Connector Configuration

Jira Configuration

Required Configuration Properties

Jira Instance Settings

Configuration Options related to establish connection to the target Jira instance.

Name	Description
Username	Username to connect to Jira. This user must be able to login to Jira and see all projects.
Password	Password for the user to connect to Jira.
URL	URL of the Jira instance to connect to.

Name

Description

Username

Username to connect to Jira. This user must be able to login to Jira and see all projects.

Password

Password for the user to connect to Jira.

URL

URL of the Jira instance to connect to.

Optional Configuration Properties

Jira Comment Filter Settings

Configuration Options on how to treat issue comments

Name	Description
Embed comments	Unprotected comments are embedded in the content and metadata of their issue
Discard protected comments	If true, comments that have an additional access restriction will be discarded. Otherwise they will be fed as separate documents.

Name

Description

Embed comments

Unprotected comments are embedded in the content and metadata of their issue

Discard protected comments

If true, comments that have an additional access restriction will be discarded. Otherwise they will be fed as separate documents.

Jira Pagination Settings

Configuration options for paginated API requests.

Name	Description
Issue Page Size	Number of Issues requested with a single call.
Comment Page Size	Number of Comments requested with a single call.
User Page Size	Number of Users requested with a single call.

Name

Description

Issue Page Size

Number of Issues requested with a single call.

Comment Page Size

Number of Comments requested with a single call.

User Page Size

Number of Users requested with a single call.

Jira Connection Settings

Configuration Options related to establish connection to the target Jira instance.

Name	Description
Socket Timeout	Requests that are not answered within this timeframe will be treated as failed.
Request Timeout	If a request cannot establish a connection to Jira within this timeframe, it will be treated as failed.
Re-Authentication Interval	Interval between re-authenticating against Jira.
Max. Connection	Max. number of connections established to Jira at the same time.
Max. Queries/Second	Max. number of requests send to Jira within a second.

Name

Description

Socket Timeout

Requests that are not answered within this timeframe will be treated as failed.

Request Timeout

If a request cannot establish a connection to Jira within this timeframe, it will be treated as failed.

Re-Authentication Interval

Interval between re-authenticating against Jira.

Max. Connection

Max. number of connections established to Jira at the same time.

Max. Queries/Second

Max. number of requests send to Jira within a second.

Jira Project Filter Settings

Configuration Options for applying include/exclude -list filter on Jira Projects.

Name	Description
Project Include List	List for including projects based on project keys. Only projects in this list are processed by the connector if the list is not empty.
Project Exclude List	List for excluding projects based on project keys. All projects configured in this list will not be processed by the connector.

Name

Description

Project Include List

List for including projects based on project keys. Only projects in this list are processed by the connector if the list is not empty.

Project Exclude List

List for excluding projects based on project keys. All projects configured in this list will not be processed by the connector.

Jira Field Filter Settings

Configuration Options for applying Include/Exclude -List filter on Jira Fields.

Name	Description
Field Include List	List for including fields. Only fields in this list are processed by the connector if the list is not empty.
Field Exclude List	List for excluding fields. All fields configured in this list will not be processed by the connector.

Name

Description

Field Include List

List for including fields. Only fields in this list are processed by the connector if the list is not empty.

Field Exclude List

List for excluding fields. All fields configured in this list will not be processed by the connector.

Jira Principal Cache Settings

Configuration Options for the principal cache which stores the user-related properties required to synchronize Jira principals.

Name	Description
Principal Cache Page Size	The number of principals extracted for each query.
Principal Cache ACL Limit	Cache Size limit for storing ACL entries.
Principal Cache User Limit	Cache Size limit for storing User principals.
Jira User Identifier	Strategy to identify a user. This user property is used to identify a user contained in the ACL.

Name

Description

Principal Cache Page Size

The number of principals extracted for each query.

Principal Cache ACL Limit

Cache Size limit for storing ACL entries.

Principal Cache User Limit

Cache Size limit for storing User principals.

Jira User Identifier

Strategy to identify a user. This user property is used to identify a user contained in the ACL.

Jira Type Filter Settings

Configuration Options for applying type filter on Jira.

Name	Key
Filter Projects	Flag to enable or disable the processing of projects. If true, projects are not processed as items.
Filter Issues	Flag to enable or disable the processing of issues. If true issues are not processed by the connector.
Filter Comments	Flag to enable or disable the processing of comments. If true comments are not processed by the connector.
Filter Attachments	Flag to enable or disable the processing of attachments. If true attachments are not processed by the connector.

Name

Key

Filter Projects

Flag to enable or disable the processing of projects. If true, projects are not processed as items.

Filter Issues

Flag to enable or disable the processing of issues. If true issues are not processed by the connector.

Filter Comments

Flag to enable or disable the processing of comments. If true comments are not processed by the connector.

Filter Attachments

Flag to enable or disable the processing of attachments. If true attachments are not processed by the connector.

Jira Content Filter Settings

Configuration Options for content filter to apply on items exceeding a specified content size limit.

Name	Key
Max Data Size	Max.content size which will be processed by the connector. Items exceeding this limit will be processed without their content.

Name

Key

Max Data Size

Max.content size which will be processed by the connector. Items exceeding this limit will be processed without their content.

Microsoft Search Configuration

Connector Product Settings

Configuration Options related to specifying the product which is going to connect to the Microsoft Search.

Name	Description
Connection ID	Connection ID of the connector product which is registered with Microsoft Search.
Product Name	Name of the connector product.
Product Description	Description of the connector product.

Name

Description

Connection ID

Connection ID of the connector product which is registered with Microsoft Search.

Product Name

Name of the connector product.

Product Description

Description of the connector product.

Microsoft Services Authentication Settings

Configuration Options related to authentication for the Microsoft Search.

Name	Description
OAuth2.0 client ID	OAuth2.0 client ID for the Microsoft Search Authentication.
OAuth2.0 client secret	OAuth2.0 client secret for the Microsoft Search Authentication.
Tenant ID	Tenant ID of OAuth2.0 Token URI for the Microsoft Search Authentication.

Name

Description

OAuth2.0 client ID

OAuth2.0 client ID for the Microsoft Search Authentication.

OAuth2.0 client secret

OAuth2.0 client secret for the Microsoft Search Authentication.

Tenant ID

Tenant ID of OAuth2.0 Token URI for the Microsoft Search Authentication.

Microsoft Search Connection Settings

Configuration Options related to establish a connection and sending requests to Microsoft Search.

Name	Description
API endpoint	Microsoft Search API endpoint including version specifier.
Requests per Second	Maximum number of requests per second.
Connect Timeout	Determines the timeout in milliseconds until a connection is established. A timeout value of zero is interpreted as an infinite timeout. A negative value is interpreted as undefined (system default if applicable).
Socket Timeout	Defines the socket timeout in milliseconds, which is the timeout for waiting for data or, put differently, a maximum period inactivity between two consecutive data packets. A timeout value of zero is interpreted as an infinite timeout. A negative value is interpreted as undefined (system default if applicable).
Use Poxy	If enabled, the connection to Microsoft Graph API will be established through a HTTP/HTTPS proxy.
Proxy Endpoint	Target proxy URL including protocol, host and port.
Proxy Authentication	If enabled, the connector uses the specified credentials to authenticate towards proxy.
Proxy Username	Proxy authentication username.
Proxy Password	Proxy authentication password. The value will be stored encrypted by the connector.

Name

Description

API endpoint

Microsoft Search API endpoint including version specifier.

Requests per Second

Maximum number of requests per second.

Connect Timeout

Determines the timeout in milliseconds until a connection is established. A timeout value of zero is interpreted as an infinite timeout. A negative value is interpreted as undefined (system default if applicable).

Socket Timeout

Defines the socket timeout in milliseconds, which is the timeout for waiting for data or, put differently, a maximum period inactivity between two consecutive data packets. A timeout value of zero is interpreted as an infinite timeout. A negative value is interpreted as undefined (system default if applicable).

Use Poxy

If enabled, the connection to Microsoft Graph API will be established through a HTTP/HTTPS proxy.

Proxy Endpoint

Target proxy URL including protocol, host and port.

Proxy Authentication

If enabled, the connector uses the specified credentials to authenticate towards proxy.

Proxy Username

Proxy authentication username.

Proxy Password

Proxy authentication password. The value will be stored encrypted by the connector.

Microsoft Search Principal Mapping Settings

Configuration Options related to mapping source system principals to Microsoft Search AzureAD users.

Setting	Description
Principal ID Attributes	AzureAD attributes to match principal ids against. Maps a principal id to all AzureAD user objects where one of the specified attributes values matches the principal id.

Setting

Description

Principal ID Attributes

AzureAD attributes to match principal ids against. Maps a principal id to all AzureAD user objects where one of the specified attributes values matches the principal id.

General Configuration

Database Configuration

Setting Description

Setting	Description
URL	JDBC URL for the target database. Out of the box, the connector will use H2 file database. For productive usage, use PostgreSQL specifying the URL in format: `jdbc:postgresql:<host>:<port>/<database>`
Username	Database Username to read and write to database.
Password	Database Password for the specified user

URL

JDBC URL for the target database. Out of the box, the connector will use H2 file database. For productive usage, use PostgreSQL specifying the URL in format: jdbc:postgresql:<host>:<port>/<database>

Username

Database Username to read and write to database.

Password

Database Password for the specified user

Traversal Configuration

Setting	Description
Traversal History Length	Max. number of traversals to store in the history. Once the limit is exceeded, the connector will automatically remove oldest entries in the history. (default: 100)
Number of Traversal Workers	Number of workers to execute the traversal in parallel. Increasing this value might improve the performance, but will footprint higher memory consumption. It is recommended to keep the default value. (default: 10)
Traversal Job Poll Interval	Interval between the workers to be triggered to fetch and process the next tasks. (default: 10ms)
Completion Timeout	If the search engine indexes the items asynchronously, there might be some processing still in-flight during the completion process of a traversal. This value specifies the timeout value until all asynchronous callbacks are expected to return before completing the traversal. (default: 10m)

Setting

Description

Traversal History Length

Max. number of traversals to store in the history. Once the limit is exceeded, the connector will automatically remove oldest entries in the history. (default: 100)

Number of Traversal Workers

Number of workers to execute the traversal in parallel. Increasing this value might improve the performance, but will footprint higher memory consumption. It is recommended to keep the default value. (default: 10)

Traversal Job Poll Interval

Interval between the workers to be triggered to fetch and process the next tasks. (default: 10ms)

Completion Timeout

If the search engine indexes the items asynchronously, there might be some processing still in-flight during the completion process of a traversal. This value specifies the timeout value until all asynchronous callbacks are expected to return before completing the traversal. (default: 10m)

Principal Aliaser Configuration

Principal Aliasing is applied on user information as part of Content ACL processing during Content Synchronization and Principal processing during Principal Synchronization. It’s purpose is to map external source system user to the corresponding user in search engines domain. You can configure a list of aliasers in the connector which will be applied in sequence and in order on user ACEs and user principals. The Connector supports following custom aliasing mechanism.

Custom Aliaser Disabled

If the Custom Aliaser checkbox is not selected, the connector will process user information on ACE and user principals unchanged to Search Engine. If all relevant users in the source system can be found with the same identifier in the search engine, this setup is sufficient to reflect the same secure search experience in the search engine as defined by the policy in the source system. The connector uses this option as default to process user information.

Custom Aliaser Enabled

If custom aliasing is enable then there are four types of aliaser avaialble:

Simple XML Table Aliaser

Static mapping table which can be uploaded as XML file. The connector uses the uploaded file as lookup table to map a user in the source system to a user in the search engine. Users missing a record in the file will be dropped from the ACE and during Principal Synchronization. This option is only recommended for environment with a manageable amount of users as for each user the corresponding mapping entry needs to be specified in the file.

Setting	Description
XML Mapping File	Browse and upload or drag and drop.

Setting

Description

XML Mapping File

Browse and upload or drag and drop.

Sample XML mapping file:

<?xml version="1.0" encoding="UTF-8"?>
<storeddata>
    <entry keyValue="user1">user1@raytion.com</entry>
    <entry keyValue="user2">user2@raytion.com</entry>
    <entry keyValue="user3">user3@raytion.com</entry>
</storeddata>

Regex Replacer Aliaser

Regex Replacer Aliaser computes aliases based on a regular expression. Principals that match the regular expression are replaced by the Substitution String.

Setting	Description
Pattern	The regular expression to match, this is the part that will be replaced. If braces (…) are used in the pattern then the matched value can be retrieved using $1
Substitute String	String to replace the matching part of the find string. Matched value is accessed by employing $1

Setting

Description

Pattern

The regular expression to match, this is the part that will be replaced. If braces (…) are used in the pattern then the matched value can be retrieved using $1

Substitute String

String to replace the matching part of the find string. Matched value is accessed by employing $1

Regex Extractor Aliaser

Regex Extractor Aliaser computes aliases based on a regular expression. Principals that match the regular expression are inserted into the Insert-Into String.

Setting	Description
Pattern	The regular expression to match, this is the part that will be inserted into the new value. If braces (…) are used in the pattern then the matched value can be retrieved using $$
Insert-Into String	String to replace the matching part of the pattern. Matched value is accessed by employing $$

Setting

Description

Pattern

The regular expression to match, this is the part that will be inserted into the new value. If braces (…) are used in the pattern then the matched value can be retrieved using $$

Insert-Into String

String to replace the matching part of the pattern. Matched value is accessed by employing $$

LDAP Aliaser

Ldap Aliaser searches for an LDAP entry with the requested name in the input value and returns the specified output attribute.

Setting	Description
Host	Fully Qualified Domain Name of an LDAP server
Port	Port to use for LDAP connection, defaults are 389/636 or (recommended) 3268/3269 for simple/SSL
AccountDN	AccountDN for bind to LDAP
Password	Password part of credentials
Input Field	The Active Directory attribute name for this equality filter
Search Root DN	Distinguished Name of the subtree which is searched. The smaller the subtree the better the performance but the higher the chance of encountering principals which are not part of this subtree
Output Field	Attribute that should be returned in result entries

Setting

Description

Host

Fully Qualified Domain Name of an LDAP server

Port

Port to use for LDAP connection, defaults are 389/636 or (recommended) 3268/3269 for simple/SSL

AccountDN

AccountDN for bind to LDAP

Password

Password part of credentials

Input Field

The Active Directory attribute name for this equality filter

Search Root DN

Distinguished Name of the subtree which is searched. The smaller the subtree the better the performance but the higher the chance of encountering principals which are not part of this subtree

Output Field

Attribute that should be returned in result entries