Connector Configuration
Confluence Configuration
Confluence Source Name Assignment
Configuration Options related to the value of the Source Name.
| Name | Property Key | Description |
|---|---|---|
Source Name Value |
|
The value which the Source Name metadata should be set to. |
Confluence Instance Settings
Configuration Options related to establish connection to the target Confluence instance.
| Name | Property Key | Description |
|---|---|---|
URI |
|
URI of the confluence instance to connect to. |
Custom Default Headers |
|
Default Headers to be added to HTTP requests to Confluence. |
Authentication method |
|
Defines how a user authenticates against Confluence. The different methods will be described below. The choices are PERSONAL_ACCESS_TOKEN, BASIC_AUTH, SSL and NONE. |
Personal Access Token
The personal access token (PAT) is Confluence’s recommended method of authentication. It is an application-bound, complex password that is automatically rotated periodically by the connector.
| Name | Property Key | Description |
|---|---|---|
Initial personal access token (PAT) |
|
You need to manually generate the initial personal access token (PAT) in Confluence and then paste it in here. The initial PAT will be used by the connector to automatically request the required PATs from Confluence according to the settings below. This will require no further manual intervention. |
Token name |
|
The connector will request new PATs form the Confluence instance it is connected to using this token name. The generated PATs will show up in Confluence’s configuration with this name. |
New tokens are valid for (days) |
|
When requesting a PAT the connector will request it to be valid for these number of days. |
Renew token before expiry (days) |
|
The connector will request a new PAT these many days before the current token expires. |
Basic Authentication
| Name | Property Key | Description |
|---|---|---|
Username |
|
Username to connect to Confluence. This user must be able to log into Confluence and be registered with the Raytion Confluence Plugin. |
Password |
|
Password for the user to connect to Confluence. Encryption is recommended. |
SSL Authentication
Configuration options for authenticating the Connector against Confluence via SSL with the help of a KeyStore.
| Name | Property Key | Description |
|---|---|---|
KeyStore File |
|
A KeyStore to use when connecting to Confluence. |
KeyStore Type |
|
The type of the KeyStore-file given. We strongly recommend using PKCS12, as JKS may be deprecated in a future update. |
KeyStore Password |
|
The password to access the keystore. |
Key Alias |
|
The alias from the KeyStore to use. You can leave this empty if the KeyStore only contains one alias. |
Key Password |
|
The password to access the Key Alias within the KeyStore. |
SSL
SSL Authentication, also known as mutual TLS (mTLS) or double-sided SSL requires the connector to authenticate against Confluence with a certificate that is trusted by the Confluence instance. This is the most secure way of authentication but it is not supported by an out-of-the-box Confluence instance.
Confluence Connection Settings
Configuration Options related to fine-tuning the connection to the Confluence instance.
| Name | Property Key | Description |
|---|---|---|
Socket Timeout |
|
An inactive connection will be treated as terminated after this duration. |
Connection TTL |
|
Unused connections of the pool will be discarded after this duration. |
Requests per second |
|
Maximum amount of requests which are started towards the Confluence instance. |
Connection Pool Size |
|
Maximum number of parallel requests to Confluence. |
Batch Size |
|
Number of items that are requested in one request. |
Confluence Space Filter Settings
Configuration options determining which Confluence Spaces to crawl.
| Name | Property Key | Description |
|---|---|---|
Included Space Keys |
|
Only the Spaces with keys defined here will be crawled. If no include filters are defined, all keys are included. |
Excluded Space Keys |
|
Spaces with a key in this list will not be crawled. This overrides the key being allowed by Included Space Keys. |
Included Space Categories |
|
Only the Spaces with at least one category defined here will be crawled. However, no include filters being defined is synonymous to all categories being included. |
Excluded Space Categories |
|
Spaces with a category in this list will not be crawled. This overrides the Space being included through Included Space Keys or Included Space Categories. |
Confluence Hierarchy Cache Settings
Configuration Options determining how much and long to cache hierarchical data of Spaces and Pages.
| Name | Property Key | Description |
|---|---|---|
Cache Time To Live |
|
Maximum age of cache entries. Larger improves performance and requires more memory. |
Maximum Cache Weight |
|
Maximum cache size. Spaces and Pages weigh more the more entries they have. Larger improves performance and requires more memory. |
Confluence Type Filter Settings
Configuration Options related to which types of search targets should be generated
| Name | Property Key | Description |
|---|---|---|
Include User Profile Pages |
|
User Profile pages will be indexed. |
Include Labels Attribute |
|
Labels will be indexed. |
Extract All Contributors |
|
If unchecked, the Contributors attribute of a page or blog post lists only its creator and its last contributor instead of all contributors to it. This requires less calls to Confluence and may speed up indexing. |
Comment Handling |
|
NONE: Comments will not be indexed. INDEX_WITH_PARENT: Comments will be indexed with the parent page or blog post. INDEX_SEPARATELY: Comments will be indexed separately in an individual document. |
Drafts of Pages and Blog Posts |
|
Pages and Blog Posts in draft status will be indexed. |
Deleted Pages and Blog Posts |
|
Pages and Blog Posts in deleted status will be indexed. |
Exclude Attachments by Size |
|
Attachments with a larger size will not have their content indexed. |
Attachment File Extension Filter Type |
|
Specifies how to filter attachments by their file extension. If it is NONE, no filtering is applied. If the filter type is SPECIFY_INCLUDES, one can specify a list of file extensions that allow only attachments with these file extensions to be included with metadata or metadata and content. If SPECIFY_EXCLUDES is configured, one can specify a list of file extensions that exclude attachments with these file extensions from being indexed with content or content and metadata. |
Include Content & Metadata by Attachment File Extension |
|
Attachments with a file extension from this list will be included entirely. |
Include Metadata by Attachment File Extension |
|
Attachments with a file extension from this list will have their metadata without content included. |
Exclude Content & Metadata by Attachment File Extension |
|
Attachments with a file extension from this list will be excluded entirely. |
Exclude Content by Attachment File Extension |
|
Attachments with a file extension from this list will have their content excluded. |
Confluence Label Filter Settings
Configuration Options related to filtering pages and blogs by their labels. Comments and attachments are always included/excluded, if their parent page/blog is included/excluded.
| Name | Property Key | Description |
|---|---|---|
Label Filter Type |
|
Specifies how to filter items by their labels. If it is NONE, no filtering is applied. If the filter type is SPECIFY_INCLUDES, one can specify a list of label names that allow only items tagged with these labels to be included. If the filter type is SPECIFY_EXCLUDES, one can specify a list of label names that exclude items tagged with these labels from being included. |
Include Labels |
|
Only items tagged with at least one of the labels defined here will be included. |
Exclude Labels |
|
Items tagged with at least one of the labels defined here will not be included. |
Labels can be configured as follows:
| Name | Property Key | Description |
|---|---|---|
Label Name |
|
The name of the label that is included or excluded. |
Apply Filter to Children |
|
If enabled, the filter also affects the children of the items that pass the filter for this label. If disabled, the filter is only applied to the items themselves. If, for example, a page is tagged with a label that is excluded, the page itself will not be indexed. If the filter for this label is applied to children, the page’s children will also not be indexed. As another example, if a page is tagged with a label that is included, the page itself will be indexed. If the filter for this label is applied to children, the page’s children will also be indexed. |
Microsoft Search Configuration
Connector Product Settings
Configuration Options related to specifying the product which is going to connect to the Microsoft Search.
| Name | Property Key | Description |
|---|---|---|
Connection ID |
|
Connection ID of the connector product which is registered with Microsoft Search. |
Microsoft Services Authentication Settings
Configuration Options related to authentication for the Microsoft Search.
| Name | Property Key | Description |
|---|---|---|
OAuth2.0 client ID |
|
OAuth2.0 client ID for the Microsoft Search Authentication. |
Tenant ID |
|
Tenant ID of OAuth2.0 Token URI for the Microsoft Search Authentication. |
Authentication Method |
|
How to authenticate against Microsoft search. Available is authentication via client secret, java keystore, or certificate file. |
OAuth2.0 client secret |
|
OAuth2.0 client secret for the Microsoft Search Authentication. |
Certificate Keystore Alias |
|
The alias under which the certificate is stored in the keystore. |
Certificate Keystore Password |
|
The password to access the keystore. |
Client Certificate Password |
|
The password to access the certificate. |
Microsoft Search Connection Settings
Configuration Options related to establish a connection and sending requests to Microsoft Search.
| Name | Property Key | Description |
|---|---|---|
API endpoint |
|
Microsoft Search API endpoint including version specifier. |
Requests per Second |
|
Maximum number of requests per second. |
Connect Timeout |
|
Determines the timeout in milliseconds until a connection is established. A timeout value of zero is interpreted as an infinite timeout. A negative value is interpreted as undefined (system default if applicable). |
Socket Timeout |
|
Defines the socket timeout in milliseconds, which is the timeout for waiting for data or, put differently, a maximum period inactivity between two consecutive data packets. A timeout value of zero is interpreted as an infinite timeout. A negative value is interpreted as undefined (system default if applicable). |
Use Poxy |
|
If enabled, the connection to Microsoft Graph API will be established through a HTTP/HTTPS proxy. |
Proxy Endpoint |
|
Target proxy URL including protocol, host and port. |
Proxy Authentication |
|
If enabled, the connector uses the specified credentials to authenticate towards proxy. |
Proxy Username |
|
Proxy authentication username. |
Proxy Password |
|
Proxy authentication password. The value will be stored encrypted by the connector. |
Microsoft Search Principal Mapping Settings
Configuration Options related to mapping source system principals to Microsoft Search AzureAD users.
| Name | Property Key | Description |
|---|---|---|
Principal ID Attributes |
|
AzureAD attributes to match principal ids against. Maps a principal id to all AzureAD user objects where one of the specified attributes values matches the principal id. |
General Configuration
Database Configuration
| Name | Property Key | Description |
|---|---|---|
Configuration Type |
|
Supported are PostgreSQL, MS SQL Server, H2 and JDBC URL configuration. |
JDBC URL
| Name | Property Key | Description |
|---|---|---|
URL |
|
JDBC URL for the target database. Out of the box, the connector will use H2 file database. For productive usage, use PostgreSQL specifying the URL in format: ==== PostgreSQL Configuration |
|Setting|Description |Host |Domain name or IP address of the database server. |Port |Specifies the port number PostgreSQL is listening on, default is 5432. |Database Name |Name of the database. |Username |Username to authenticate with. The regarding user has to have read and write permissions to the database. |Password |Database Password of the configured database user.
==== Microsoft SQL Server Configuration |
|Setting|Description |Host |Domain name or IP address of the database server. Instance to connect to on server can be specified by '<server_name>\\<instance_name>' |Port |Specifies the port number MS SQL Server is listening on, default is 1433. |Database Name |Name of the database. |Add Custom Parameters |Enables the configuration of additional parameters. |Username |Username to authenticate with. The regarding user has to have read and write permissions to the database. |Password |Database Password of the configured database user.
==== H2 Configuration |
|Setting|Description
|Filename
|Name for file-based H2 database. Name must be at least three characters long and must not contain a semicolon. May include absolute or relative path to the database file.
|Add Custom Parameters
|Enables the configuration of additional parameters.
|Username
|raytion.connector.db.config.jdbc.username
| Database Username to read and write to database.
|Password
|raytion.connector.db.config.jdbc.password
|Database Password for the specified user
JDBC Url Configuration
Setting |
Description |
JDBC URL |
The database URL has to be in a valid JDBC URL format e.g. 'jdbc:postgresql//<host>:<port>/<database_name>' or 'jdbc:h2:file:<your_db_file>'. |
Username |
Username to authenticate with. The regarding user has to have read and write permissions to the database. |
Password |
Database Password of the configured database user. |
PostgreSQL
| Name | Property Key | Description |
|---|---|---|
Host |
|
Domain name or IP address of the database server. |
Port |
|
Specifies the port number PostgreSQL is listening on, default is 5432. |
Database Name |
|
Name of the database. |
Username |
|
Username to authenticate with. The regarding user has to have read and write permissions to the database. |
Password |
|
Password of the configured database user. |
Add Custom Parameter |
|
Enables the configuration of additional parameters. |
H2
| Name | Property Key | Description |
|---|---|---|
Filename |
|
Name for file-based H2 database. Name must be at least three characters long and must not contain a semicolon. May include absolute or relative path to the database file. |
Username |
|
Username to authenticate with. The regarding user has to have read and write permissions to the database. |
Password |
|
Password of the configured database user. |
Add Custom Parameter |
|
Enables the configuration of additional parameters. |
MS SQL Server
| Name | Property Key | Description |
|---|---|---|
Host |
|
Domain name or IP address of the database server. Instance to connect to on server can be specified by '‹server_name>|<instance_name>'. |
Port |
|
Specifies the port number MS SQL Server is listening on, default is 1433. |
Database Name |
|
Name of the database. |
Username |
|
Username to authenticate with. The regarding user has to have read and write permissions to the database. |
Password |
|
Password of the configured database user. |
Add Custom Parameter |
|
Enables the configuration of additional parameters. |
Oracle
| Name | Property Key | Description |
|---|---|---|
Host |
|
Domain name or IP address of the database server. Instance to connect to on server can be specified by '‹server_name>|<instance_name>'. |
Port |
|
Specifies the port number Oracle is listening on, default is 1521. |
Username |
|
Username to authenticate with. The regarding user has to have read and write permissions to the database. |
Password |
|
Password of the configured database user. |
Connection Type |
|
Specifies whether to connect to the database via the instance’s unique SID or a service name. |
Service |
|
A name of a given service / a TNS alias of the Oracle database instance. |
Traversal Configuration
| Name | Property Key | Description |
|---|---|---|
Traversal History Length |
|
Max. number of traversals to store in the history. Once the limit is exceeded, the connector will automatically remove oldest entries in the history. (default: 100) |
Include Checksum |
|
If enabled, any changes made to the pipeline e.g. configuration, the subsequent incremental run triggers a refeed of all items. |
Change Processing Interval |
|
Interval between change processing traversals. |
Resume on Start |
|
If enabled, any traversals in paused state are automatically resumed after the connector restart. Otherwise, the traversal remains in paused state. |
Number of Traversal Workers |
|
Number of workers to execute the traversal in parallel. Increasing this value might improve the performance, but will footprint higher memory consumption. It is recommended to keep the default value. (default: 10) |
Traversal Job Poll Interval |
|
Interval between the workers to be triggered to fetch and process the next tasks. (default: 10ms) |
Completion Timeout |
|
If the search engine indexes the items asynchronously, there might be some processing still in-flight during the completion process of a traversal. This value specifies the timeout value until all asynchronous callbacks are expected to return before completing the traversal. (default: 10m) |
Executor Size |
|
The executor size restricts the max. number of concurrent running traversals. |
Queue Size |
|
The queue size restricts the max. number of queued traversals. If the value is exceeded, the connector rejects further traversal requests until the queue size is below the configured size. |
Traversal Jobs
| Name | Property Key | Description |
|---|---|---|
Job Timeout Check Frequency |
|
Configures how often the connector checks for timed out jobs. |
Job Timeout |
|
The duration for which a job can stay idle before it is timed out. |
Job Cache Size |
|
Max. cache size of Jobs waiting for processing in memory. When cache is empty, next batch is fetched. |
Principal Aliaser Configuration
Principal Aliasing is applied on user information as part of Content ACL processing during Content Synchronization and Principal processing during Principal Synchronization. It’s purpose is to map external source system user to the corresponding user in search engines domain. You can configure a list of aliasers in the connector which will be applied in sequence and in order on user ACEs and user principals. The Connector supports following custom aliasing mechanism.
Custom Aliaser Disabled
If the Custom Aliaser checkbox is not selected, the connector will process user information on ACE and user principals unchanged to Search Engine. If all relevant users in the source system can be found with the same identifier in the search engine, this setup is sufficient to reflect the same secure search experience in the search engine as defined by the policy in the source system. The connector uses this option as default to process user information.
Custom Aliaser Enabled
If custom aliasing is enable then there are four types of aliaser avaialble:
Simple XML Table Aliaser
Static mapping table which can be uploaded as XML file. The connector uses the uploaded file as lookup table to map a user in the source system to a user in the search engine. Users missing a record in the file will be dropped from the ACE and during Principal Synchronization. This option is only recommended for environment with a manageable amount of users as for each user the corresponding mapping entry needs to be specified in the file.
| Name | Description |
|---|---|
XML Mapping File |
Browse and upload or drag and drop. |
Sample XML mapping file:
<?xml version="1.0" encoding="UTF-8"?>
<storeddata>
<entry keyValue="user1">user1@raytion.com</entry>
<entry keyValue="user2">user2@raytion.com</entry>
<entry keyValue="user3">user3@raytion.com</entry>
</storeddata>
Regex Replacer Aliaser
Regex Replacer Aliaser computes aliases based on a regular expression. Principals that match the regular expression are replaced by the Substitution String.
| Name | Property Key | Description |
|---|---|---|
Pattern |
|
The regular expression to match, this is the part that will be replaced. If braces (…) are used in the pattern then the matched value can be retrieved using $1 |
Substitute String |
|
String to replace the matching part of the find string. Matched value is accessed by employing $1 |
Regex Extractor Aliaser
Regex Extractor Aliaser computes aliases based on a regular expression. Principals that match the regular expression are inserted into the Insert-Into String.
| Name | PropertyKey | Description |
|---|---|---|
Pattern |
|
The regular expression to match, this is the part that will be inserted into the new value. If braces (…) are used in the pattern then the matched value can be retrieved using $$ |
Insert-Into String |
|
String to replace the matching part of the pattern. Matched value is accessed by employing $$ |
LDAP Aliaser
Ldap Aliaser searches for an LDAP entry with the requested name in the input value and returns the specified output attribute.
| Name | Property Key | Description |
|---|---|---|
Host |
|
Fully Qualified Domain Name of an LDAP server |
Port |
|
Port to use for LDAP connection, defaults are 389/636 or (recommended) 3268/3269 for simple/SSL |
AccountDN |
|
AccountDN for bind to LDAP |
Password |
|
Password part of credentials |
Input Field |
|
The Active Directory attribute name for this equality filter |
Search Root DN |
|
Distinguished Name of the subtree which is searched. The smaller the subtree the better the performance but the higher the chance of encountering principals which are not part of this subtree |
Output Field |
|
Attribute that should be returned in result entries |