application.yml

The application.yml file configures the workflow database settings, including initial load, schema, conflicts, and domains.

Location: limits-starter\src\main\resources.

File values

Property Value Description
server.port 3090 Port used by the limits server application.
schema.printer true
management.endpoints.web.exposure.include “*” List of the Spring Boot Actuator endpoint exposed in the application.
server.servlet.session.cookie.name LIM_JSESSIONID The cookie name. You can set a unique cookie name here when connecting multiple accelerators.
max-age PT12H The maximum expiration time. Must match the value defined in qfs.expiration

Section: Atoti Limits connecting to other solution

The following properties can be set in the application.yml file. The main way of setting these properties is connecting Atoti Limits to a server, such as FRTB, using the auto-configuration.

Before connecting to a server or configuring these properties, they will be null during the execution of Atoti Limits until a connection is made. In addition, if the maps already contain entries at startup, those values will be used by Atoti Limits. If the content server properties are set, they won’t be changed when connecting to a new server.

Property Value Description
limits.connected-server.url.map `{‘MRA’: ‘http://localhost:10010/risk-activepivot/activeviam/pivot/rest/v8/cube’, ‘FRTB’: ‘http://localhost:8080/frtb-starter/activeviam/pivot/rest/v8/cube’} Map of the Solution name to http url
limits.connected-server.version.map Map of the Solution name to its server version: { < server name >: < version >, … }
Example: { 'FRTB': '6.0.0' }

note

Auto-configured, null by default.

limits.connected-server.kpi-path.map {'FRTB': 'properties/property-files/kpis'} Atoti Server configuration kpi path to get the kpi permissions which are used during startup to delete the stale kpis. The path might be different from AP release to release. Different servers might be run on the different AP versions.
limits.connected-server.auth.map {'MRA': 'YWRtaW46YWRtaW4=', 'FRTB': 'YWRtaW46YWRtaW4='} Map of the Solution name to authentication token
limits.connected-server.as-of-date.map {'MRA': 'AsOfDate@Date@Dates', 'FRTB': 'AsOfDate@Date@Dates'} Map of the Solution name to AsOfDate cube location
limits.content.server.url http://localhost:8080/frtb-starter/activeviam/content/rest/v7 URL of the content server to be used with Limits (and Limit’s UI). It is usually exposed at the server’s /content endpoint.
limits.content.server.name < server name > e.g. FRTB The name of the content server to which Limits is connecting.
limits.content.server.auth YWRtaW46YWRtaW4= The Base64 Encoded Authentication to use to authenticate requests to the Content Server. The Authentication should be for admin access and the passcode should be in the format USER_NAME:PASSWORD . For example, we would generate the Authentication for a user “admin” with password “admin” as the string “admin:admin” which would get encoded to “YWRtaW46YW1kaW4=”.
limits.connected-server.level-path.map {'FRTB': 'http://localhost:8080/frtb-starter/services/rest/v1/levelPath/'} Map of the Solution name to Level Path REST endpoint URL

Section: JWT configuration

This section configures the JWT parameters used for authentication

Property Value Description
activeviam.qfs.jwt.key.public The RSA key public key encoded in Base64, used to verify the integrity of the tokens.
activeviam.qfs.jwt.key.private The RSA key private key encoded in Base64, used to sign the tokens.
activeviam.qfs.expiration 43200 The lifetime of the tokens in seconds.

Section: Activiti History

This section configures the use of the Activiti History. See Activity user guide for details about the Activiti History: https://www.activiti.org/userguide/

Property Value Description
spring.activiti.dbHistoryUsed true Flag used to enable/disable the Activiti History
spring.activiti.historyLevel full Activity History level

Section: Limits Application Datasource

Properties in this section are related to JPA sources for the limit structures, limits and incidents in Atoti Limits

Property Name Value Description
limits.application.datasource.url jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; Connection url
limits.application.datasource.username app Connection username
limits.application.datasource.password Password to authenticate the user
limits.application.datasource.properties.hibernate.dialect org.hibernate.dialect.H2Dialect Hibernate dialect
limits.application.datasource.properties.hibernate.format_sql false Enables formatting of SQL logged to the console.
limits.application.datasource.properties.hibernate.hbm2ddl.auto update Setting for how Spring should handle the database table on startup. Potential values include: create, create_drop, none, validate, update, drop, validate and truncate.
limits.application.datasource.properties.hibernate.globally_quoted_identifiers true Escapes all database identifiers, so we don’t have to put column and table names in quotations.
limits.application.datasource.hikari.connectionTimeout 30000 Maximum timeout in milliseconds user will wait for a connection from connection pool.
limits.application.datasource.hikari.idleTimeout 60000 Maximum time a connection can remain idle in connection pool.
limits.application.datasource.hikari.minimumIdle 1 Minimum number of idle connections in a connection pool.
limits.application.datasource.hikari.maximumPoolSize 10 Maximum size of the connection pool, including both idle and in-use connections.
limits.application.datasource.hikari.poolName limits-application Name of the connection pool.

Section: Activiti database

This section configures the Activiti database and the connection to the Activiti database.

Property Value Description
activiti.datasource.url jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; URL of the Hibernate connection to the Activiti database.
activiti.datasource.username app User name used for the Hibernate connection to the Activiti database.
activiti.datasource.password Password used for the Hibernate connection to the Activiti database
activiti.datasource.properties.hibernate.dialect org.hibernate.dialect.H2Dialect SQL dialect used for the Hibernate connection to the Activiti database.
activiti.datasource.properties.hibernate.format_sql true Flag used to set up the formatting of the SQL queries in the Hibernate logs
activiti.datasource.properties.hibernate.hbm2ddl.auto update Hibernate DDL generation setup to run on startup against the Activiti database. NOTE: Remove this line once the table is created.
activiti.datasource.properties.hibernate.globally_quoted_identifiers true If true then Hibernate will escape reserved SQL keywords when generating SQL for Activiti audit-log database
activiti.datasource.hikari.connectionTimeout 30000 Maximum time (in milliseconds) that a client will wait for a connection from the pool (connection to the Activiti database).
activiti.datasource.hikari.idleTimeout 60000 Maximum time (in milliseconds) that a connection is allowed to sit idle in the pool (connection to the Activiti database).
activiti.datasource.hikari.minimumIdle 1 Minimum number of idle connections that HikariCP tries to maintain in the pool (connection to the Activiti database).
activiti.datasource.hikari.maximumPoolSize 10 Maximum size that the pool is allowed to reach, including both idle and in-use connections (connection to the Activiti database).
activiti.datasource.hikari.poolName “activiti” User-defined name for the connection pool. Displayed mainly in logging and JMX management consoles to identify pools

Section: Activiti Mail Server Configuration

Property Value Description
limits.activiti.mail.host smtp.gmail.com URL of the mail server
limits.activiti.mail.port 465 Port of the mail server
limits.activiti.mail.username username to use for authentication to the mail server
limits.activiti.mail.password password to use for authentication to the mail server
limits.activiti.mail.ssl true Use SSL when connecting to the mail server
limits.activiti.mail.tls true Use TLS when connection to the mail server
limits.activiti.mail.breach-url http://localhost:3000/#/dashboard/d46 The URL where the raw binary data can be fetched from

Section: Audit Log Database

This section configures the Activiti database and the connection to the Audit Log database.

Property Value Description
audit-log.datasource.url jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; URL of the Hibernate connection to the Audit Log database.
audit-log.datasource.username app User name used for the Hibernate connection to the Audit Log database.
audit-log.datasource.password Password used for the Hibernate connection to the Audit Log database.
audit-log.datasource.properties.hibernate.dialect org.hibernate.dialect.H2Dialect SQL dialect used for the Hibernate connection to the Audit Log database.
audit-log.datasource.properties.hibernate.format_sql true Flag used to set up the formatting of the SQL queries in the Hibernate logs
audit-log.datasource.properties.hibernate.hbm2ddl.auto update Hibernate DDL generation setup to run on startup against the Audit Log database. NOTE: Remove this line once the table is created.
audit-log.datasource.properties.hibernate.globally_quoted_identifiers true If true then Hibernate will escape reserved SQL keywords when generating SQL for the Audit Log database
audit-log.datasource.hikari.connectionTimeout 30000 Maximum time (in milliseconds) that a client will wait for a connection from the pool (connection to the Audit Log database).
audit-log.datasource.hikari.idleTimeout 60000 Maximum time (in milliseconds) that a connection is allowed to sit idle in the pool (connection to the Audit Log database).
audit-log.datasource.hikari.minimumIdle 1 Minimum number of idle connections that HikariCP tries to maintain in the pool (connection to the Audit Log database).
audit-log.datasource.hikari.maximumPoolSize 10 Maximum size that the pool is allowed to reach, including both idle and in-use connections (connection to the Audit Log database).
audit-log.datasource.hikari.poolName “audit-log” User-defined name for the connection pool. Displayed mainly in logging and JMX management consoles to identify pools

Section: Limit workflow

This section defines properties relating to the workflows.

Property Value Description
limits.workflow.limit-workflows.StraightThrough.key limit-process-instance.straight-through Maps the ‘StraightThrough’ workflow type used for the creation of limit tasks to the ’limit-process-instance.straight-through’ workflow.
limits.workflow.limit-workflows.FourEyes.key limit-process-instance.four-eyes Maps the ‘four-eyes’ workflow type used for the creation of approval tasks to the ’limit-process-instance.four-eyes’ workflow.
limits.workflow.limit-workflows.SixEyes.key limit-process-instance.six-eyes Maps the ‘six-eyes-kpi’ workflow type used for the creation of limit tasks to the ’limit-process-instance.six-eyes-kpi’ workflow. This property is required for Limits to start. You can use the reference limit-process-instance.straight-through provided in limits-starter/src/main/resources/processes/ as a default implementation.
limits.workflow.exception-workflows.Exception.key limit-process-instance.exception Maps the ’exception’ workflow type used for breaches/warnings to the ’limit-process-instance.exception’ workflow.
limits.workflow.limit-workflows.FourEyes.participants Approvers List of types of users that can move a limit along a FourEyes workflow.
limits.workflow.limit-workflows.SixEyes.participants Examiners,Approvers List of types of users that can move a limit along a SixEyes workflow.
limits.workflow.roles ROLES_USERS,ROLE_MANAGERS List of security roles which can move a limit along any workflow.
limits.workflow.workflow-rules.can-approver-be-same-as-creator false If true, the creator of a limit may also approve it.

Section: Swagger

Property Value Description
springdoc.swagger-ui.enabled false Enable/disable the Swagger UI. See Swagger

Section: Incidents

Property Value Description
limits.incident.evaluation.include-passes false If true, Atoti Limits stores passes (i.e. evaluations that do not result in a breach or warning) in the datastore during limit evaluation. The default value of false prevents a large number of passes from polluting the Limit Status screen.
limits.incident.evaluation.parallel-tasks 10 Number of threads to use when evaluating limits on-demand.
limits.incident.evaluation.error.include-stacktrace false true if the stack trace should be available in the evaluation response to the UI.

Section: CSV Topic Configuration

Property Value Description
limits.topic.csv.skipped-lines 1 The number of skipped lines.
limits.topic.csv.incomplete-lines false Specifies whether incomplete CSV lines are accepted.
limits.topic.csv.overflow-lines false Specifies whether overflowing CSV lines are accepted.
limits.topic.csv.column-separator , Parser column separator.
limits.topic.csv.process-quotes true If true, the parser will parse values in double quotes. Otherwise, quotes are treated as literals.

Section: AlertTask

Property Value Description
limits.task-scheduler.thread-pool-size 4 Thread pool size for task scheduler
limits.alert-task.sample-rate-cron 0 */5 * * * * Cron expression for Intraday Alert task’s cron job. Default is to run the evaluation every 5 minutes. An example cron expression tool: click here. Note that cron expressions are evaluated differently in Jav compared to Linux. See this explanation by Baeldung. We require the Spring cron syntax i.e. 6 space-separated fields.

Section: Workflow Datasource

Properties in this section are related to JPA sources for the workflows in Atoti Limits

Property Name Value Description
application.datasource.url jdbc:h2:mem:limits-application;DB_CLOSE_DELAY=-1; Connection url
application.datasource.username app Connection username
application.datasource.password Password to authenticate the user
application.datasource.properties.hibernate.dialect org.hibernate.dialect.H2Dialect Hibernate dialect
application.datasource.properties.hibernate.format_sql false Enables formatting of SQL logged to the console.
application.datasource.properties.hibernate.hbm2ddl.auto update Setting for how Spring should handle the database table on startup. Potential values include: create, create_drop, none, validate, update, drop, validate and truncate.
application.datasource.properties.hibernate.globally_quoted_identifiers true Escapes all database identifiers, so we don’t have to put column and table names in quotations.
application.datasource.hikari.connectionTimeout 30000 Maximum timeout in milliseconds user will wait for a connection from connection pool.
application.datasource.hikari.idleTimeout 60000 Maximum time a connection can remain idle in connection pool.
application.datasource.hikari.minimumIdle 1 Minimum number of idle connections in a connection pool.
application.datasource.hikari.maximumPoolSize 10 Maximum size of the connection pool, including both idle and in-use connections.
application.datasource.hikari.poolName application-process-instance Name of the connection pool.

Section: Limit Structure Templates

Property Name Value Description
limit.structure.templates see below A map of LimitStructureTemplate definitions by templateName. See Adding Custom Limit Structure Templates

limit.structure.templates value:

Trade PnL Structure:
  template-name: Trade PnL Structure
  server-name: ConnectedAcc
  group: Group 1
  name: Trade PnL
  reference-id: N/A
  comment: N/A
  kpi-type: GREATER
  polling-frequency: EOD
  measure-name: PnL
  absolute-value-indicator: false
  warning-threshold: 10
  exception-workflow: Exception
  limit-changes-workflow: StraightThrough
  cube-name: ConnectedAccCube
  scope-keys:
    - ID@Trades@Trades
Book PV Structure:
  template-name: Book PV Structure
  server-name: FRTB
  group: Book All PV
  name: Book All PV
  reference-id: N/A
  comment: N/A
  kpi-type: GREATER
  polling-frequency: EOD
  measure-name: PV
  absolute-value-indicator: false
  warning-threshold: 10
  exception-workflow: Exception
  limit-changes-workflow: StraightThrough
  cube-name: StandardisedApproachCube
  scope-keys:
    - Book@Books@Booking

Section: Limits DLC Configuration

Property Value Description
limits.dlc.root-dir ./src/test/resources/data-samples Directory path to the data files.
limits.dlc.sub-directory-paths.root /data Path extension to specific server data directories.
limits.dlc.sub-directory-paths.whatif /whatif Path extension to directory containing the What-If CSV files.
limits.dlc.sub-directory-paths.stage /stage Path extension to directory containing the Stage CSV files.
limits.dlc.parser-threads 4 Specifies the number of threads to be used for data loading, used for configuring the DlcCSVSourceConfiguration.
limits.dlc.buffer-size 1024 CSV buffer size in KB, used for configuring the DlcCSVSourceConfiguration.
limits.dlc.path-matchers.asofdate glob:**/*as_of_date*.csv Regular expression to match as_of_date.csv files.
limits.dlc.path-matchers.limitstructures glob:**/*limit_structures*.csv Regular expression to match limit_structures.csv files.
limits.dlc.path-matchers.limits glob:**/*limits_approve*.csv Regular expression to match limits_approve.csv files.
limits.dlc.path-matchers.incidents glob:**/*incident*.csv Regular expression to match incident.csv files.

Section: Other

Property Value Description
limits.discovery-manager.polling-delay 30000 Milliseconds that the connected cube description is valid for before needing to be refreshed. If the cube is expected to change frequently then this should be decreased.
limits.scope.force-unambiguous-level-paths false Boolean flag to enable if we want to force Scopes to be Unambiguous on Multi-Level Hierarchies. Please see limits.scope.force-unambiguous-level-paths for more.
limits.scope.autofill-unambiguous-level-paths true Boolean flag to enable if we want to autofill Scopes to its Unambiguous Multi-Level values. Please see limits.scope.autofill-unambiguous-level-paths for more.
limits.scope.is-using-explicit-matching true Flag to enable explicit scope matching. If true then a Limit will only be visible in the business cube at the exact location the Limit’s Scope is defined on and no lower. This does not affect the location evaluations and breaches are checked at.

Section: Spring

Property Value Description
spring.h2.console.enabled false True if the H2 console is available. This is useful for investigating JDBC connections.
spring.data.rest.base-path limits/rest/v2/spring/jpa The base URL for Spring Data REST services which are autoconfigured for JPA repositories.
spring.liquibase.enabled false True if Liquibase database schema migrations listed in limits-starter/src/main/resources/liquibase/master-changelog.yaml should be applied on startup.
spring.liquibase.change-log classpath:/liquibase/master-changelog.yaml The location of the changelog file if Liquibase database schema migrations are applied on startup.