configure these properties for non-privileged ports. Set firewall rules to route the request from privileged ports to non-privileged ones. There are a few firewall examples at http://docs.alfresco.com/5.0/tasks/fileserv-CIFS-useracc.html for reference.
cifs.tcpipSMB.port=445 cifs.netBIOSSMB.sessionPort=139 cifs.netBIOSSMB.namePort=137 cifs.netBIOSSMB.datagramPort=138
Alfresco also supports the FTP protocol for accessing content. To configure FTP, either change the configuration in alfresco-global.properties or JMX. Alfresco also supports secure FTPS.
To configure FTP, add and modify the following properties in the alfresco-global.properties file from <TOMCAT_HOME>/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers.properties. Keep only the properties you want to configure; the unchanged one will be referred to from the default settings.
ftp.enabled=true<Configure to enable or disable FTP server> ftp.port=21<Port on which FTP server is listening for connection. Make sure this port is open.> ftp.bindto < Specify the network adapter server should bound to. By default if kept blank it would bind to all network adapters>
Let's look at the settings for a secure FTP connection. All these settings are required to enable FTPS. You need to specify the path, the passphrase for keyStore and trustStore, and the type.
ftp.keyStore ftp.keyStoreType ftp.keyStorePassphrase ftp.trustStore ftp.trustStoreType ftp.trustStorePassphrase
The following setting will force all sessions to be secured:
ftp.requireSecureSession=true
For more details, you can refer to the Alfresco wiki at https://wiki.alfresco.com/wiki/File_Server_Subsystem_4.0.
Alfresco supports the hybrid model, which allows the synchronizing of content between the on-premise setup to the Alfresco cloud. Selected documents can be shared on the cloud for a broader audience to access. For enabling cloud sync, you need to have Alfresco Enterprise and the Enterprise license with the Sync feature enabled. Install your enterprise license and restart Alfresco server. The Sync to Cloud action in Share will allow you to share the document on the cloud.
Alfresco doesn't support multiple identical instances of on-premise Enterprise Alfresco to sync with the cloud. So, on the other instances, you need to disable sync by setting the following property in alfresco-global.properties:
syncService.mode=OFF sync.pushJob.enabled=false sync.pullJob.enabled=false
Also, the server mode should be set to production on the main production server for the hybrid sync cloud to work, as follows:
system.serverMode=PRODUCTION<On other server you can set value as TEST or BACKUP>
E-mail is one of the subsystems of Alfresco and supports both inbound and outbound e-mails. Using the inbound e-mail subsystem, Alfresco can be used to manage e-mails. E-mails can be stored in Alfresco like normal content, with the e-mail body and attachments.
To configure the outbound e-mail subsystem , add and modify these properties in alfresco-global.properties. The default settings are in <TOMCAT_HOME>/webapps/alfresco/WEB-INF/classes/alfresco/subsystemsemailOutboundSMTP.
mail.host= <Configure SMTP server of your network> mail.port=<Proper SMTP port. Default port is 25> <If authentication required then provide proper username and password> mail.username= mail.password = mail.from.default=<Set proper default from email address. While sending email from Alfresco from address is not present this default value would be taken>
Alfresco also supports SMTPS; these properties need to be changed to enable it:
mail.smtps.auth=false mail.smtps.starttls.enable=false
In order to configure Alfresco as an inbound e-mail server, add the following property to the alfresco-global.properties file and configure it as required. You can remove any unmodified values. The default settings are present in the <TOMCAT_HOME>/webapps/alfresco/WEB-INF/classes/subsystems/email/InboundSMTP/inboundSMTP.properties file.
email.server.port= provide port of your email server(default 25) email.server.domain= provide domain address of your email server email.inbound.emailContributorsAuthority = group name that user should be member of to be able to add email. Default value is EMAIL_CONTRIBUTORS
Also, there are other settings in the file, such as blocked list and allowed list, which can be configured as per your requirements.
Alfresco also supports connecting to a repository using the IMAP protocol. Users can use IMAP e-mail clients such as Outlook and Thunderbird to connect to Alfresco. Users can just drag and drop e-mails to the Alfresco repository.
To configure IMAP, add and modify the following properties in alfresco-global.properties as per your requirements. The default settings are present in <TOMCAT_HOME> /webapps/alfresco/WEB-INF/classes/alfresco/subsystems/imap/default/imap-server.properties.
imap.server.enabled= <Set true to enable the IMAP. By default it is disabled>
imap.server.host=x.x.x.x < Set server host address>
imap.server.folder.cache.size=10000 <Change this value if there are large number of folders. Increasing this value would have an impact on memory>
imap.mail.from.default=<Set proper default from email address>
imap.mail.to.default=<Set proper default to email address>
<Change this values if you want to change the rootimap folder path>
imap.config.home.store=${protocols.storeName}
imap.config.home.rootPath=${protocols.rootPath}
imap.config.home.folderPath=Imap Home
imap.server.port=143<Configure proper IMAP server port. And make sure this port is open on server>Alfresco also support IMAPS. Configure below property to enable it. Keystore used by IMAPS should be defined in Java System properties.
imap.server.imaps.enabled=false imap.server.imaps.port=993