The variable configuration can be found in the t1c/t1c.conf file of the Trust1Connector's installation folder. This file contains certain properties and values that can be variable between different installations. Some values can be altered by the user or an administrator if so desired.
This is an example of an unactivated t1c.conf:
device {
status=INACTIVE
}
environment {
shared=false
}
registration {
# ACC Key
# apikey = "ec63f262-d205-4665-b68e-235055d0e8f0"
# PROD KEY
apikey = "aa30871a-5435-4480-a866-7dbec7e14eb8"
}
ssl {
keystore-password = "password"
}
contextConfig {
cors = [
"*://localhost:*",
"*.commfides.com",
"*.t1t.io",
"*.t1t.io:*"
],
# If wildcardsAllowed is set to false, only origin headers matching entries in the cors array exactly will be allowed
wildcardsAllowed = true
}
network {
proxy {
# If using a central proxy/gateway on infrastructure level, you can override the DS URL to use the
# "gateway-or-proxy-url" value instead. The response from that server will still be validated against the
# configured DS public key.
# gateway-or-proxy-url = "https://myproxy.example.com"
# Default "detect" value is false, so you need to override if you want the T1C to detect proxy host and port
# settings. If the values of "host" and "port" are set, these will always be used and no automatic detection will
# occur. If the values "username" "password", "protocol" or "nonProxyHosts" are set they will be used in
# conjunction with the detected or overridden proxy host and port.
# detect = false
# host = "proxy.example.com"
# port = 8080
# username = "myuser"
# password = "password"
# protocol = "http"
# non-proxy-hosts = [ "t1c.t1t.io" ]
}
}
The context configuration contains the CORS configuration. These values can be altered before startup, but if the Trust1Connector is configured to synchronize with the Distribution Service, they will be overridden at startup.
contextConfig {
cors = [
"*://localhost:*",
"*.commfides.com",
"*.t1t.io",
"*.t1t.io:*"
],
# If wildcardsAllowed is set to false, only origin headers matching entries in the cors array exactly will be allowed
wildcardsAllowed = true
}
Network Configuration
The network configuration contains the values pertaining to how the Trust1Connector connects to the Distribution Service. This allows administrators of customers in a B2B context to enable the Trust1Connector to be able to connect to the Distribution Service in a wide variety of network topologies
network {
proxy {
# If using a central proxy/gateway on infrastructure level, you can override the DS URL to use the
# "gateway-or-proxy-url" value instead. The response from that server will still be validated against the
# configured DS public key.
# gateway-or-proxy-url = "https://myproxy.example.com"
# Default "detect" value is false, so you need to override if you want the T1C to detect proxy host and port
# settings. If the values of "host" and "port" are set, these will always be used and no automatic detection will
# occur. If the values "username" "password", "protocol" or "nonProxyHosts" are set they will be used in
# conjunction with the detected or overridden proxy host and port.
# detect = false
# host = "proxy.example.com"
# port = 8080
# username = "myuser"
# password = "password"
# protocol = "http"
# non-proxy-hosts = [ "t1c.t1t.io" ]
}
}
Proxy Detection
The network proxy detection feature that is enabled by setting the proxy.detect property to true is using multiple mechanism in an attempt to automatically detect and apply the system proxy settings. These mechanisms are:
Setting the JVM property java.net.useSystemProxies to true
Detecting the proxy settings via the java.net.ProxySelector class: It selects the proxy server to use, if any, when connecting to the network resource referenced by a URL, in this case the DS URL. A subclass of URLConnection class will call the select method for each URL request so that the proxy selector can decide if a direct, or proxied connection should be used. The select method returns an iterator over a collection with the preferred connection approach. If while iterating the proxy selector finds a proxy with a hostname and/or port, a proxy configuration will be created with these values and the proxy.protocol, proxy.username, proxy.password, and proxy.non-proxy-hosts (if they have been defined in the variable configuration.
Finally, if an address and a port are found, they are also set respectively in the http.proxyHost and http.proxyPort JVM properties
The list of allowed origins that are allowed by the Trust1Connector CORS filter
wildcardsAllowed
Boolean
Whether to allow the usage of * as wildcards in the CORS filter's allowed origins. If set to false (or absent) only requests whose origin header matches one of the entries in the allowed origins exactly will be allowed through.
Property
Type
Description
proxy.gateway-or-proxy-url
String
If the Trust1Connector's configured DS is not reachable from the installed device's network, it is possible to override the configured DS URL with this value so that the traffic can be proxied over a gateway or proxy of your choice. This value is optional
proxy.host
String
If you need to configure a network proxy for outgoing requests, you can specify the host here. This value is optional
proxy.port
Integer
If you have configured a proxy host, you must specify a port
proxy.username
String
If the network proxy requires credentials, you can provide the username here. This value is optional
proxy.password
String
If the network proxy requires credentials, you can provide the password here. This value is optional
proxy.protocol
String
You can determine the protocol used by the proxy. M be either http or https. This value is optional
proxy.non-proxy-hosts
Array[String]
The hostnames for which the network proxy should not be used. This value is optional, but if a network proxy is configured, we strongly recommend adding the T1C hostname in this value
proxy.detect
Boolean
If you are uncertain of whether or not a proxy is required, you can set this value to true, and the Trust1Connector will make a best-effort attempt to detect a proxy host and port based on the OS network settings. This value is optional, and is ignored when both proxy.host and proxy.port values are set. Additionally, the detection is unable to detect settings such as username and password.
