application.yml
The application.yml file configures the workflow database settings, including initial load, schema, conflicts, and domains.
Location: limits-starter\src\main\resources.
File values
| Property |
Value |
Description |
| server.port |
3090 |
Port used by the limits server application. |
| schema.printer |
true |
|
| management.endpoints.web.exposure.include |
“*” |
List of the Spring Boot Actuator endpoint exposed in the application. |
| server.servlet.session.cookie.name |
LIM_JSESSIONID |
The cookie name. You can set a unique cookie name here when connecting multiple accelerators. |
| max-age |
PT12H |
The maximum expiration time. Must match the value defined in qfs.expiration |
Section: Atoti Limits connecting to other solution
The following properties can be set in the application.yml file. The main way of setting these properties is connecting Atoti Limits to a server, such as FRTB, using the auto-configuration.
Before connecting to a server or configuring these properties, they will be null during the execution of Atoti Limits until a connection is made.
In addition, if the maps already contain entries at startup, those values will be used by Atoti Limits. If the content server properties are set, they won’t be changed when connecting to a new server.
| Property |
Value |
Description |
| limits.connected-server.url.map |
`{‘MRA’: ‘http://localhost:10010/risk-activepivot/activeviam/pivot/rest/v8/cube’, ‘FRTB’: ‘http://localhost:8080/frtb-starter/activeviam/pivot/rest/v8/cube’} |
Map of the Solution name to http url |
| limits.connected-server.version.map |
|
Map of the Solution name to its server version: { < server name >: < version >, … }
Example: { 'FRTB': '6.0.0' }
note Auto-configured, null by default. |
| limits.connected-server.kpi-path.map |
{'FRTB': 'properties/property-files/kpis'} |
Atoti Server configuration kpi path to get the kpi permissions which are used during startup to delete the stale kpis. The path might be different from AP release to release. Different servers might be run on the different AP versions. |
| limits.connected-server.auth.map |
{'MRA': 'YWRtaW46YWRtaW4=', 'FRTB': 'YWRtaW46YWRtaW4='} |
Map of the Solution name to authentication token |
| limits.connected-server.as-of-date.map |
{'MRA': 'AsOfDate@Date@Dates', 'FRTB': 'AsOfDate@Date@Dates'} |
Map of the Solution name to AsOfDate cube location |
| limits.content.server.url |
http://localhost:8080/frtb-starter/activeviam/content/rest/v7 |
URL of the content server to be used with Limits (and Limit’s UI). It is usually exposed at the server’s /content endpoint. |
| limits.content.server.name |
< server name > e.g. FRTB |
The name of the content server to which Limits is connecting. |
| limits.content.server.auth |
YWRtaW46YWRtaW4= |
The Base64 Encoded Authentication to use to authenticate requests to the Content Server. The Authentication should be for admin access and the passcode should be in the format USER_NAME:PASSWORD . For example, we would generate the Authentication for a user “admin” with password “admin” as the string “admin:admin” which would get encoded to “YWRtaW46YW1kaW4=”. |
| limits.connected-server.level-path.map |
{'FRTB': 'http://localhost:8080/frtb-starter/services/rest/v1/levelPath/'} |
Map of the Solution name to Level Path REST endpoint URL |
Section: content.hibernate
This section configures the Content Service database and connections to the Content Server.
| Property |
Value |
Description |
| content.hibernate.connection.url |
“jdbc:h2:mem:content_service;DB_CLOSE_DELAY=-1” |
URL of the Hibernate connection to the content server. |
| content.hibernate.connection.driver_class |
org.h2.Driver |
Driver used for the Hibernate connection to the content server. |
| content.hibernate.dialect |
“org.hibernate.dialect.H2Dialect” |
SQL dialect used for the Hibernate connection to the content server. |
| content.hibernate.show_sql |
false |
Flag used to set up the printing of the SQL queries in the Hibernate logs. |
| content.hibernate.format_sql |
false |
Flag used to set up the formatting of the SQL queries in the Hibernate logs. |
| content.hibernate.hbm2ddl.auto |
update |
Hibernate DDL generation setup to run on startup against the content server database. NOTE: Remove this line once the table is created. |
| content.hibernate.hikari.connectionTimeout |
30000 |
Maximum time (in milliseconds) that a client will wait for a connection from the pool (connection to the content server). |
| content.hibernate.hikari.idleTimeout |
60000 |
Maximum time (in milliseconds) that a connection is allowed to sit idle in the pool (connection to the content server). |
| content.hibernate.hikari.minimumIdle |
1 |
Minimum number of idle connections that HikariCP tries to maintain in the pool (connection to the content server) |
| content.hibernate.hikari.maximumPoolSize |
10 |
Maximum size that the pool is allowed to reach, including both idle and in-use connections (connection to the content server). |
| content.hibernate.hikari.poolName |
“content” |
User-defined name for the connection pool. Displayed mainly in logging and JMX management consoles to identify pools |
| content.security.cache.entitlementsTTL |
3600 |
The length of time the entitlement cache is stored |
Section: JWT configuration
This section configures the JWT parameters used for authentication
| Property |
Value |
Description |
| activeviam.qfs.jwt.key.public |
|
The RSA key public key encoded in Base64, used to verify the integrity of the tokens. |
| activeviam.qfs.jwt.key.private |
|
The RSA key private key encoded in Base64, used to sign the tokens. |
| activeviam.qfs.expiration |
43200 |
The lifetime of the tokens in seconds. |
Section: Activiti History
This section configures the use of the Activiti History. See Activity user guide for details about the Activiti History: https://www.activiti.org/userguide/
| Property |
Value |
Description |
| spring.activiti.dbHistoryUsed |
true |
Flag used to enable/disable the Activiti History |
| spring.activiti.historyLevel |
full |
Activity History level |
Section: Limits Application Datasource
Properties in this section are related to JPA sources for the limit structures, limits and incidents in Atoti Limits
| Property Name |
Value |
Description |
| limits.application.datasource.url |
jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; |
Connection url |
| limits.application.datasource.username |
app |
Connection username |
| limits.application.datasource.password |
|
Password to authenticate the user |
| limits.application.datasource.properties.hibernate.dialect |
org.hibernate.dialect.H2Dialect |
Hibernate dialect |
| limits.application.datasource.properties.hibernate.format_sql |
false |
Enables formatting of SQL logged to the console. |
| limits.application.datasource.properties.hibernate.hbm2ddl.auto |
update |
Setting for how Spring should handle the database table on startup. Potential values include: create, create_drop, none, validate, update, drop, validate and truncate. |
| limits.application.datasource.properties.hibernate.globally_quoted_identifiers |
true |
Escapes all database identifiers, so we don’t have to put column and table names in quotations. |
| limits.application.datasource.hikari.connectionTimeout |
30000 |
Maximum timeout in milliseconds user will wait for a connection from connection pool. |
| limits.application.datasource.hikari.idleTimeout |
60000 |
Maximum time a connection can remain idle in connection pool. |
| limits.application.datasource.hikari.minimumIdle |
1 |
Minimum number of idle connections in a connection pool. |
| limits.application.datasource.hikari.maximumPoolSize |
10 |
Maximum size of the connection pool, including both idle and in-use connections. |
| limits.application.datasource.hikari.poolName |
limits-application |
Name of the connection pool. |
Section: Activiti database
This section configures the Activiti database and the connection to the Activiti database.
| Property |
Value |
Description |
| activiti.datasource.url |
jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; |
URL of the Hibernate connection to the Activiti database. |
| activiti.datasource.username |
app |
User name used for the Hibernate connection to the Activiti database. |
| activiti.datasource.password |
|
Password used for the Hibernate connection to the Activiti database |
| activiti.datasource.properties.hibernate.dialect |
org.hibernate.dialect.H2Dialect |
SQL dialect used for the Hibernate connection to the Activiti database. |
| activiti.datasource.properties.hibernate.format_sql |
true |
Flag used to set up the formatting of the SQL queries in the Hibernate logs |
| activiti.datasource.properties.hibernate.hbm2ddl.auto |
update |
Hibernate DDL generation setup to run on startup against the Activiti database. NOTE: Remove this line once the table is created. |
| activiti.datasource.properties.hibernate.globally_quoted_identifiers |
true |
If true then Hibernate will escape reserved SQL keywords when generating SQL for Activiti audit-log database |
| activiti.datasource.hikari.connectionTimeout |
30000 |
Maximum time (in milliseconds) that a client will wait for a connection from the pool (connection to the Activiti database). |
| activiti.datasource.hikari.idleTimeout |
60000 |
Maximum time (in milliseconds) that a connection is allowed to sit idle in the pool (connection to the Activiti database). |
| activiti.datasource.hikari.minimumIdle |
1 |
Minimum number of idle connections that HikariCP tries to maintain in the pool (connection to the Activiti database). |
| activiti.datasource.hikari.maximumPoolSize |
10 |
Maximum size that the pool is allowed to reach, including both idle and in-use connections (connection to the Activiti database). |
| activiti.datasource.hikari.poolName |
“activiti” |
User-defined name for the connection pool. Displayed mainly in logging and JMX management consoles to identify pools |
Section: Activiti Mail Server Configuration
| Property |
Value |
Description |
| limits.activiti.mail.host |
smtp.gmail.com |
URL of the mail server |
| limits.activiti.mail.port |
465 |
Port of the mail server |
| limits.activiti.mail.username |
|
username to use for authentication to the mail server |
| limits.activiti.mail.password |
|
password to use for authentication to the mail server |
| limits.activiti.mail.ssl |
true |
Use SSL when connecting to the mail server |
| limits.activiti.mail.tls |
true |
Use TLS when connection to the mail server |
| limits.activiti.mail.breach-url |
http://localhost:3000/#/dashboard/d46 |
The URL where the raw binary data can be fetched from |
Section: Audit Log Database
This section configures the Activiti database and the connection to the Audit Log database.
| Property |
Value |
Description |
| audit-log.datasource.url |
jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; |
URL of the Hibernate connection to the Audit Log database. |
| audit-log.datasource.username |
app |
User name used for the Hibernate connection to the Audit Log database. |
| audit-log.datasource.password |
|
Password used for the Hibernate connection to the Audit Log database. |
| audit-log.datasource.properties.hibernate.dialect |
org.hibernate.dialect.H2Dialect |
SQL dialect used for the Hibernate connection to the Audit Log database. |
| audit-log.datasource.properties.hibernate.format_sql |
true |
Flag used to set up the formatting of the SQL queries in the Hibernate logs |
| audit-log.datasource.properties.hibernate.hbm2ddl.auto |
update |
Hibernate DDL generation setup to run on startup against the Audit Log database. NOTE: Remove this line once the table is created. |
| audit-log.datasource.properties.hibernate.globally_quoted_identifiers |
true |
If true then Hibernate will escape reserved SQL keywords when generating SQL for the Audit Log database |
| audit-log.datasource.hikari.connectionTimeout |
30000 |
Maximum time (in milliseconds) that a client will wait for a connection from the pool (connection to the Audit Log database). |
| audit-log.datasource.hikari.idleTimeout |
60000 |
Maximum time (in milliseconds) that a connection is allowed to sit idle in the pool (connection to the Audit Log database). |
| audit-log.datasource.hikari.minimumIdle |
1 |
Minimum number of idle connections that HikariCP tries to maintain in the pool (connection to the Audit Log database). |
| audit-log.datasource.hikari.maximumPoolSize |
10 |
Maximum size that the pool is allowed to reach, including both idle and in-use connections (connection to the Audit Log database). |
| audit-log.datasource.hikari.poolName |
“audit-log” |
User-defined name for the connection pool. Displayed mainly in logging and JMX management consoles to identify pools |
Section: Limit workflow
This section defines properties relating to the workflows.
| Property |
Value |
Description |
| limits.limitWorkflows.StraightThrough.key |
limit-process-instance.straight-through |
Maps the ‘StraightThrough’ workflow type used for the creation of limit tasks to the ‘limit-process-instance.straight-through’ workflow. |
| limits.limitWorkflows.FourEyes.key |
limit-process-instance.four-eyes |
Maps the ‘four-eyes’ workflow type used for the creation of approval tasks to the ‘limit-process-instance.four-eyes’ workflow. |
| limits.limitWorkflows.SixEyes.key |
limit-process-instance.six-eyes |
Maps the ‘six-eyes-kpi’ workflow type used for the creation of limit tasks to the ‘limit-process-instance.six-eyes-kpi’ workflow. This property is required for Limits to start. You can use the reference limit-process-instance.straight-through provided in limits-starter/src/main/resources/processes/ as a default implementation. |
| limits.exceptionWorkflows.Exception.key |
limit-process-instance.exception |
Maps the ‘exception’ workflow type used for breaches/warnings to the ‘limit-process-instance.exception’ workflow. |
| limits.limitWorkflows.FourEyes.participants |
Approvers |
List of types of users that can move a limit along a FourEyes workflow. |
| limits.limitWorkflows.SixEyes.participants |
Examiners,Approvers |
List of types of users that can move a limit along a SixEyes workflow. |
| limits.roles |
ROLES_USERS,ROLE_MANAGERS |
List of security roles which can move a limit along any workflow. |
| limits.workflow-rules.can-approver-be-same-as-creator |
false |
If true, the creator of a limit may also approve it. |
Section: Swagger
| Property |
Value |
Description |
| springdoc.swagger-ui.enabled |
false |
Enable/disable the Swagger UI. See Swagger |
Section: Incidents
| Property |
Value |
Description |
| limits.incident.evaluation.include-passes |
false |
If true, Atoti Limits stores passes (i.e. evaluations that do not result in a breach or warning) in the datastore during limit evaluation. The default value of false prevents a large number of passes from polluting the Limit Status screen. |
| limits.incident.evaluation.parallel-tasks |
10 |
Number of threads to use when evaluating limits on-demand. |
| limits.incident.evaluation.error.include-stacktrace |
false |
true if the stack trace should be available in the evaluation response to the UI. |
Section: CSV Topic Configuration
| Property |
Value |
Description |
| limits.topic.csv.skipped-lines |
1 |
The number of skipped lines. |
| limits.topic.csv.incomplete-lines |
false |
Specifies whether incomplete CSV lines are accepted. |
| limits.topic.csv.overflow-lines |
false |
Specifies whether overflowing CSV lines are accepted. |
| limits.topic.csv.column-separator |
, |
Parser column separator. |
| limits.topic.csv.process-quotes |
true |
If true, the parser will parse values in double quotes. Otherwise, quotes are treated as literals. |
Section: AlertTask
| Property |
Value |
Description |
| limits.task-scheduler.thread-pool-size |
4 |
Thread pool size for task scheduler |
| limits.alert-task.sample-rate-cron |
0 */5 * * * * |
Cron expression for Intraday Alert task’s cron job. Default is to run the evaluation every 5 minutes. An example cron expression tool: click here. Note that cron expressions are evaluated differently in Jav compared to Linux. See this explanation by Baeldung. We require the Spring cron syntax i.e. 6 space-separated fields. |
Section: Workflow Datasource
Properties in this section are related to JPA sources for the workflows in Atoti Limits
| Property Name |
Value |
Description |
| application.datasource.url |
jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; |
Connection url |
| application.datasource.username |
app |
Connection username |
| application.datasource.password |
|
Password to authenticate the user |
| application.datasource.properties.hibernate.dialect |
org.hibernate.dialect.H2Dialect |
Hibernate dialect |
| application.datasource.properties.hibernate.format_sql |
false |
Enables formatting of SQL logged to the console. |
| application.datasource.properties.hibernate.hbm2ddl.auto |
update |
Setting for how Spring should handle the database table on startup. Potential values include: create, create_drop, none, validate, update, drop, validate and truncate. |
| application.datasource.properties.hibernate.globally_quoted_identifiers |
true |
Escapes all database identifiers, so we don’t have to put column and table names in quotations. |
| application.datasource.hikari.connectionTimeout |
30000 |
Maximum timeout in milliseconds user will wait for a connection from connection pool. |
| application.datasource.hikari.idleTimeout |
60000 |
Maximum time a connection can remain idle in connection pool. |
| application.datasource.hikari.minimumIdle |
1 |
Minimum number of idle connections in a connection pool. |
| application.datasource.hikari.maximumPoolSize |
10 |
Maximum size of the connection pool, including both idle and in-use connections. |
| application.datasource.hikari.poolName |
application-process-instance |
Name of the connection pool. |
Section: Limit Structure Templates
limit.structure.templates value:
Trade PnL Structure:
template-name: Trade PnL Structure
server-name: ConnectedAcc
group: Group 1
name: Trade PnL
reference-id: N/A
comment: N/A
kpi-type: GREATER
polling-frequency: EOD
measure-name: PnL
absolute-value-indicator: false
warning-threshold: 10
exception-workflow: Exception
limit-changes-workflow: StraightThrough
cube-name: ConnectedAccCube
scope-keys:
- ID@Trades@Trades
Book PV Structure:
template-name: Book PV Structure
server-name: FRTB
group: Book All PV
name: Book All PV
reference-id: N/A
comment: N/A
kpi-type: GREATER
polling-frequency: EOD
measure-name: PV
absolute-value-indicator: false
warning-threshold: 10
exception-workflow: Exception
limit-changes-workflow: StraightThrough
cube-name: StandardisedApproachCube
scope-keys:
- Book@Books@Booking
Section: Limits DLC Configuration
| Property |
Value |
Description |
| limits.dlc.root-dir |
./src/test/resources/data-samples |
Directory path to the data files. |
| limits.dlc.sub-directory-paths.root |
/data |
Path extension to specific server data directories. |
| limits.dlc.sub-directory-paths.whatif |
/whatif |
Path extension to directory containing the What-If CSV files. |
| limits.dlc.sub-directory-paths.stage |
/stage |
Path extension to directory containing the Stage CSV files. |
| limits.dlc.parser-threads |
4 |
Specifies the number of threads to be used for data loading, used for configuring the DlcCSVSourceConfiguration. |
| limits.dlc.buffer-size |
1024 |
CSV buffer size in KB, used for configuring the DlcCSVSourceConfiguration. |
| limits.dlc.path-matchers.asofdate |
glob:**/*as_of_date*.csv |
Regular expression to match as_of_date.csv files. |
| limits.dlc.path-matchers.limitstructures |
glob:**/*limit_structures*.csv |
Regular expression to match limit_structures.csv files. |
| limits.dlc.path-matchers.limits |
glob:**/*limits_approve*.csv |
Regular expression to match limits_approve.csv files. |
| limits.dlc.path-matchers.incidents |
glob:**/*incident*.csv |
Regular expression to match incident.csv files. |
Section: Other
| Property |
Value |
Description |
| limits.discovery-manager.polling-delay |
30000 |
Milliseconds that the connected cube description is valid for before needing to be refreshed. If the cube is expected to change frequently then this should be decreased. |
| limits.scope.force-unambiguous-level-paths |
false |
Boolean flag to enable if we want to force Scopes to be Unambiguous on Multi-Level Hierarchies. Please see limits.scope.force-unambiguous-level-paths for more. |
| limits.scope.autofill-unambiguous-level-paths |
true |
Boolean flag to enable if we want to autofill Scopes to its Unambiguous Multi-Level values. Please see limits.scope.autofill-unambiguous-level-paths for more. |
| limits.scope.is-using-explicit-matching |
true |
Flag to enable explicit scope matching. If true then a Limit will only be visible in the business cube at the exact location the Limit’s Scope is defined on and no lower. This does not affect the location evaluations and breaches are checked at. |
Section: Spring
| Property |
Value |
Description |
| spring.h2.console.enabled |
false |
True if the H2 console is available. This is useful for investigating JDBC connections. |
| spring.data.rest.base-path |
limits/rest/v2/spring/jpa |
The base URL for Spring Data REST services which are autoconfigured for JPA repositories. |
| spring.liquibase.enabled |
false |
True if Liquibase database schema migrations listed in limits-starter/src/main/resources/liquibase/master-changelog.yaml should be applied on startup. |
| spring.liquibase.change-log |
classpath:/liquibase/master-changelog.yaml |
The location of the changelog file if Liquibase database schema migrations are applied on startup. |