Customize Configuration File

Updated 1 month ago by Stephanie Krenz

Configuration of the dab Nexus application

Note
This is the configuration to save the application data.
This is not the configuration of the SAP-data and the results.
  • Go to the DAB_NEXUS_HOME directory -> Default Path is C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\dabGmbH\neXus
  • Open the file Configuration.json with a text editor (e.g. Notepad)
  • Define the Connection String to the SQL-server used by dab Nexus to store application data and meta information. It can be the same SQL-server that is later used to store SAP-data and results. Depending on the type of authentication, use one of the following templates for the Connection String.
Important
As of Version 1.12 the parameter name inside of the ConnectionStrings change from PrimaryDatabase to ApplicationDatabase.

Windows-Authentication from version 1.12

Note: This is the user, which executes the dab Nexus-Service.

"ConnectionStrings": {
"ApplicationDatabase": "Server=YourSQLServer;Database=YourDatabase;Trusted_Connection=True;MultipleActiveResultSets=true"
}

SQL-server Authentication from version 1.12

"ConnectionStrings": {
"ApplicationDatabase": "Server=YourSQLServer;Database=YourDatabase;UserId=myUsername;Password=myPassword;MultipleActiveResultSets=true"
}

Windows-Authentication up to version 1.11

Note: This is the user, which executes the dab Nexus-Service.

"ConnectionStrings": {
"PrimaryDatabase": "Server=YourSQLServer;Database=YourDatabase;Trusted_Connection=True;MultipleActiveResultSets=true"
}

SQL-server Authentication up to version 1.11

"ConnectionStrings": {
"PrimaryDatabase": "Server=YourSQLServer;Database=YourDatabase;UserId=myUsername;Password=myPassword;MultipleActiveResultSets=true"
}

  • Edit the URL to the application dab Nexus -> change the URL from http://localhost:4444/ to the URL with which dab Nexus can be reached via the network
"ApplicationUrl": "http://localhost:4444/",
"DabAdminEmail": "admin@dab-gmbh.de",
"DabAdminPassword": "Init1234!",

Example -> http://YourServerName:4444

  • Port-Number 4444 can be user-defined
  • Values in DabAdminEmail and DabAdminPassword are default credentials for the first login -> they can now be changed or will be changed after the first login

Load Certifications

A certification can either be loaded from a file or a windows certificate store. Depending on which variant you choose, the parameters in Configuration.json must be adjusted accordingly.

  • File -> In this scenario, you enter the value File in the CertificateStore parameter
  • Windows Certificate Store -> The fingerprint/thumbprint of the certificate must be specified here in the properties

Load Certificate from File

 "CertificateStore": "File",
"CertificatePassword": "<Configure>",

Load Certificate from Windows Certificate Store

"CertificateStore": "LocalMachine",
"CertificateFingerprint": "<Configure>",

After your changings in the Configuration.json, click on Save and restart the dab Nexus Service.

More possible Configuration options

Option

Description

Possible values (defaults in bold)

Example

ConnectionStrings / PrimaryDatabase

ConnectionStrings / ApplicationDatabase (from 1.12)

Connection to the Application Database

Note

To connect to a named instance, you have to insert two backslashes between the server name and the instance: e.g. SERVER\\yourINSTANCE

"ConnectionStrings": {
"PrimaryDatabase": "Server=..."
}

ApplicationURL

URL, where dab Nexus is reachable

"ApplicationUrl": "https://localhost/"

RedirectHttp

Only takes effect if the protocol of ApplicationUrl is HTTPS.

If enabled, HTTP requests will be redirected to HTTPS. The default port used for the redirection is 80.

true

false

"RedirectHttp": true

RedirectHttpPort

Only takes effect if RedirectHttp is enabled.

Changes the port used for HTTP to HTTPS redirection.

"RedirectHttpPort": 80

EnableHsts

Only takes effect if RedirectHttp is enabled.

If enabled, dab Nexus will send the Strict-Transport-Security header, which instructs browsers to automatically use HTTPS for future connections after they have established a successful HTTPS connection once. Browsers will remember this setting for 8 hours.

true

false

"EnableHsts": true

CertificateStore

The location, where the SSL/TLS certificate is stored

File

CurrentUser

LocalMachine

"CertificateStore": "LocalMachine"

CertificatePassword

Only takes effect if CertificateStore is File.

The password for the Certificate.pfx file.

"CertificateStore": "MySecurePassword"

CertificateFinterprint

Only takes effect if CertificateStore is CurrentUser or LocalMachine.

"CertificateFingerprint": "673ad021431f66c71d901ffc791959a2b5c9ce79"

LicenseServerUrl

The server dab Nexus will use for license checks.

"LicenseServerUrl": "https://aresbackendapi.azurewebsites.net/nexus/activation"

AuthMode

How users will log in to dab Nexus.

With BuiltIn, each user uses an email address and a password to log in.

With SAML, authentication is handled by an Identity Provider, e.g. Azure Active Directory.

With SAML, SAML / Issuer and either SAML / IdentityProviderMetadataUrl or SAML / IdentityProviderMetadataFile must be filled.

SAML

BuiltIn

"AuthMode": "SAML"

SAML / Issuer

Required if AuthMode is SAML.

The name of the application as it is configured in the Identity Provider.

"SAML": {
"Issuer": "dab Nexus"
}

SAML /

IdentityProviderMetadataUrl

Only takes effect if AuthMode is SAML.

The URL under which the Identity Provider Metadata can be found. This URL must be reachable for dab Nexus.

"SAML": {
"IdentityProviderMetadataUrl": "https://login.microsoftonline.com/..."
}

SAML /

IdentityProviderMetadataFile

Only takes effect if AuthMode is SAML.

The name of an XML file containing the Identity Provider Metadata.

This file should be placed in the DAB_NEXUS_HOME directory.

"SAML": {
"IdentityProviderMetadataFile": "IdPMetadata.xml"
}

TransitionToBuiltInAuth

Only takes effect if AuthMode is SAML.

If enabled, user passwords can be changed even though Single Sign-On is used.

This option is intended to be used when you want to switch from SAML to BuiltIn authentication.

true

false

"TransitionToBuiltInAuth": false


How did we do?


Powered by HelpDocs (opens in a new tab)

Powered by HelpDocs (opens in a new tab)