Configuring the Web API components in DPM
The Web API consists of multiple “components” that provide different functions. The components plug into a “core” that receives incoming HTTP requests, and then passes the requests to the appropriate component. There is also a “common” component which handles functions that are used by all the other components.
Component configuration is stored in DPM under \Site\Properties\WebApi\ComponentConfiguration.
Components
Common component
The “Common” component provides services to multiple other components, mostly caching, logging, and authentication and authorization settings.
CorsConfigurationCacheTimeout
The interval (in seconds) at which CORS settings that are in \Site\WebApi\Cors are read from DPM.
The default value is 300 seconds (5 minutes).
EnableHttpRequestMetrics
True: Captures timing metrics for each HTTP request template; for example, /Projects/<projectName>/CaseData/Query.
False: No HTTP request metrics are captured. This reduces the total number of metrics that are captured.
IncludeErrorDetailPolicy
Specifies how much information is included in HTTP error responses.
Never: Send only a basic error message.
Always: Send a detailed error message; the message might include sensitive server information.
LocalOnly: Send different messages, depending on where the client and server are:
▪If they are on the same computer, send a detailed error message.
▪If they are on different computers, send only a basic error message.
The detailed error information is always recorded in the API log file.
The default value is LocalOnly.
MetricsAuthorizedClients
The OAuth2.0 clients that are authorized to access the /Metrics URLs. Separate multiple client names by using commas.
The default value is Prometheus.
MetricsRequireAuthentication
True: All requests to the /Metrics URLs must include an Authorization header with a valid Bearer access token.
False: Any client can access the /Metrics URL without needing to specify an access token.
The default value is True.
MetricsRequireAuthorization
True: To access the /Metrics URLs, the user or client must be authorized; that is, the user must be an administrator, or the client must be listed in the
MetricsAuthorizedClients property.
False: Users and clients can access the /Metrics URLs without being authorized.
The default value is True.
ProjectCacheFlushInterval
The interval in seconds between checks in the projects cache for expired projects. If an expired project is found then it is removed from the cache.
The default value is 300 seconds (that is, 5 minutes).
ProjectCacheTimeout
The time in seconds from when a project was last accessed before it is considered to have expired and will be removed from the project cache when it is next flushed.
The default value is 600 seconds (that is, 10 minutes).
RequireAuthentication
True: All requests to the Web API must include either an Authorization header with a valid Bearer access token, or a valid API key.
False: Any client can access the Web API URLs without needing to specify an access token. All requests always use the identity of a DPM user, because some requests are specific to a user: for example, access to files which might be in a user project folder. You must also set the
UnauthenticatedUserName and
UnauthenticatedUserPassword properties to specify the DPM user to use when executing the request. To control the /Metrics URLs, use the
MetricsRequireAuthentication and
MetricsRequireAuthorization properties.
The default value is True.
RequireAuthorization
By default, all users are authorized by using the activity permissions set in the User Administration ISA activity. The user must be assigned the “Web API” activity, and the activity or feature they are requesting.
Some URLs are accessible only to users who are an administrator.
If RequireAuthorization is False, no authorization check is performed. This is separate from the RequireAuthentication property:
▪If RequireAuthentication is true, the user must still supply a valid Authorization access token, but the user can access all functionality.
▪If RequireAuthentication is false, no access token is required and the user can access all functionality.
The default value is True.
TraceAspNet
True: Debug output from the ASP.NET Web API components is written to the API log at the trace log level.
TraceHttpRequests
True: Incoming HTTP requests are written to the API log at the trace log level.
TraceHttpResponses
True: Outgoing HTTP responses are written to the API log at the trace log level.
UnauthenticatedUserName
If
RequireAuthentication is False, user requests are performed in the context of the specified UnauthenticatedUserName. You must also set
UnauthenticatedUserPassword.
UnauthenticatedUserPassword
UserApplicationPermissionCacheTimeout
When a DPM check is performed to verify the user is authorized to access a specific activity or feature, the result is cached, if the user has access. This property specifies how long the result is stored; after that, DPM is checked again.
(If the user does not have access to the activity, DPM is always checked.)
This means if you give a user access to an activity or feature, they can access it immediately; but if you remove their access, it takes longer to take effect (up to the length of time that is specified by UserApplicationPermissionCacheTimeout).
The default value is 300 seconds (that is, 5 minutes).
UserCacheFlushInterval
The interval (in seconds) at which the Web API checks if there are any expired users in the user cache. It deletes any expired users from the cache.
The default value is 300 seconds (that is, 5 minutes).
UserCacheTimeout
The time (in seconds) from when the user last made a request before that user is considered to have expired, and will be removed from the user cache when it is next flushed.
The default value is 3600 seconds (that is, 1 hour).
UserProjectPermissionCacheTimeout
When a check is made in DPM that the user is able to access the project they are trying to access, the result is cached for the duration of the UserProjectPermissionCacheTimeout.
This means if you give a user access to a project, they can access it immediately; but if you remove their access, it takes longer to take effect (up to the length of time that is specified by UserProjectPermissionCacheTimeout).
The default value is 300 seconds (that is, 5 minutes).
CaseData component
DefaultQueryPageSize
The default number of top-level rows to return in each page of responses when a paged case data query is executed.
The default value is 20.
DefaultQueryTimeout
A paged query returns the result rowset over multiple pages. The query and result rowset are cached while the client downloads each page. If the query is not accessed for a period of time greater than the query timeout, the query is removed from memory. To reduce the load on the server, the client should normally close the query when it is finished, instead of leaving the query to timeout.
The default value is 600 seconds (10 minutes).
QueryCacheFlushInterval
The interval (in seconds) between checks for queries that have timed-out.
The default value is 60 seconds (1 minute).
Core component
The Core component is the Web API front-end which the other components plug into. It has no configuration settings.
ExportData component
AllowDirtyData
Controls the “MR Init Allow Dirty” setting that is used in the connection to the output CDSC.
True: The output CDSC accepts data that is incorrect or inconsistent, and writes it to the output as best as it can.
False: The output CDSC rejects data that is incorrect or inconsistent.
The default value is False.
AllowMultithreadedZip
Specifies how many threads are used to compress (zip) the exported files into a single package for retrieval.
True: Uses multiple threads.
False: Uses only a single thread.
The default value is True.
IncludeDataManagementScript
True: The DMS script that is used to export the data is included in the output.
The default value is False, because the script contains server file locations.
IncludeQuantumSpec
True: The Quantum specification used is included in the output file. This option applies only if the requested format is mrPunchDsc.
The default value is True.
KeepOutputFiles
True: The output files are not immediately deleted; they are kept in the working directory until manually deleted.
The default value is False.
WorkingDirectory
The directory to write the exported data while it is being prepared.
Each export data request creates a subdirectory under the working directory; writes the export output in that directory; compresses and returns the contents of the directory; and then deletes that sub-directory,
unless KeepOutputFiles is set to True.
InterviewingReports component
The InterviewingReports component configuration relates to the /InterviewingReports and /Projects/{projectName}/InterviewingReports endpoints.
ExportPropertiesPath
The path to the PropertiesHtml.xml file, which contains the default properties to use when rendering reports as HTML using the mrHtmlExport component. The path can be either an absolute path, or a path that is relative to the C:\inetpub\wwwroot\SPSSMR\WebApi\bin directory.
The default path is:
C:\inetpub\wwwroot\SPSSMR\WebApi\bin\ExportProperties\PropertiesHtml.xml
JavascriptChartRenderersPath
The path to the JavaScript chart renderers that the interviewer reports use.
ReportCacheTimeout
Most interviewing reports are scripted reports and are defined in DPM under \Site\Server\Applications\CatiReports\ApplicationSettings. All report details and the script program used to generate the report are cached when the list of reports, or first report, is accessed. If the period (in seconds) specified by the ReportCacheTimeout property occurs without any report begin accessed, all reports are discarded from memory; they are reloaded the next time that a report is accessed.
ReportCacheUpdateCheckInterval
The Report Cache uses the \Site\Server\Applications\CatiReports\ApplicationSettings\Sync value to detect changes in the reports. If any report is updated, the Sync value should be incremented. The Report Cache rechecks the Sync value in DPM if a report is accessed and it has been longer than the ReportCacheUpdateCheckInterval (in seconds). If the Sync value has changed since it was last checked, all report definitions are discarded and reloaded from DPM.
This means that after changing a report and incrementing the Sync value, it may take up to the duration of the ReportCacheUpdateCheckInterval for the report to be reloaded and the changes to take effect. If the reports are being frequently changed, it might be useful to reduce the ReportCacheUpdateCheckInterval; the minimum value is 10 seconds.
The default value is 300 seconds (5 minutes).
SavePrdFile
PRD files are used by mrSampleReportingMDSC to define the connection to the metadata and case data for the report; they are useful when developing the report scripts as they enable the scripts to run in UNICOM Professional.
True: A PRD file is generated each time a report is requested. PRD files for project-specific reports are written to the user project directory, and PRD files for cross-project reports are written to the user folder.
False: No PRD file is generated.
The default value is False.
StylesPath
The location of the CSS files that provide the styles for the interviewing reports.
UserOptionsCacheFlushInterval
DPM holds “user options” for each user, which are the lists of predefined participant and time period filters. This property specifies the interval at which the user options cache is scanned, and then expired user options are deleted.
UserOptionsCacheTimeout
DPM holds “user options” for each user, which are the lists of predefined participant and time period filters. If the user options for a specific user have not been accessed for a period of time that exceeds the UserOptionsCacheTimeout, the user options are deleted from memory the next time the user options cache is flushed.
Metadata component
The Metadata component has no configuration settings.
Participants component
The Participants component uses its own configuration options; they are identical to the
CaseData component configuration options.
See