Open-Xchange - User contributions [en]

Jolokia

2018-10-29T11:23:53Z

Ioannis.chouklis:

{{Migration|title=Jolokia|link=https://documentation.open-xchange.com/7.10.0/middleware/components/monitoring/jolokia.html}}

Jolokia LoginCounter HOWTO

2018-10-29T11:09:04Z

Ioannis.chouklis:

{{Migration|title=HOWTO - Access Login Counter data with Jolokia|link=https://documentation.open-xchange.com/7.10.0/middleware/components/monitoring/login_counter_howto.html}}

Template:Migration

2018-10-29T11:07:55Z

Ioannis.chouklis:

= {{{title}}} =

The content on this page has moved to {{{link}}}.

Note: Open-Xchange is in the process of migrating all its technical documentation to a new and improved documentation system (https://documentation.open-xchange.com). Please note as the migration takes place more information will be available on the new system and less on this system. Thank you for your understanding during this period of transition.

Template:Migration

2018-10-29T11:05:58Z

Ioannis.chouklis: Documentation Migration Note

Note: Open-Xchange is in the process of migrating all its technical documentation to a new and improved documentation system (https://documentation.open-xchange.com). Please note as the migration takes place more information will be available on the new system and less on this system. Thank you for your understanding during this period of transition.

AppSuite:OX Logging

2018-09-20T10:15:26Z

Ioannis.chouklis: /* Examples */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -e <sessionid>] [-l <logger_name>=<logger_level> ...] -A <masterAdmin> -P <masterAdminPassword> [-p <RMI-Port>] [-s <RMI-Server] | [-oec <category_1>,...] | [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -e,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -A, --adminuser <username>
| Master admin username
|-
| -P, --adminpass <password>
| Master admin password
|-
| -s, --server <rmiServer>
| Optional RMI server (Defaults to localhost)
|-
| -p, --port <rmiPort>
| Optional RMI port (Defaults to 1099)
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE -A oxadminmaster -P secret</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite -A oxadminmaster -P secret</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG -A oxadminmaster -P secret</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY -A oxadminmaster -P secret</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2018-09-20T10:15:14Z

Ioannis.chouklis: /* Examples */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -e <sessionid>] [-l <logger_name>=<logger_level> ...] -A <masterAdmin> -P <masterAdminPassword> [-p <RMI-Port>] [-s <RMI-Server] | [-oec <category_1>,...] | [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -e,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -A, --adminuser <username>
| Master admin username
|-
| -P, --adminpass <password>
| Master admin password
|-
| -s, --server <rmiServer>
| Optional RMI server (Defaults to localhost)
|-
| -p, --port <rmiPort>
| Optional RMI port (Defaults to 1099)
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE -A oxadminmaster -P secret</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite -A oxadminmaster -P secret</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG -A oxadminmaster -P secret</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2018-09-20T10:14:34Z

Ioannis.chouklis: /* Syntax */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -e <sessionid>] [-l <logger_name>=<logger_level> ...] -A <masterAdmin> -P <masterAdminPassword> [-p <RMI-Port>] [-s <RMI-Server] | [-oec <category_1>,...] | [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -e,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -A, --adminuser <username>
| Master admin username
|-
| -P, --adminpass <password>
| Master admin password
|-
| -s, --server <rmiServer>
| Optional RMI server (Defaults to localhost)
|-
| -p, --port <rmiPort>
| Optional RMI port (Defaults to 1099)
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2018-09-20T10:14:05Z

Ioannis.chouklis: /* Syntax */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [[-a | -d] [-c <contextid> [-u <userid>] | -e <sessionid>] [-l <logger_name>=<logger_level> ...] -A <masterAdmin> -P <masterAdminPassword> [-p <RMI-Port>] [-s <RMI-Server]] | [-oec <category_1>,...] | [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -e,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -A, --adminuser <username>
| Master admin username
|-
| -P, --adminpass <password>
| Master admin password
|-
| -s, --server <rmiServer>
| Optional RMI server (Defaults to localhost)
|-
| -p, --port <rmiPort>
| Optional RMI port (Defaults to 1099)
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2018-09-20T10:11:39Z

Ioannis.chouklis: /* Parameters */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [[-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name>=<logger_level> ...] -A <masterAdmin> -P <masterAdminPassword> [-p <RMI-Port>] [-s <RMI-Server]] | [-oec <category_1>,...] | [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -e,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -A, --adminuser <username>
| Master admin username
|-
| -P, --adminpass <password>
| Master admin password
|-
| -s, --server <rmiServer>
| Optional RMI server (Defaults to localhost)
|-
| -p, --port <rmiPort>
| Optional RMI port (Defaults to 1099)
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2018-09-20T10:08:40Z

Ioannis.chouklis: /* Syntax */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [[-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name>=<logger_level> ...] -A <masterAdmin> -P <masterAdminPassword> [-p <RMI-Port>] [-s <RMI-Server]] | [-oec <category_1>,...] | [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

OX monitoring interface

2018-07-09T11:08:30Z

Ioannis.chouklis:

= Monitoring Interface =

The content on this page has moved to https://documentation.open-xchange.com/7.10.0/middleware/components/monitoring/monitoring_interface.html.

Note: Open-Xchange is in the process of migrating all its technical documentation to a new and improved documentation system (https://documentation.open-xchange.com). Please note as the migration takes place more information will be available on the new system and less on this system. Thank you for your understanding during this period of transition.

Jolokia

2018-07-09T11:07:43Z

Ioannis.chouklis:

<div class="title">Jolokia</div>

The content on this page has moved to https://documentation.open-xchange.com/7.10.0/middleware/components/monitoring/jolokia.html.

Note: Open-Xchange is in the process of migrating all its technical documentation to a new and improved documentation system (https://documentation.open-xchange.com). Please note as the migration takes place more information will be available on the new system and less on this system. Thank you for your understanding during this period of transition.

Jolokia LoginCounter HOWTO

2018-07-09T11:07:03Z

Ioannis.chouklis:

= HOWTO - Access Login Counter data with Jolokia =

The content on this page has moved to https://documentation.open-xchange.com/7.10.0/middleware/components/monitoring/login_counter_howto.html.

Note: Open-Xchange is in the process of migrating all its technical documentation to a new and improved documentation system (https://documentation.open-xchange.com). Please note as the migration takes place more information will be available on the new system and less on this system. Thank you for your understanding during this period of transition.

AppSuite:Logincounter

2018-07-09T11:05:54Z

Ioannis.chouklis:

= Login Counter =

The content on this page has moved to https://documentation.open-xchange.com/7.10.0/middleware/components/commandlinetools/logincounter.html.

Note: Open-Xchange is in the process of migrating all its technical documentation to a new and improved documentation system (https://documentation.open-xchange.com). Please note as the migration takes place more information will be available on the new system and less on this system. Thank you for your understanding during this period of transition.

AppSuite:Permission Level

2018-02-08T08:33:57Z

Ioannis.chouklis: /* Additional Flexible Functions */

{{VersionFrom|7.4.2}}
= OX Permission Level Matrix=
Note: ''While permissions still apply to versions from 7.4.2 on, a new concept named capabilities has been introduced. This allows for a more granular control of access to features. This article has not yet been updated to reflect this enhancement.''

App Suite allows to provide different permission levels to the users.

The levels start with pure webmail-only functionality and end with the full featured groupware product including all connectors and are described in the first table.

* '''Webmail''' contains pure webmail functionality including a private addressbook
* '''PIM''' (Private Information Management) adds private calendar and private tasks, no group or sharing permissions are available
* '''PIM + Mobility''' adds mobile synchronisation to the PIM level
* '''PIM + InfoStore''' adds private InfoStore functionality to the PIM level
* '''Groupware Standard''' includes all group and sharing permissions as well as the InfoStore
* '''Groupware Premium''' adds all external connectors and mobile synchronisation to Groupware Standard

In addition to this levels, App Suite contains several functions, which can flexible be used with every level. This functions are described in the second table.

== How to read the Matrix ==

{|
|-
! !! Definition
|-
| '''Mandatory''' || This column defines the options, which must not be changed for this level. '''This is a technical requirement and necessary for the correct functioning of OX HE/SE/App Suite'''
|-
| '''Default''' || This column lists the options, which are activated per default for this level
|-
| '''API Parameter''' || Related parameter in the RMI, SOAP and CLT API - described in the [http://software.open-xchange.com/OX6/doc/OX6-Provisioning.pdf Provisioning Documentation]
|-
|  ||  
|-
| '''and/or''' || Minimum one of this options need to be activated in this level
|-
|style="background-color:#C0C0C0" |  || Fields in this color define the most important differentiator to the next lower level
|}

== Matrix - Permission Levels ==

This table describes the mandatory parameters for the different permission levels.

{|
|-
! OX Base Levels !! Functionality !! Mandatory (technical requirement) !! Default !! Requirements / Description !!   !! API Parameter
|-
| rowspan="2" | '''Webmail'''
Webmail only
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||  || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|   ||   ||   ||   ||   ||   ||  
|-
| rowspan="5" | '''PIM'''<br>Private use only<br>No sharing, no group functions.
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || rowspan="3" | The absence of other features defines this level ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   || calendar
|-
|Global Addressbook ||   || [[File:Cross_gray.gif]] ||  ||   || globaladdressbookdisabled
|-
|Tasks ||   || [[File:check.gif]] ||  ||   || tasks
|-
|   ||   ||   ||   ||   ||   || 
|-
| rowspan="9" | '''PIM + Mobility'''<br>Private use only<br>No sharing, no group functions<br>Enabled for mobile synchronization
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#F0F0F0" | USM ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || usm
|-
|style="background-color:#C0C0C0" | Active Sync ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="2" | This defines the level<br>At least one of these needs to be set<br>Typically "Active Sync"||   || activesync
|-
|style="background-color:#C0C0C0" | SyncML ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || syncml (deprecated)
|-
|Global Addressbook ||  || [[File:Cross_gray.gif]] ||  ||   || globaladdressbookdisabled
|-
|Tasks ||   || [[File:check.gif]] ||  ||   || tasks
|-
|   ||   ||   ||   ||   ||  
|-
| rowspan="6" | '''PIM + InfoStore''' <br>Private use only<br>No sharing, no group functions<br>Enabled for document storage.
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#C0C0C0" | InfoStore ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || This combined with the absence of other switches defines the level <br> ||   || infostore
|-
|Global Addressbook ||   || [[File:Cross_gray.gif]] ||  ||   || globaladdressbookdisabled
|-
|Tasks ||   || [[File:check.gif]] ||  ||   || tasks
|-
|   ||   ||   ||   ||   ||   ||  
|-
| rowspan="9" | '''Groupware Standard'''<br>Full Groupware functionality<br>Access restricted to Web GUI
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#F0F0F0" | Tasks ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || tasks
|-
|style="background-color:#C0C0C0" | Shared Folders ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="3" | This defines the level<br>All need to be set together ||   || readcreatesharedfolders
|-
|style="background-color:#C0C0C0" | Public Folders ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || editpublicfolders
|-
|style="background-color:#C0C0C0" | Task Delegation ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || delegatetask
|-
|style="background-color:#F0F0F0" | Global Addressbook ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || globaladdressbookdisabled
|-
|InfoStore ||   || [[File:check.gif]] ||  ||   || infostore
|-
|   ||   ||   ||   ||   ||   ||  
|-
| rowspan="16" | '''Groupware Premium'''<br>Full Groupware functionality<br>All external clients enabled (Mobility, Outlook, Mac)
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#F0F0F0" | Tasks ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || tasks
|-
|style="background-color:#F0F0F0" | Shared Folders ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || readcreatesharedfolders
|-
|style="background-color:#F0F0F0" | Public Folders ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || editpublicfolders
|-
|style="background-color:#F0F0F0" | Task Delegation ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || delegatetask
|-
|style="background-color:#F0F0F0" | Global Addressbook ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || globaladdressbookdisabled
|-
|style="background-color:#F0F0F0" | USM ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || usm
|-
|style="background-color:#C0C0C0" | OLOX2 ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="4" | This defines the level<br>At least one of these needs to be set.<br>Typically OLOX2 and Active Sync ||   || olox20
|-
|style="background-color:#C0C0C0" | OLOX (Legacy) ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || webdavxml (deprecated)
|-
|style="background-color:#C0C0C0" | Active Sync ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || activesync
|-
|style="background-color:#C0C0C0" | SyncML ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || syncml (deprecated)
|-
|InfoStore ||   || [[File:check.gif]] ||  ||   || infostore
|-
|iCal Access ||   || [[File:check.gif]] ||  ||   || ical (deprecated)
|-
|vCard Access ||   || [[File:check.gif]] ||  ||   || vcard (deprecated)
|-
|}
<br>
<br>

== Additional Flexible Functions ==

The following functions can be added flexible to each permission level.

{|
|-
! Additional Functions !! Default !! Requirements / Description !!   !! API Parameter
|-
| rowspan="2" | '''Minimum Webmail'''
|Collect Emailaddresses || Email addresses typed into sent/reveived emails can be saved automatically in a dedicated folder ||   || collectemailaddresses
|-
|Edit Password || If a plugin to change the own password is installed on the system, it will be displayed in the settings area ||   || editpassword
|-
|   ||   ||   ||   ||  
|-
| rowspan="3" | '''Minimum PIM'''
|Multiple Mailaccounts || The user can use external IMAP/POP3 Mailaccounts within the OX WebGUI. Starting with 6.20 this can be configured per email service ||   || multiplemailaccounts
|-
|Subscriptions || The user can subscribe to external/social datasources, like LinkedIN (removed since 7.10.0), XING, Gmail, .... Starting with 6.20 this can be configured per subscription service ||   || subscriptions
|-
|Publications || The user can publish his own data (contacts/documents) for other users in the internet ||   || publication
|-
|   ||   ||   ||   ||  
|-
| '''Minimum PIM + InfoStore'''
|WebDAV || Allows WebDAV access to InfoStore documents; Requires InfoStore ||   || webdav
|-
|   ||   ||   ||   ||  
|-
| rowspan="2" | '''Minimum GW Standard'''
|Manage Resources || The user is allowed to create and manage resources for the whole company ||   || editresource
|-
|Manage Groups || The user is allowed to create and manage groups for the whole company ||   || editgroup
|-
|   ||   ||   ||   ||  
|-
| rowspan="2" | '''Minimum GW Premium'''
|vCard || The user can download all his contacts via the vCard interface ||   || vcard (deprecated)
|-
|iCal || The user can download all his contacts via the iCal interface ||   || ical (deprecated)
|-
|}

AppSuite:OX Tutorial 1M

2018-02-08T08:33:26Z

Ioannis.chouklis: /* Install and configure OX on both servers */

= Tutorial: High Available OX App Suite Setup for up to 1 Milion users =

'''This article describes what you need for a typical OX App Suite Setup for up to 1.000.000 Users, which is fully clustered, high available and scaling very flexible.'''

It contains everything you need to:
* Understand the design of the OX App Suite setup including additional services
* Install the whole system based on the relevant articles
* Find pointers to the next steps of integration

= System Design =

[[Image:AppSuite-1M.png|1000px]]

The system is designed to provide maximum functionality and availability with a minimum of necessary hardware. If the services on one OX server fail, this is transparently handled by the load balancer. If one MySQL server fails, it is sufficient to take over the IP address on the other MySQL server in the cluster to stay fully in operation.

== General recommendations ==

* A virtualisation enviroment is recommended
* Many machines with less memory (16 GB) are preferred to fewer machines with big memory
* The picture above shows a valid setup for a webmail only system. Further features like the Business Mobility Connector or OX Documentes require more ressources.

== Infrastructure Components not delivered by OX ==

* An email system providing IMAP and SMTP
* A control panel for creation and administration of users
* A Load Balancer in front of the OX servers (optional, recommended)

= Overview Installation Steps =

'''To deploy the described OX setup, the following steps need to be done. '''

== Mandatory Steps ==
# Initialize and configure MySQL database servers
# Install and configure OX on all servers

== Steps depending on your environment ==
# Implement Load Balancer
# Connect Control Panel
# Connect Email System

== Recommended Optional Next Steps ==
# Automated Frontend Tests (see [[Automated_GUI_Tests|here]])
# Upsell Plugin (see [[AppSuite:Upsell|here]] and [[AppSuite:Upsell_tools|here]])
# Automatic FailOver
# Theming (see [https://documentation.open-xchange.com/latest/ui/theming.html here])

= Mandatory Installation Steps - Instructions & Recommendations =

'''The following steps need to be done in every case to get OX up and running:'''

== Initialize and configure MySQL database on both servers ==

MySQL will be configured as Master-Master configuration to ensure data consistency on both servers.
If one machine fails, the other machine will take over all functionality.

[[OXLoadBalancingClustering_Database|Database setup for clustered environments]]

== Install and configure OX on both servers ==

OX will be installed on minimum two servers. It will be configured to '''write''' to the '''first''' MySQL database and to '''read''' from the '''second''' MySQL database in one cluster. This will distribute the load during normal operation as smooth as possible. During FailOver the IP address of the failed MySQL server will be taken over to the working server, the system stays operable.

[[AppSuite:OXLoadBalancingClustering_OXConfiguration|Open-Xchange setup and configuration for clustered environments]]

The NFS server will be mounted on all machines and registered as filestore.

[[OXLoadBalancingClustering_Filestore|Filestore setup for clustered environments]]

When multiple Open-Xchange Servers are configured within a cluster Session and Loadbalancing needs to be set up.

[[OXLoadBalancingClustering_SessionLoadbalancing|Session and Loadbalancing for clustered environments]]

[[OXLoadBalancingClustering_NetworkConfiguration|Network configuration for clustered environments]]

You also should install and configure the OXtender for Business Mobility:

[[OXtender_for_Business_Mobility| exchange active sync configuration for Open-Xchange]]

Let your users connect to their data from other services like Twitter or LinkedIn (removed since 7.10.0) by configuring the "SocialOX"

[[SocialOX|SocialOX-Configuration]]

= Installation Steps depending on your environment - Instructions & Recommendations =

'''The following components need to be implemented in your environment.'''

== Implement Load Balancer ==

A load balancer in front of the OX servers is necessary for this deployment size. It needs to handle the requests if one OX server fails.

If you already have a hardware load balancing solution in place, this can be used. OX is known to work with the standard load balancing solutions from BigIP, Barracuda, Foundry, ...

If you do not have a load balancing solution already in place, we recommend to use [http://www.keepalived.org/ Keepalived] as reliable and cost effective solution.

Read more about configuring [[Keepalived | Keepalived for Open-Xchange]]

{{OX_HE_Tutorial_CP}}

{{OX_HE_Tutorial_HGP}}

{{OX_HE_Tutorial_POA}}

{{OX_HE_Tutorial_Auth}}

== Connect Email System ==

Every email system providing IMAP and SMTP can be used as backend to OX. Best experiences are made with the widespread Linux based IMAP servers [http://dovecot.org/ Dovecot], [http://www.cyrusimap.org/ Cyrus] or [http://www.courier-mta.org/imap/ Courier].

Other IMAP servers need to be tested thoroughly before going into production.

There are several possibilities to implement the Email system:

# You already have an email system available: Nothing needs to be done, it just needs to be configured
# You use Parallels Automation (POA): Nothing special needs to be done, everything you need is contained in the APS package
# You want to setup a new Email system: It is recommended to use Dovecot, as this is very stable, fast, feature rich and easy to scale

{{OX_HE_Tutorial_Dovecot}}

{{AppSuite:OX_Tutorial_Next}}

AppSuite:OX Tutorial 100K

2018-02-08T08:33:02Z

Ioannis.chouklis: /* Install and configure OX on both servers */

= Tutorial: High Available OX AppSuite Setup for up to 100.000 users =

'''This article describes what you need for a typical OX AppSuite Setup for up to 100.000 Users, which is fully clustered and high available.'''

It contains everything you need to:
* Understand the design of the OX AppSuite setup including additional services
* Install the whole system based on the relevant articles
* Find pointers to the next steps of integration

= System Design =

[[Image:AppSuite-100k.png|800px]]

The system is designed to provide maximum functionality and availability with a minimum of necessary hardware. If the services on one server fail, it is enough to take over the IP address to the other machine and service will stay up and running.

== Core Components for OX AppSuite ==

* Two OX AppSuite servers (HW recommendation: 16GB RAM / 4 cores each)
* MySQL installed directly on these server
* NFS Server to store documents and files

== Infrastructure Components not delivered by OX ==

* An email system providing IMAP and SMTP
* A control panel for creation and administration of users
* A Load Balancer in front of the OX servers (optional, recommended)

= Overview Installation Steps =

'''To deploy the described OX setup, the following steps need to be done. '''

== Mandatory Steps ==
# Initialize and configure MySQL database on both servers
# Install and configure OX on both servers

== Steps depending on your environment ==
# Implement Load Balancer
# Connect Control Panel
# Connect Email System

== Recommended Optional Next Steps ==
# Automated Frontend Tests (see [[Automated_GUI_Tests|here]])
# Upsell Plugin (see [[AppSuite:Upsell|here]] and [[AppSuite:Upsell_tools|here]])
# Automatic FailOver
# Theming (see [https://documentation.open-xchange.com/latest/ui/theming.html here])

= Mandatory Installation Steps - Instructions & Recommendations =

'''The following steps need to be done in every case to get OX up and running:'''

== Initialize and configure MySQL database on both servers ==

MySQL will run on both servers. MySQL will be configured as Master-Master configuration to ensure data consistency on both servers.
If one machine fails, the other machine will take over all functionality.

[[OXLoadBalancingClustering_Database|Database setup for clustered environments]]

== Install and configure OX on both servers ==

OX will be installed on both servers. It will be configured to '''write''' to the '''first''' MySQL database and to '''read''' from the '''second''' MySQL database. This will distribute the load during normal operation as smooth as possible. During FailOver the IP address of the failed server will be taken over to the working server, the system stays operable.

[[AppSuite:OXLoadBalancingClustering_OXConfiguration|Open-Xchange setup and configuration for clustered environments]]

The NFS server will be mounted on both machines and registered as filestore.

[[OXLoadBalancingClustering_Filestore|Filestore setup for clustered environments]]

When multiple Open-Xchange Servers are configured within a cluster Session and Loadbalancing needs to be set up.

[[OXLoadBalancingClustering_SessionLoadbalancing|Session and Loadbalancing for clustered environments]]

[[OXLoadBalancingClustering_NetworkConfiguration|Network configuration for clustered environments]]

You also should install and configure the OXtender for Business Mobility

[[OXtender_for_Business_Mobility_Installation_Guide|Installation of the OXtender for Business Mobility]]

Let your users connect to their data from other services like Twitter or LinkedIn (removed since 7.10.0) by configuring the "SocialOX"

[[SocialOX|SocialOX-Configuration]]

= Installation Steps depending on your environment - Instructions & Recommendations =

'''The following components need to be implemented in your environment.'''

== Implement Load Balancer ==

A load balancer in front of the OX servers is recommended, but optional in this deployment size. (In small environments, DNS Round Robin may be sufficient).

If you already have a hardware load balancing solution in place, this can be used. OX is known to work with the standard load balancing solutions from BigIP, Barracuda, Foundry, ...

If you do not have a load balancing solution already in place, we recommend to use [http://www.keepalived.org/ Keepalived] as reliable and cost effective solution.

Read more about configuring [[Keepalived | Keepalived for Open-Xchange]]

{{OX_HE_Tutorial_CP}}

{{OX_HE_Tutorial_HGP}}

{{OX_HE_Tutorial_POA}}

{{OX_HE_Tutorial_Auth}}

== Connect Email System ==

Every email system providing IMAP and SMTP can be used as backend to OX. Best experiences are made with the widespread Linux based IMAP servers [http://dovecot.org/ Dovecot], [http://www.cyrusimap.org/ Cyrus] or [http://www.courier-mta.org/imap/ Courier].

Other IMAP servers need to be tested thoroughly before going into production.

There are several possibilities to implement the Email system:

# You already have an email system available: Nothing needs to be done, it just needs to be configured
# You use Parallels Automation (POA): Nothing special needs to be done, everything you need is contained in the APS package
# You want to setup a new Email system: It is recommended to use Dovecot, as this is very stable, fast, feature rich and easy to scale

{{OX_HE_Tutorial_Dovecot}}

{{AppSuite:OX_Tutorial_Next}}

{{OX_HE_Tutorial_FailOver}}

AppSuite:Extension points for miscellaneous

2018-02-08T08:32:39Z

Ioannis.chouklis: /* plugins */

{{Stability-experimental}}

<div class="title">Miscellaneous Extension points</div>
'''Abstract:''' This describes miscellaneous extension points, allowing you to add functions.

=application-foldertree=
==io.ox/application-foldertree/links==

=backbone=
==io.ox/backbone/validation/formats==

=conversations=
==io.ox/conversations/actions/create==
==io.ox/conversations/links/toolbar==

=folder=
==io.ox/foldertree/folder==

=halo=
==io.ox/halo/contact:renderer==
==io.ox/halo/contact:requestEnhancement==

=help=
==io.ox/help/helper==

=keychain=
==io.ox/keychain/api==
==io.ox/keychain/model==

=portal=
==io.ox/portal/settings/detail==
==io.ox/portal/widget==
==io.ox/portal/widget/mail==
==io.ox/portal/widget/mail/actions/compose==
==io.ox/portal/widget/mail/links/inline==

=preview=
==io.ox/preview/engine==

=settings=
==io.ox/settings/accounts/mail/settings/detail==

=linkedIn=
Note that the LinkedIn integration was removed since 7.10.0
==io.ox/linkedIn/details/actions==
==io.ox/linkedIn/details/renderer==

=plugins=
==io.ox/plugins/portal/linkedIn/updates/renderer==
Note that the LinkedIn integration was removed since 7.10.0

[[Category:AppSuite]]
[[Category:UI]]
[[Category:Extension points]]

AppSuite:Extension points for miscellaneous

2018-02-08T08:32:24Z

Ioannis.chouklis: /* linkedIn */

{{Stability-experimental}}

<div class="title">Miscellaneous Extension points</div>
'''Abstract:''' This describes miscellaneous extension points, allowing you to add functions.

=application-foldertree=
==io.ox/application-foldertree/links==

=backbone=
==io.ox/backbone/validation/formats==

=conversations=
==io.ox/conversations/actions/create==
==io.ox/conversations/links/toolbar==

=folder=
==io.ox/foldertree/folder==

=halo=
==io.ox/halo/contact:renderer==
==io.ox/halo/contact:requestEnhancement==

=help=
==io.ox/help/helper==

=keychain=
==io.ox/keychain/api==
==io.ox/keychain/model==

=portal=
==io.ox/portal/settings/detail==
==io.ox/portal/widget==
==io.ox/portal/widget/mail==
==io.ox/portal/widget/mail/actions/compose==
==io.ox/portal/widget/mail/links/inline==

=preview=
==io.ox/preview/engine==

=settings=
==io.ox/settings/accounts/mail/settings/detail==

=linkedIn=
Note that the LinkedIn integration was removed since 7.10.0
==io.ox/linkedIn/details/actions==
==io.ox/linkedIn/details/renderer==

=plugins=
==io.ox/plugins/portal/linkedIn/updates/renderer==

[[Category:AppSuite]]
[[Category:UI]]
[[Category:Extension points]]

AppSuite:Architecture Overview

2018-02-08T08:31:47Z

Ioannis.chouklis: /* Social/Public Data related components, plugins and communication flow */

__NOTOC__
This page gives an overview of the most important internal components, plugin capabilities, public interfaces (APIs) and data communication streams of the Open-Xchange server.

[[File:appsuite_architecture_diagram_3.png|1200px]]

=<span style="background:#dcdcdc">Frontend and client based communication flow </span>=
*'''1''' All communication from and to the users client is purely based on HTTP. It is strongly recommended to use only encrypted HTTPS. For security reasons, some modules require HTTPS connections in the default configuration. The HTTP(S) communication is terminated at Apache.

*'''2''' Within Apache, the mod_proxy_http module is used to forward the request to the OX server. Apache can also be used to configure session stickiness and load balancing in clustered environments.

*'''3''' OX Web UI
** The [https://documentation.open-xchange.com/latest/middleware/http_api.html HTTP API] is the core API for all user functionality. Every function of the Web UI is using this API. In addition to that, all possible user functionality is available via this API and can be used from external applications as well. It is based on JSON via HTTP(S).
** [http://oxpedia.org/wiki/index.php?title=Portal:AppSuite_UI Web UI Documentation]
** [[HTTP_API_Examples|Programming Example]], how to use this API to build an Email widget, accessing the HTTP API

*'''4''' The OXtender for Business Mobility is a server based Active Sync Implementation. The "Microsoft Exchange Active Sync" protocol supports Push via HTTPS, therefore the email backend needs to send push events to the OX server. Details, see: [[OXtender for Business Mobility Installation Guide]] and [[OX_EMail_Push_Introduction|Email Push Introduction]]. Serverside, the synchronization makes use of the "Universal Sync Module (USM)", which is a server bundle containing the synchronization logic for several clients. It also communicates via HTTP(S) transporting JSON objects.

*'''5''' The [[OXtender 2 for Microsoft Outlook]] is a MAPI plugin, installed in the Outlook client to synchronize data between Outlook and the OX server. It makes use of the same HTTP(S) and JSON based communication to the Universal Sync Module (USM), like Active Sync.

*'''6''' [[Caldav carddav Bundles|CalDAV and CardDAV]] interfaces are available to synchronize calendars and address books with Apple OS X and iOS applications as well as Thunderbird: [[CalDAVClients|CalDAV Clients]] and [[CardDAVClients|CardDAV Clients]].

*'''7''' A WebDAV implementation provides the possibility to access the documents in the Files-module directly via any WebDAV client, like the Windows Explorer.

=<span style="background:#dcdcdc">Administration, provisioning and operations related components and communication flow</span>=
*'''11''' Data Migration and Im-/Export of user data can be done via automated tools, using these interfaces:
** [[Using the import servlet]], [[Building an importer]]
** [[Using the export servlet]], [[Building an exporter]], [[Export_ical/vcard| iCal/vCard]]
** A tool is available to upload data from Outlook profiles or PST files to OX: [http://oxpedia.org/wiki/index.php?title=OX_Outlook_Uploader Outlook Uploader]

*'''12''' All provisioning tasks, like creating and editing users can be done with [http://software.open-xchange.com/OX6/doc/OX6-Provisioning/ Commandline tools]. The command line tools make use of the Java RMI API internally.

*'''13''' The native, central provisioning API is available via Java RMI and split into the [http://software.open-xchange.com/OX6/doc/RMI/admin-core/ Core API] and the [http://software.open-xchange.com/OX6/doc/RMI/admin-hosting/ HostingAPI].

*'''14''' Central control panels and billing systems, which are not implemented in Java, can use the RMI API via the [http://software.open-xchange.com/products/appsuite/doc/SOAP/admin/OX-Admin-SOAP.html SOAP API], examples of its usage can be found [[Open-Xchange-SOAP | here]].
** Standard integration via SOAP is available for OPWV Directory
** for Parallels Operations Automation see [[PAIntegrationGuide| PA integration guide]]
** for Parallels Plesk Panel see [[Plesk_Integration|Plesk integration guide]]
** for cPanel see [[Open-Xchange_cPanel_Installation| cPanel installation]]

*'''15''' Authentication is implementable via highly customizable plugins, different standard and custom implementations are available
**[[Authentication IMAP Plugin description| IMAP]]
** LDAP
** Database
** custom

*'''16''' Monitoring the OX application is done via JMX, for a description see [[OX monitoring interface]], or a commandline tool
** An example how to use the monitoring interface is available as pre-built Scripts for the monitoring tool Munin: [[OX munin scripts]]

=<span style="background:#E5E5E5">Backend related components and communication flow</span>=
*'''21''' All OX-internal data - users, contacts, calendars, tasks and document metadata is stored in a MySQL Database, accessed via JDBC
**'''22''' Native MySQL contacts storage

*'''23''' Other sources for contacts than the MySQL storage can also be used. For this an OSGi bundle needs to be implemented, overriding the standard contact storage.
** An implementation using LDAP is publicly available
** Several custom implementations are available on request or can be implemented by partners

*'''24''' Email storage is accessed through the pluggable [http://software.open-xchange.com/OX6/doc/mal/ Mail Abstraction Layer API]
** The default implementation uses IMAP
** Sending Emails is done via SMTP
** For Active Sync or Outlook the email backend needs to send push requests to the OX server, for details see [[OX_EMail_Push_Introduction|Email Push Introduction]]
** Several custom implementations are available on request or can be implemented by partners

*'''25''' Documents in the Files module are accessed via an API, which allows customized implementations.
** The default in large environments is to use NFS
** In small environments the local filesystem is used
** [http://www.scality.com/ Scality] is also available
** Several custom implementations are available on request or can be implemented by partners

=<span style="background:#E5E5E5">Social/Public Data related components, plugins and communication flow</span>=

A <em>subscription based plugin system</em> allows to access data from external systems like webmail systems or social networks. The underlying concept is called SocialOX and a list of some plugins can be found here: [[SupportedCrawler]]. The integrations of messaging, contacts and calendars are done via the official API of the respective 3rd-party-service if there is one. For authentication, OAuth is used for security and privacy control if available. All plugins use HTTP(S) connections to the external services only. Access to the external email systems is done via IMAP(S) or POP3(S), depending on the service.

*'''31''' For subscription to an external calendar a plugin to subscribe to Google Calendar is available.

*'''32''' Supported external messaging services are Twitter and SMS/MMS.

*'''33''' Contacts can be imported from Xing, LinkedIn (removed since 7.10.0), MSN/Windows Live/Outlook.com, Yahoo and Google.

*'''34''' External email accounts can be integrated via POP3(S) or IMAP(S)
** There are pre-configured settings for many popular services so that users only need to enter their e-mail address and password.
** Look here how to [[install and configure the mail-account plugin]].

* '''35''' RSS feeds are loaded remotely, filtered for exploits and can be read in the UI

* '''36''' Image services like Flickr and Tumblr are integrated directly into the UI, bypassing the backend completely. Authentication is handled via OAuth.

=<span style="background:#dcdcdc">Publicly Available Plugins</span>=
* An overview of the existing public plugins can be found here: [[Open-Xchange Plugin Overview]]. Many others are available on request or through partners.

This page was last updated on 2015/01/20.
Person responsible: [mailto:karsten.will@open-xchange.com?Subject=AppSuite%20Architecture%20Overview%20(oxpedia.org)&body=Hi%20Karsten%2C%0A%0AThere%20is%20something%20you%20should%20take%20care%20of%20at%20this%20wiki-page%3A%0Ahttp%3A%2F%2Foxpedia.org%2Fwiki%2Findex.php%3Ftitle%3DAppSuite%3AArchitecture_Overview%0A%0AIt%20is%3A Karsten Will] (creates new pre-filled email)

AppSuite:Sharing and Guest Mode

2018-02-08T08:31:21Z

Ioannis.chouklis: /* Publish/Subscribe vs. Sharing */

<div class="title">Sharing and Guest Mode</div>

{{VersionFrom|7.8.0}}

__TOC__

== Introduction ==

Starting with v7.8.0, the Open-Xchange server comes with a whole new concept to share contents with external people, allowing guest users to interact with the shared data in the same way as regular groupware users do. This article describes the underlying technical implications and outlines the different use cases.

The main idea behind the new sharing concept is that guest users, i.e. external users without a regular account on the server, should be able to access the shared contents using the existing interfaces, especially the App Suite web interface. On the one hand, this includes consuming the shared data using the App Suite's advanced media viewing capabilities. On the other hand, this enables guests to edit existing as well as to create or upload new content in the groupware. Even real-time collaboration between internal users and guests in OX Documents is possible.

The following chapters cover different topics regarding sharing and guest users and try to describe some technical background and impact where hosters, administrators or integrators might be interested in.

== Creating Shares ==

Basically, creating a share means adding an additional permission entity to the shared folder or item. Previously, this was only possible for "internal" entities, i.e. regular users or user groups. Now, the underlying permission system has been extended to support external entities, which can be either invited guest users, or special "anonymous" guest users who access a shared folder or item via a secret link. Anonymous and invited guest users are explained in more detail below.

Sharing is available for the groupware modules Calendar, Contacts, Tasks and Drive (a.k.a. Infostore/Files). While the latter one also allows "writable" access for invited guest users, folders from the Calendar, Contacts and Tasks module may only be published in "read-only" mode to external guests.

=== Invite Guests ===

To share something to a guest user, it's possible to just add the e-mail address of the invitee as new permission entity for files and folders. The middleware then takes care to provision a new or reuse an existing account for the guest user, and equips him with the required permissions for accessing the contents. So, from a client's point of view, sharing something to a guest user is mostly the same process as sharing something to an internal user or group.

=== Share Links ===

Besides explicitly inviting a guest user to a share, it's also possible to just get a secret link for a folder or item. This will result in an additional "anonymous" guest entity in the permissions of the shared object, and will grant any user with the corresponding share link access the shared contents. To simplify the creation of share links, the clients will offer an additional "wizard" to quickly get a share link for a folder or item. Unlike invited guests which behave much like internal users, anonymous guest entities are strictly bound to the underlying folder or item, i.e. there is at most one anonymous permission entity per file or folder, as well as an anonymous permission entity can only be used for only once.

=== Required Permissions and Capabilities ===

Whether a user is allowed to create share links, invite external guests, or internal groups or users, depends on the following module access permissions and capabilities. Please note that share links no longer require <code>read_create_shared_folders</code> since Open-Xchange v7.8.1; this restriction was removed in order to allow simple publications also for non-groupware accounts, e.g. as defined by the <code>pim</code> or <code>pim_infostore</code> module access combinations.

==== v7.8.0 ====
* Create, update & remove share links: <code>read_create_shared_folders</code>, <code>share_links</code>
* Add, update or remove internal users and group permissions: <code>read_create_shared_folders</code>
* Add, update or remove external guest permissions: <code>read_create_shared_folders</code>, <code>invite_guests</code>

==== v7.8.1 ====
* Create, update & remove share links: <code>share_links</code>
* Add, update or remove internal users and group permissions in modules Calendar, Contacts, Tasks: <code>read_create_shared_folders</code> for personal / <code>edit_public_folders</code> for public folders
* Add, update or remove internal users and group permissions in module Drive: none
* Add, update or remove external guest permissions in modules Calendar, Contacts, Tasks: <code>invite_guests</code>, and <code>read_create_shared_folders</code>, <code>read_create_shared_folders</code> for personal / <code>edit_public_folders</code> for public folders
* Add, update or remove external guest permissions in module Drive: <code>invite_guests</code>

'''''Administrator Notes:'''''

* Existing shares for a guest user or context may be listed using the commandline utility <code>listshares</code>
* The ability to create share links may be controlled via <code>com.openexchange.capability.share_links</code>, either globally in the configuration file <code>permissions.properties</code>, or on a more fine-granular level through the [https://oxpedia.org/wiki/index.php?title=ConfigCascade Config Cascade]
* The ability to invite guest users may be controlled via <code>com.openexchange.capability.invite_guests</code>, either globally in the configuration file <code>permissions.properties</code>, or on a more fine-granular level through the [https://oxpedia.org/wiki/index.php?title=ConfigCascade Config Cascade]
* The number of allowed share links per user may be specified via <code>com.openexchange.quota.share_links</code>, either globally in the configuration file <code>share.properties</code>, or on a more fine-granular level through the [https://oxpedia.org/wiki/index.php?title=ConfigCascade Config Cascade]
* The number of allowed guest invitations per user may be specified via <code>com.openexchange.quota.invite_guests</code>, either globally in the configuration file <code>share.properties</code>, or on a more fine-granular level through the [https://oxpedia.org/wiki/index.php?title=ConfigCascade Config Cascade]
* Both quotas can also be set on a per-context basis via a 'changecontext' call and the <code>quota-module</code> and <code>quota-value</code> options, see [http://oxpedia.org/wiki/index.php?title=AppSuite:Context_management#changecontext]. The module IDs are accordingly <code>share_links</code> and <code>invite_guests</code>.
* Quotas are always checked per-user, per default both are set to 100. You'll probably want to increase the quota for links when enabling the link mail feature available with OX App Suite 7.8.2.

== Removing Shares ==

The lifetime of shares is implicitly bound to the lifetime of the associated permission of the guest user entity. So, once a permission entity pointing to a (named or anonymous) guest user account is removed from the parent folder or item, this also leads to the removal of the associated share itself. Afterwards, the contents are no longer accessible for the guest user. For shares that were created with a specific expiry date, it is ensured that they can no longer be accessed via their share link after expiring. Additionally, expired shares are cleaned up periodically within a background task.

'''''Administrator Notes:'''''

* Shares may be revoked manually using the commandline utility <code>removeshares</code>
* The interval of the periodic cleanup task can be controlled via <code>com.openexchange.share.cleanup.periodicCleanerInterval</code> in <code>share.properties</code>

== Share Links & Tokens ==

Shares are accessed with a hyperlink that contains the so-called share "token". This 24-byte token uniquely identifies the associated guest account on the system, and carries enough randomness that it can't be guessed. Explicitly invited guest users receive this hyperlink in the invitation mail to a share, while in case of an "anonymous" share where just the link itself was generated, it's up to the sharing user to distribute the link on his own. Besides the token, a share link may contain an additional path that points to the concrete folder and item, which just aids to jump to the shared item in the web interface directly. The following shows an example of a share link:

<code>https://share.example.com/ajax/share/48b2b6190151f1bd8b4b610151f0405d9fc8cb89a087f14e/1/2/ODAxMDY</code>

If a guest user has been invited to more than one share in a context (based on his e-mail address), his individual share token remains equal, so that he will have access to all shared contents in the web interface after following any of the share links he received. However, the additional "path" still points to the concrete item. When inviting more than one guest user to the same share, each recipient will get his own individual share link.

Once the share URL is requested from the server, the associated guest account is looked up and, depending of the guest type, the request is redirected to a specific login screen or directly into the App Suite web interface. More details regarding the different login modes are described at [[#Guest_Login_&_Session_Handling|Guest Login & Session Handling]].

After a share has been revoked (either explicitly, by removing the permission, or if the share is expired), share links can't be accessed any longer, and, after the last share for the guest user was removed, the guest account is removed from the system automatically.

'''''Administrator Notes:'''''

* The share token is stored as user attribute <code>com.openexchange.shareBaseToken</code> in the corresponding guest user account
* The target database schema for a share and the associated guest account is extracted from the context identifier encoded in the share token

== Guest Users ==

As outlined above, guest users are created on demand once something is being shared. We basically distinguish between two types of guest users: Those that were invited explicitly by the sharing user, or "anonymous" guest users that are able to access by visiting the share link. Access for the latter one may optionally be secured with a fixed PIN code.

For both kinds of guest users, a corresponding user account is provisioned dynamically on the system once a new share is created. Such a guest account is handled much similar as an account for a regular user, with the following main exceptions:

* No access to the "Mail" module
* No personal folders
* No access to the "Portal"
* No access to the global address book
* Module access is restricted to only include modules from the actual shares

All those restrictions are configured and enforced using the built-in mechanisms of the Open-Xchange Server, i.e. by a reduced set of capabilities (i.e. module permissions), or by selectively set permission bits in the folder tree for the virtual guest group. This ensures that guest users are only able to access things they explicitly have been invited to, as well as a transparent handling of guest accounts within all subsystems.

'''''Administrator Notes:'''''

* Guest users are stored much similar as regular users in the database (tables <code>user</code>, <code>prg_contacts</code>, <code>user_attribute</code>, <code>user_configuration</code>)
* Additionally, the identifier of the user who (initially) created the guest account is stored in <code>user.guestCreatedBy</code>, i.e. if this column is not <code>0</code>, this entry refers to a guest user
* All service calls and APIs that list or search users have been adjusted to be "guest-aware", i.e. by default, guests users are not included in the output, yet may be included explicitly with additional parameters (namely <code>includeGuests</code> and <code>excludeUsers</code>)
* Service calls and APIs that request data explicitly based on an entity's identifier are also working with guest users, i.e. if a specific idnetifier points to a guest, then the referenced guest data is returned

=== Capabilities ===

Guest users always have the <code>guest</code> capability set. Besides they are generally configured with a limited permission set, that allows them just to work with their shared items. This permission set includes:

{|
!Permission
!Capability
!Details
|-
|<code>deniedportal</code>
|
|No <code>portal</code> capability
|-
|<code>editpublicfolders</code>
|<code>edit_public_folders</code>
|
|-
|<code>readcreatesharedfolders</code>
|<code>read_create_shared_folders</code>
|
|-
|<code>editpassword</code>
|<code>edit_password</code>
|Only for invited guests, not links
|}

Additionally, for every module the guest is having shared items in, the according module permission is granted, e.g. a shared drive folder results in permission <code>infostore</code> and the according capability. Guest users are never allowed to share folders or items on their own, i.e. the capabilities <code>share_links</code> and <code>invite_guests</code> can never be set.

'''''Administrator Notes:'''''

This limited capability set can be extended by configuration. Currently three modes are supported:

{|
!Mode
!Description
|-
|deny_all
|No further capabilities are applied to guest users, except ones that have been explicitly set for the guest user via <code>changeuser --capabilities-to-add</code>.
|-
|static
|A static list of capabilities is applied to guest users via the <code>com.openexchange.share.staticGuestCapabilities</code> property. Additionally capabilities that have been explicitly set for the guest user via <code>changeuser --capabilities-to-add</code> are applied.
|-
|inherit
|All capabilities of the user who "created" the guest, i.e. created the link or initially invited somebody, are applied to the guest user. Additionally capabilities that have been explicitly set for the guest user via <code>changeuser --capabilities-to-add</code> are applied.
|}

The mode can be configured via the <code>com.openexchange.share.guestCapabilityMode</code> property in <code>share.properties</code>. This property is config-cascade capable, so it can for example be overridden for certain sets of contexts. The same applies to the <code>com.openexchange.share.staticGuestCapabilities</code> property.

Due to this configuration mechanism it is possible to increase the user experience for guests and even allow some real collaboration. As an example one could apply the following configuration to allow guests to see preview images of files and edit shared documents with OX Text and OX Spreadsheet:

<pre>com.openexchange.share.guestCapabilityMode = static
com.openexchange.share.staticGuestCapabilities = document_preview, text, spreadsheet</pre>

=== Anonymous Guest Users ===

If a "share link" is created, this results in an implicit creation of an anonymous guest user account on the server. The "secret" to access the shared contents is the share token itself that is encoded in the generated share link, so that everybody that knows the share link is able to access the shared contents. Optionally, such an anonymous share link may be secured with an additional PIN code. Guest users will be prompted to enter this PIN code when attempting to access the share.

To have a strict separation between different shared contents, each time a folder or item is shared using the "Get a link" method, a designated anonymous guest account for this share is used. Consequently, each time such an anonymous share is revoked, this guest account is terminated again with no further delay. Additionally, such an anonymous guest entity can only be applied to the permission set of the folder or item the original link was created for, i.e. it's not possible to add more shared contents to an anonymous guest - in contrast to an invited, named guest user.

Besides the common restrictions for guest accounts outlined above, the following applies for anonymous guest user accounts:

* No e-mail address or display name
* No password, if no PIN was assigned by the sharing user
* A password that may only be changed by editing the link, if a PIN code was set
* Anonymous guest users may only receive "read-only" access permissions to the shared item
* Optionally, an expiry date can be applied for an anonymous guest user after which the share link is no longer accessible

'''''Administrator Notes:'''''

* The PIN code for anonymous guest users is stored using symmetrical encryption in the database, therefore, an encryption key needs to be specified via the property <code>com.openexchange.share.cryptKey</code> in <code>share.properties</code>

=== Named Guest Users ===

Internal users are able to invite a guest user to a folder or item explicitly by specifying the e-mail address of the recipient. Such "named" guest users are internally stored as individual guest users, identified by their e-mail address.

If data is shared for the first time to the recipient in the context, a new guest user account is provisioned and an initial set of user permissions and capabilities is assigned. In case there are already shares in different contexts to the same recipient (based on his e-mail address), some existing user data like a display name or an assigned password is copied over if a cross-context database is available on the system.

If the recipient has already been invited from the same or another internal user in the context to another share before, the new share is added to the guest user in a way that the underlying folder- and object permissions are taken over, and the user capabilities getting expanded as needed to cover all modules the shares are located in. Similarly, if a share to a named guest user is revoked and the underlying folder- and object-permissions are removed, the guest user capabilities are updated implicitly to reflect the modules of the remaining shares.

After the last share to a named guest user has been revoked, the user has no longer access to any data. The account itself gets removed from the context automatically after a configurable expiry time. Additionally, any data that is stored for the guest user in the cross-context database is removed once the guest user has been deleted from all contexts in the system.

In contrast to an "anonymous" guest user, a named guest user has access to all shared items from a context after logging in, since the permissions get added to an existing guest user account automatically. For entering the web interface, he may use any of the share links that were sent to him in the different notification messages. Those links usually point to an individual share target like a folder or file, but the guest user may navigate to the other shared contents using the folder tree of the web interface in the same way as regular groupware users do. Similarly, if the guest user has access to shares from different modules, the modules can be switched in the web interface as usual.

'''''Administrator Notes:'''''

* The timespan after which an unused named guest user should be removed from the system can be configured via <code>com.openexchange.share.cleanup.guestExpiry</code> in <code>share.properties</code> - this value may also be set to <code>0</code> to force an immediate removal
* For the removal of no longer needed guest user accounts, a periodical cleanup task is scheduled based on the interval of <code>com.openexchange.share.cleanup.periodicCleanerInterval</code>
* Whether a cross-context database is considered for guest users may be configured via <code>com.openexchange.share.crossContextGuests</code>

== Guest Login & Session Handling ==

Based on the underlying guest user account, different login operations with different authentication workflows are possible.

=== Authentication ===

We have basically three different authentication options for guest users accessing a share, each of them having their own characteristics.

==== Anonymous ====

* Access is granted without providing additional authentication information, the knowledge of the link is sufficient
* When accessing the share link, a guest session is spawned implicitly
* Initially supplied cookies are considered to recycle an existing session
* The login screen is skipped, we'll redirect to the module/folder/item directly (using appropriate URL fragments)

==== Anonymous with PIN ====

* Access is granted for anonymous guest users providing a password / PIN code
* When accessing the share link, the client is redirected to the login screen of the webinterface, using <code>login_type=anonymous</code>
* User can then enter his PIN code, client executes the <code>anonymous_login</code> method, server authenticates, sends back a login response containing the target in the app suite webinterface (module/folder/item)
* Password can't be changed by an anonymous user
* Password can be re-constructed / changed by sharing user

==== Guest without Password ====

* Access is granted without providing additional authentication information, the knowledge of the guest's individual link is sufficient
* When accessing the share link, a guest session is spawned implicitly
* Exiting cookies are considered to recycle an existing session
* The login screen is skipped, we'll redirect to the module/folder/item directly (using appropriate URL fragments)
* Guest user may choose an individual password at a later stage

==== Guest with Password ====

* Access is granted for guest users providing a user name and password.
* Much similar to a regular groupware user
* When accessing the share link, the client is redirected to the login screen of the webinterface, using <code>login_type=guest</code> and <code>login_name=<NAME></code>
* The login name is used to pre-fill the username input
* User can then enter his password, client executes the <code>guest_login</code> method, server authenticates, sends back a login response containing the target in the app suite webinterface (module/folder/item)
* Password can be changed by guest user
* Guest user may reset his password if he can't remember

=== Guest Hostname ===

For serving shares, a separate guest hostname needs to be configured. This is mainly required to prevent guest- and regular user sessions using the same cookie container when logged in in the same client (otherwise, the cookie holding the alternative session identifier as well as other cookies would get overwritten concurrently). Additionally, this allows to have separate entry points to the web client for guest- and regular users.

The hostname for guests is used when generating external share links, as well as at other locations where hyperlinks are constructed in the context of guest users. Usually, the guest hostname refers to a separate subdomain of the installation like <code>share.example.com</code>, and is defined as an additional named virtual host pointing to the web client's document root in the webserver's configuration.

Once the webserver configuration is done and the web client is accessible using the guest hostname, this hostname needs to be specified in the backend configuration, too. In simple scenarios, where a fixed guest hostname should be used for the installation, this can be done statically in a configuration file. This setting may also be overridden per context via the Config Cascade. In case a dedicated hostname service is installed (for example <code>open-xchange-hostname-ldap</code>), this hostname service is also supposed to supply the guest hostname.

'''''Administrator Notes:'''''

* The guest hostname may be specified via <code>com.openexchange.share.guestHostname</code>, either globally in the configuration file <code>share.properties</code>, or on a more fine-granular level through the [https://oxpedia.org/wiki/index.php?title=ConfigCascade Config Cascade]
* The guest hostname may also be supplied via dedicated hostname services like <code>open-xchange-hostname-config-cascade</code> or <code>open-xchange-hostname-ldap</code>
* For test purposes, guests may also access the web interface using the same host as regular users do, however, this might lead to unexpected results (missing images, sessions timing out, auto-login malfunction...)

=== Cookies ===

Guest sessions basically make use of the same cookies as regular user sessions do. This includes the JSESSONID cookie for the JVM route, as well as the <code>open-xchange-secret-<hash></code> and <code>open-xchange-public-session-<hash></code> cookies. Additionally, if configured, the client may also issue a <code>store</code> request to persist the open-xchange-session-<hash> cookie. This cookie may then be used to auto-login the guest client into the previously used session if it is still valid.

Besides the common cookies, another special cookie is set: <code>open-xchange-share-<hash></code>. The value contains the unique share token bound to the guest user accessing the share. here, the cookie hash is calculated as it's done for ordinary sessions, so that there can only be one <code>open-xchange-share-<hash></code> cookie in a client at the same time. Whenever an auto-login request is issued by the client, the server checks for the existence of this "share" cookie, and, once recognized and checked for validity, it will try to perform the auto-login for an existing guest session first, i.e. using the session cookie based on the special guest hash calculation outlined above. Otherwise, the common auto-login process takes place. The "share" cookie is removed once the guest session terminates, i.e. the guest user logs out.

Since guest users access the web interface on a separate (sub)domain (see [[#Guest_Hostname|Guest Hostname]] above for details), guest session cookies won't interfere with cookies of a regular session on the same client. This allows to use the regular user session as well as one or more guest sessions in parallel - e.g. if the sharing user quickly wants to check how the contents appear for the guest user after generating a share link.

'''''Administrator Notes:'''''

* Whether guest sessions are enabled for auto-login is configurable via the property <code>com.openexchange.share.autoLogin</code> in <code>share.properties</code>
* By default, the cookie TTL for guest sessions is inherited from the TTL for cookies of regular sessions as defined by <code>com.openexchange.cookie.ttl</code> - this default may be overridden by defining a timespan at <code>com.openexchange.share.cookieTTL</code>

=== Login Modes ===

When accessing a share link, one of the following login modes is triggered to acquire a session and forward the client to the share target. The executed login operation and redirect depends on the authentication mode of underlying guest account, the share target iteself, and the client accessing the share.

==== Redirect to Target ====

In case a share is accessible without providing credentials, the client is redirected to the share target directly, i.e. without prompting for a username or password. By default, the client is redirected to the target in the App Suite web interface by responding the <code>GET</code> request to the share link with <code>HTTP 302</code>, and a location header like the following:

<code>Location: /appsuite/ui#!&session=80c711019d6f48b5bec9cd82758e3308&store=true&user=&user_id=642&context_id=1&m=files&f=41042</code>

The session for the guest user is created implicitly in the backend after checking the share link's validity, and the client is instructed to store appropriate cookies in the redirect response, including the "share" cookie:

<code>Set-Cookie: open-xchange-secret-aNobP2G9wLHJ6sMr7vtTA=38ee770d6e4f42ab8366d91db3279931; Expires=Thu, 13-Aug-2015 06:16:26 GMT; Path=/; Secure; HttpOnly</code><br />
<code>Set-Cookie: open-xchange-public-session-d0759656127fb7cee6e0fe8bb5fe19f9=cae6a3e712ac429e9da9194abd389cb3; Expires=Thu, 13-Aug-2015 06:16:26 GMT; Path=/; Secure; HttpOnly</code><br />
<code>Set-Cookie: open-xchange-share-b7gDSqJpnh9gS3Fs52I65Q=0ad50ac00418fbcdad50ac1418f94fb181d51b8fa7b2bde3; Expires=Thu, 13-Aug-2015 06:16:26 GMT; Path=/; Secure; HttpOnly</code>

==== Redirect to Login Screen ====

If additional credentials, i.e. an additional PIN code or username/password combination, are required to access a share target, and no "special client" like an iCal consumer is detected by the backend, the client is redirected to the login screen of the app suite webinterface. The GET request to the share link is answered with statuscode HTTP 302, and a location header depending on the required credentials to access the share.

If the share ought to be accessed anonymously, but protected by a PIN code, a location like the following is added to the response header:

<code>Location: /appsuite/ui#!&share=08b4b6110151f1bd7d4b610151f0405d9fc8bb89a887f04e&login_type=anonymous&message_type=INFO&message=Tony%20Parker%20has%20shared%20the%20folder%20%22Pictures%22%20with%20you.%20Please%20log%20in%20to%20view%20it.%20&target=151ebb38</code>

For shares to dedicated guest users identified by their e-mail address, the redirect location looks like follows:

<code>Location: /appsuite/ui#!&share=4ac9eb590f9ca4d2ac9eb58f9ca611ec9b4f4638d288c8c0&login_type=guest&message_type=INFO&message=Tony%20Parker%20has%20shared%20the%20file%20%22Agenda.pdf%22%20with%20you.%20Please%20log%20in%20to%20view%20it.%20&login_name=ray%40example.com&target=4444cbc7</code>

The redirect response already contains the <code>Set-Cookie</code> header for the JVM route. On the redirect target, the client should request the PIN code or password from the user, and then issue a special login request, supplying the share token and optional target from the URL parameters, and the password as URL encoded form data in the request body, similar to the usual login request via POST. After successful authentication, the login response includes, along with the common login response properties like the session identifier, information about the share target being accessed:

<code>{"session":"b89af2c2ce494ce4b4573c0632b48e89","user":"ray@example.com","user_id":660,"context_id":1,"locale":"en_US","module":"files","folder":"10","item":"10/456398", ... }</code>

Additionally, the client is instructed to store the secret cookies:

<code>Set-Cookie: open-xchange-share-b7gDSqJpnh9gS3Fs52I65Q=0ac9eb590f9ca4d5ac9eb58f9ca641ec9b4f4638d288c8a0; Expires=Thu, 13-Aug-2015 06:31:21 GMT; Path=/; Secure; HttpOnly</code><br />
<code>Set-Cookie: open-xchange-secret-MBIRg9bJBLduCcosqQBCw=70187de16f844be6880c18be373b953d; Expires=Thu, 13-Aug-2015 06:31:21 GMT; Path=/; Secure; HttpOnly</code><br />
<code>Set-Cookie: open-xchange-public-session-d0759656127fb7cee6e0fe8bb5fe19f9=4e797a59758a4dd7b763912472ccf26d; Expires=Thu, 13-Aug-2015 06:31:21 GMT; Path=/; Secure; HttpOnly</code>

Afterwards, the client is able to use the session to access the share target as usual.

=== Session Lifecycle ===

Generally, guest sessions on the server are treated just like the sessions of ordinary users. Especially, guest sessions are also held in the local session containers of the backend host they're associated with. However, by default guest sessions are marked as <code>transient</code>, i.e. they are not moved to the long-term session containers, nor they are put into the distributed session storage.

If OX Documents functionality is used for guest users in a cluster of application servers, this setting needs to be adjusted to <code>false</code> in order to also have guest sessions available in the distributed storage.

'''''Administrator Notes:'''''

* Guest sessions are also accounted in the monitoring outputs (e.g. in the sessions per container graphs)
* The <code>transient</code> handling of guest sessions may be changed via the property <code>com.openexchange.share.transientSessions</code> in <code>share.properties</code>

=== Logout ===

Guest sessions are terminated once a logout request is issued by the client, i.e. the user clicks the "Logout" button in the web interface, just like it is done for regular sessions. Additionally, guest sessions expire in the backend when not being used for a while, the actual timeout depends on the configured default session lifetime and whether they are treated as "transient" or not, as explained above.

Since guest users are not able to use the default login page for regular users, a custom logout location for guest users should be specified where guest users are taken to after clicking logout explicitly, or if their session expired.

If a share is consumed "directly", e.g. by downloading the binary contents of a file share directly (see [[#Consuming_Shares|Consuming Shares]] for details), the guest sessions is terminated instantly after serving the request.

'''''Administrator Notes:'''''

* The logout location for guest accounts can be customized via <code>guestLogoutLocation</code> in the file <code>as-config.yml</code> (see file <code>as-config-default.yml</code> for an example)

== Share Notifications ==

With the new sharing concept, notification mails can be sent out to the permission entities (i.e. internal or guest users) of folders or items. Mechanisms exist to send out such mails implicitly or explicitly. Notifications are sent out implicitly, if externals are invited as guests and can also be sent out for internal invitations, if configured so. The client (e.g. App Suite UI) decides on its own whether implicit notifications shall be sent when updating a folders or items permissions. Besides there are separate API calls for sending out notification messages explicitly. Its on the client to provide this functionality to its users. This makes it possible to re-send a link to a folder or item to an existing permission entity.

Sending out links to shared folders and items is not the only case for notification messages, it can also be necessary to send out system notifications to guest users. Currently this is the case when a guest user secured his account with a password and needs to reset that password, because he cannot remember.

'''''Administrator Notes:'''''

* A special transport must be configured for system notifications and cases where the sharing user has no configured webmail account. This transport is configured in <code>noreply.properties</code>. All properties therein are config-cascade capable, so their values can be sensitive to the current user or context.
* It is possible to disable the implicit notification of internal users about shared folders or items at all by setting <code>com.openexchange.share.notifyInternal</code> in <code>share.properties</code> to <code>false</code>.
* The layout of notifications mails can be changed via <code>as-config.yml</code>. All available properties are defined and explained in <code>as-config-defaults.yml</code>.

== API Access ==

From a client's point of view, guest users basically don't differ from regular users, although they usually have limited capabilities, for example no mail access or no personal folders. However, all those differences are reflected within the regular permission- and capability-concepts, so that existing clients, once the guest user is authenticated and has a valid session, continue to work transparently, and use the same API calls as with a regular groupware user.

To create or manage shares and guest users, the HTTP API has been extended at various locations. The following list gives an overview about the changes, derived from the corresponding software change requests.

=== Format change for object identifiers of the default "infostore" account ===

As preparation for individual object permissions where a file can be accessed from different folder "views", the object IDs for documents in the default "infostore" file storage account will get enhanced with the prefixing folder ID.

The identifiers will now be of format <code><some numbers>/<more numbers></code>. Object identifiers are already of type <code>String</code>, so this change should usually be transparent to clients. However, there may be some clever clients out there that for example tried to interpret the string of numerical characters as number, so client developers should double-check their implementation for compatibility. They most likely would run into trouble when coping with non-infostore file storages anyway.

=== Object permissions for files ===

In order to define permissions on object-level, a new property <code>object_permissions</code> for objects of type <code>infoitem</code> is introduced. Each time the underlying folder permissions are not sufficient to access an item, those object permissions are taken into account. Object permissions are stored as an array of Object Permission objects as defined below within the detailed infoitem data, the column ID is <code>108</code>.

Details about the JSON structure are available at:

* [http://oxpedia.org/index.php?title=HTTP_API#DetailedInfoitemData HTTP API: Detailed Infoitem Data]
* [http://oxpedia.org/index.php?title=HTTP_API#ObjectPermissionObject HTTP API: Object Permission Object]
* [http://oxpedia.org/index.php?title=HTTP_API#ObjectPermissionFlags HTTP API: Object Permission Flags]

=== New field for "user" data: "guest_created_by" ===

A new property has been introduced for users that needs to be exposed in our HTTP API, too. The following property is added to the detailed user data object:

* ID: 616
* Name: guest_created_by
* Type: Number
* Value: Contains the ID of the user who has created this guest in case this user represents a guest user; it is 0 for regular users

The property is read-only and can't be removed or set by clients.

See also:

* [http://oxpedia.org/index.php?title=HTTP_API#DetailedUserData HTTP API: Detailed User Data]

=== Extend folder- and object permissions for addressing external guests ===

For sharing files- or folders to external guests, the folder- and object permission objects are extended with additional properties. Those extended properties can be set during creation or update of the parent folder or file. The underlying shares and guest user entities for the referenced recipients are created automatically along with folder/file creation/update. Afterwards, the external recipients appear as regular "user" entities in the permission arrays in subsequent "get" requests.

Details about the extended JSON structure are available at:

* [http://oxpedia.org/index.php?title=HTTP_API#PermissionObject HTTP API: Permission Object]
* [http://oxpedia.org/index.php?title=HTTP_API#ObjectPermissionObject HTTP API: Object Permission Object]

=== New Ajax module: share/management ===

To work with shares, a new Ajax module is introduced.

The available actions in the module are described at:

* [http://oxpedia.org/index.php?title=HTTP_API#Module_.22share.2Fmanagement.22_.28preliminary.2C_available_with_v7.8.0.29 HTTP API: Module share management]

=== New column "shareable" in detailed infoitem data ===

Clients want to know quickly if an infostore item is shareable or not. A new (read-only) property named <code>shareable</code> of type Boolean with column identifier <code>109</code> is introduced for "detailed infoitem data". If "true", the can be considered as shareable, i.e. the item's object permissions may be adjusted by the user.

Further details are available at:

* [http://oxpedia.org/index.php?title=HTTP_API#DetailedInfoitemData HTTP API: Detailed Infoitem Data]

=== New action "shares" in module folder ===

To provide an overview of all folders of a certain modules that are shared to others, a new <code>shares</code> action is added to the Ajax module <code>folders</code>. It returns all personal folders of a certain module that are shared to other entities.

Further details are available at:

* [http://oxpedia.org/index.php?title=HTTP_API#Get_shared_folders_.28Since_7.8.0.2C_Preliminary.29 HTTP API: Get shared folders]

=== New action "shares" in module infostore ===

To provide an overview of all files that are shared to others, a new <code>shares</code> action is added to the Ajax module <code>infostore</code>. It returns all personal files that are shared to other entities.

Further details are available at:

* [http://oxpedia.org/index.php?title=HTTP_API#Get_shared_infoitems_.28Since_7.8.0.2C_Preliminary.29 HTTP API: Get shared infoitems]

=== New fields to retrieve extended permissions of files and folders ===

Clients would like to have more details about permission entities folders directly. A new read-only property named <code>com.openexchange.share.extendedPermissions</code> is introduced for "Detailed folder data", with column identifier <code>3060</code>. It basically contains the same as the regular <code>permissions</code> array, yet enhanced by resolved information about the user, group or guest entities as well as additional, sharing-related properties.

Similarly, a new read-only property named <code>com.openexchange.share.extendedObjectPermissions</code> is introduced for "Detailed infoitem data", with column identifier <code>7010</code>. It basically contains the same as the regular <code>object_permissions</code> array, yet enhanced by resolved information about the user, group or guest entities as well as additional, sharing-related properties.

Further information about the JSON structure is available at:

* [http://oxpedia.org/index.php?title=HTTP_API#ExtendedPermissionObject HTTP API: Extended Permission Object]
* [http://oxpedia.org/index.php?title=HTTP_API#ExtendedObjectPermissionObject HTTP API: Extended Object Permission Object]

== Consuming Shares ==

Depending on the shared contents and the requesting user agent, shares may be consumed in a couple of different ways. The concrete response to a request to the share URL is evaluated by the share servlet in the backend.

=== App Suite ===

The default handling for all shares is forwarding them to the App Suite web interface, where the shared contents are made available through the existing client. Based on the underlying guest account, the client is either forwarded to the login prompt, or taken directly to the share target if no credentials need to be provided. This process is described in more detail at [[#Guest_Login_&_Session_Handling|Guest Login & Session Handling]].

=== Direct Download ===

Shares to a single file may also be downloaded directly by clients, without opening them in the web interface first. This is indicated by an additional parameter appended to the plain share link, and can be specified in the following ways:

* Append <code>dl</code> parameter:<br />
<code>https://ox.example.com/ajax/share/48b2b6190151f1bd8b4b610151f0405d9fc8cb89a087f14e/151eab38?dl=true</code>
* Specify <code>delivery</code> parameter:<br />
<code>https://ox.example.com/ajax/share/48b2b6190151f1bd8b4b610151f0405d9fc8cb89a087f14e/151eab38?delivery=download</code>

If accessing the item requires authentication, an unauthenticated request is responded with <code>HTTP 401 Unauthorized</code>. The client then has to provide the correct credentials to access the share via basic authentication. If there's no dedicated username for the underlying guest account - i.e. an "anonymous" share link protected with a PIN code is accessed - only the password is checked, i.e. the client may then supply an arbitrary username in the basic authentication header like "Guest".

=== Get iCal ===

Shares to a single calendar- or task-folder may also be downloaded directly by clients as iCal files, without opening them in the web interface first. This standard format allows to consume event data directly using various calendaring clients, which often can be configured to subscribe an external calendar source.

Once a share link to a calendar- or task-folder is requested by the client, the <code>Accept</code>- and <code>User-Agent</code> headers of the request are evaluated. If the <code>Accept</code> header is either set to <code>text/calendar</code> or <code>text/iCal</code>, or if the <code>User-Agent</code> header denotes a well-known client like Microsoft Outlook or Mozilla Thunderbird w/ Lightning, the contents of the shared folder are converted to an iCal file that is directly written back in the response.

To force the iCal output, an additional parameter may be appended to the plain share link:

* Append <code>ical</code> parameter:<br />
<code>https://ox.example.com/ajax/share/48b2b6190151f1bd8b4b610151f0405d9fc8cb89a087f14e/151eab38?ical=true</code>

If accessing the item requires authentication, an unauthenticated request is responded with <code>HTTP 401 Unauthorized</code>. The client then has to provide the correct credentials to access the share via basic authentication. If there's no dedicated username for the underlying guest account - i.e. an "anonymous" share link protected with a PIN code is accessed - only the password is checked, i.e. the client may then supply an arbitrary username in the basic authentication header like "Guest".

'''''Administrator Notes:'''''

* The interval of task- and appointment data considered for conversion to iCal can be adjusted via <code>com.openexchange.share.handler.iCal.futureInterval</code> and <code>com.openexchange.share.handler.iCal.pastInterval</code> in configuration file <code>share.properties</code>

== Cross-context functionality ==

As already mentioned in previous sections the administrator is able to configure if guests should be handled per context (default) or server wide by using the configuration parameter <code>com.openexchange.share.crossContextGuests</code>.

If set to <code>true</code> the guests email address is used to recognize if there is already a registered user with the given address and aligns the stored password to the already existing guest user. In addition to the password (which is the most important parameter this feature is about) even the users contact data gets synchronized.

'''''Administrator Notes:'''''

* To handle user and contact data across contexts boundaries the feature has to be enabled before a guest receives the first share. Guests that receive shares before the activation cannot be considered within the alignment process. Only latter shares will be considered.
* At the moment this feature does only sync user and contact related data (no shared content). If the user got two shares from different contexts he will only see shares related to the given link.

== Publish/Subscribe vs. Sharing ==

The upcoming sharing features are going to replace the previously used OXMF "publications", allowing guest users to interact with the shared data in the same way as regular groupware users do. However, since the underlying concepts and their technical realization are completely different, a seamless migration between publications and shares is not possible without some drawbacks.

The following list gives an overview of the main discrepancies:

* Custom templates for OXMF publication targets<br />An adminsitrator/admin may have defined some custom publication targets that are using the published data in a special way. While shares would still make all the data available (mainly via the web interface), this would only be a drop-in replacement for the ordinary "view the publication in a browser" use case, but not for anything beyond that scope.
* Subscribe of publications<br />Publications from one user can be added to another user's groupware using the "subscribe" functionality, making use of the embedded microformat data of publications (OXMF). For sharing, we will not have a similar feature in the first iteration, so migrating an existing publication to a share would also stop it from being subscribable.
* Deep links to download files of publications<br />Files behind an infostore publication were accessible behind a static URL, which would theoretically allow them to be requested independently of the parent publication (e.g. images linked from an external website). While the entry URL to a publication would be mappable to a corresponding share URL, converting existing publications to shares would at least break such deep links.

Because of the above points and the whole different concept, we do not migrate existing publications to shares. Instead, the default behavior will be:

* No new OXMF publications or subscriptions can be created by default
* The web client does no longer give the option to publish or subscribe in the OXMF format
* Existing OXMF publications / subscriptions can't be updated
* Existing OXMF publications continue to work as is, including associated subscriptions
* Yet it's still possible to delete existing publications and subscriptions
* Therefore, the menu section "Publications and Subscriptions" will still be available (if there's at least one publication or subscription)

Exceptions to these rules cover special internal subscriptions to 3rd party services like addressbooks from LinkedIn (removed since 7.10.0) or Xing, as well as the auto-publish feature of mail attachments exceeding a specific size.

'''''Administrator Notes:'''''

* The possibility to create/update OXMF publications via HTTP-API may be configured via <code>com.openexchange.publish.createModifyEnabled</code> in file <code>publications.properties</code>
* The possibility to create/update OXMF subscriptions via HTTP-API may be configured via <code>com.openexchange.subscribe.microformats.createModifyEnabled</code> in file <code>microformatSubscription.properties</code>

== Limit file accesses for named/anonymous guests (since 7.8.2) ==

As links to shares might be shared without knowing the audience we introduced a mechanism to prevent abuse.

Therefor the possibility to define size and/or count limits for named/anonymous guests has been introduced. As internal users can be considered as reliable it is not possible to define limits for them.

For named and anonymous guests there are two kinds of limits which apply to a defined time frame. The time frame acts as a sliding time window which means that based on the current request all earlier requests matching the time frame are cumulated and evaluated if one of the two limits is exceeded. If so, the request will be answered with an exception.

The two limits mentioned above are:

* size limits: how many content (in bytes) should the guest be allowed to download (within the defined time frame).
* count limits: how often should the guest be allowed to download a file or folder (within the defined time frame).

Named and anonymos guests can have different limits. Limits are valid for downloads of files and folders. Preview of images is not considered within the limit.

'''''Administrator Notes:'''''

* The anti-abuse mechanism will be available after updating the package open-xchange-core to release 7.8.2
* Additional parameters are located within the configuration file <code>share.properties</code>
* Per default the feature is disabled
* To enable the feature you have to set <code>com.openexchange.share.servlet.limit.enabled</code> to <code>true</code>. If not enabled all additional checks will be skipped. If you would like to set limits via config cascade those will only be checked if the feature itself is enabled.
* To be more flexible the administrator is able to overwrite limits by using the config cascade. As guests do not have fixed user identifiers only the 'context' level scope is supported.

After the feature is enabled you have the ability to configure fine-grained accesses via:
* <code>com.openexchange.share.servlet.limit.timeFrame.guests</code>: sliding time frame (in milliseconds) the limits are valid for named guests. Setting to 0 will disable the check for named guests (if not overwritten via config cascade).
* <code>com.openexchange.share.servlet.limit.timeFrame.links</code>: sliding time frame (in milliseconds) the limits are valid for anonymous guests. Setting to 0 will disable the check for anonymous guests (if not overwritten via config cascade).
* <code>com.openexchange.share.servlet.limit.size.guests</code>: the limit in bytes for named guests (valid for aboves time frame). Setting to 0 will disable the size check for named guests (if not overwritten via config cascade).
* <code>com.openexchange.share.servlet.limit.size.links</code>: the limit in bytes for anonymous guests (valid for aboves time frame). Setting to 0 will disable the size check for anonymous guests (if not overwritten via config cascade).
* <code>com.openexchange.share.servlet.limit.count.guests</code>: the limit for a number of downloads (valid for aboves time frame) for named guests. Setting to 0 will disable the count check for named guests (if not overwritten via config cascade).
* <code>com.openexchange.share.servlet.limit.count.links</code>: the limit for a number of downloads (valid for aboves time frame) for anonymous guests. Setting to 0 will disable the count check for anonymous guests (if not overwritten via config cascade).

=== Example configurations ===

A mixed configuration is possible. Have a look at the following examples assuming that <code>com.openexchange.share.servlet.limit.enabled</code> is set to <code>true</code>.

The following configuration only checks the count limit for anonymous guests. Named guests and the limit for download sizes will not be checked
* <code>com.openexchange.share.servlet.limit.timeFrame.guests:0</code> (# disabled)
* <code>com.openexchange.share.servlet.limit.timeFrame.links:3600000</code> (# 60 minutes)
* <code>com.openexchange.share.servlet.limit.size.guests:0</code> (# not considered as disabled)
* <code>com.openexchange.share.servlet.limit.size.links:0</code> (# size for 60 minutes not checked)
* <code>com.openexchange.share.servlet.limit.count.guests:0</code> (# not considered as disabled)
* <code>com.openexchange.share.servlet.limit.count.links:100</code> (# 100 downloads within 60 minutes)

The following configuration will check the count limit for named guests and the size limit for anonymous guests (both within the last 60 minutes).
* <code>com.openexchange.share.servlet.limit.timeFrame.guests:3600000</code> (# 60 minutes)
* <code>com.openexchange.share.servlet.limit.timeFrame.links:3600000</code> (# 60 minutes)
* <code>com.openexchange.share.servlet.limit.size.guests:0</code> (# disabled)
* <code>com.openexchange.share.servlet.limit.size.links:1073741824</code> (# 1 GB)
* <code>com.openexchange.share.servlet.limit.count.guests:1000</code> (# 1000 downloads within 60 minutes)
* <code>com.openexchange.share.servlet.limit.count.links:0</code> (# disabled)

It is possible to reload an adapted configuration by using reloadconfiguration command line tool.

[[Category: AppSuite]]
[[Category: Administrator]]

AppSuite:Capabilities

2018-02-08T08:29:26Z

Ioannis.chouklis: /* Query capabilities via the HTTP API */

'''Synopsis:''' How to use capabilities so that your new AppSuite plugin can be enabled or disabled.

__TOC__

== What are capabilities? ==

'''Usecase'''

You write a new UI app or plugin (chat module, for example) and in addition, you want to make sure that only a specific set of users or contexts within the system are allowed to use it.

''Example:'' Your chat app should only be available after a user has bought it in your online shop. To do so, you will need to implement the capabilities logic within your UI app or plugin and restrict it to a user or context marked accordingly (called "premium" in further examples).

== Set a capability ==

First, disable it for everyone as default (or enable it for everyone, depending on what your aim is).

In <tt>/opt/open-xchange/etc/[myproduct].properties</tt>:

com.openexchange.capability.[myproduct]=false # off for everyone

Then restart the OX Application Server and afterwards use the general OX AppSuite commandline tools to enable the capability/capabilities.

The commandline tools used in the following examples are located in:

/opt/open-xchange/sbin

In this example, only for a specific user:

changeuser ... --config/com.openexchange.capability.[myproduct]=true

...or for a full context:
changecontext -c ... --config/com.openexchange.capability.[myproduct]=true

...or set the capability to a context set:

changecontext -c ... --taxonomy/types=premium

To get the capability/capabilities working for context sets (like above), you also need to edit the contextSet files in:

<tt>/opt/open-xchange/etc/contextSets/premium.yml</tt>

And add the corresponding capability/capabilities:

premium:
com.openexchange.capability.[myproduct]: true
withTags: premium

Then restart the OX Application Server!

== Query capabilities via the HTTP API ==

Query:
GET /appsuite/api/capabilities?action=all&session=991fd40f635b45...
Response:
{"data":[{"id":"oauth","attributes":{}},{"id":"webmail","attributes":{}},{"id":"document_preview","attributes":{}},{"id":"printing","attributes":{}},{"id":"spreadsheet","attributes":{}},{"id":"gab","attributes":{}},{"id":"multiple_mail_accounts","attributes":{}},{"id":"publication","attributes":{}},{"id":"rss_bookmarks","attributes":{}},{"id":"linkedin","attributes":{}},{"id":"filestore","attributes":{}},{"id":"ical","attributes":{}},{"id":"rt","attributes":{}},{"id":"olox20","attributes":{}},{"id":"forum","attributes":{}},{"id":"active_sync","attributes":{}},{"id":"conflict_handling","attributes":{}},{"id":"rss_portal","attributes":{}},{"id":"oxupdater","attributes":{}},{"id":"infostore","attributes":{}},{"id":"contacts","attributes":{}},{"id":"collect_email_addresses","attributes":{}},{"id":"drive","attributes":{}},{"id":"rss","attributes":{}},{"id":"pinboard_write_access","attributes":{}},{"id":"mobility","attributes":{}},{"id":"calendar","attributes":{}},{"id":"participants_dialog","attributes":{}},{"id":"edit_public_folders","attributes":{}},{"id":"text","attributes":{}},{"id":"groupware","attributes":{}},{"id":"msisdn","attributes":{}},{"id":"carddav","attributes":{}},{"id":"tasks","attributes":{}},{"id":"portal","attributes":{}},{"id":"mailfilter","attributes":{}},{"id":"read_create_shared_folders","attributes":{}},{"id":"vcard","attributes":{}},{"id":"pim","attributes":{}},{"id":"caldav","attributes":{}},{"id":"projects","attributes":{}},{"id":"usm","attributes":{}},{"id":"webdav","attributes":{}},{"id":"dev","attributes":{}},{"id":"delegate_tasks","attributes":{}},{"id":"freebusy","attributes":{}},{"id":"subscription","attributes":{}},{"id":"linkedinPlus","attributes":{}},{"id":"autologin","attributes":{}},{"id":"webdav_xml","attributes":{}},{"id":"twitter","attributes":{}}]}

Here <tt>id</tt> is the name of the capability.

Note that the LinkedIn support was removed since 7.10.0

== Query capabilities in the UI ==
require(['io.ox/core/capabilities'], function (cap) { if cap.has('[myproduct]' { ... } );

== Require the capabilities in your UI manifest file ==
{
namespace: ...
requires: '[myproduct]'
}

Now your plugin will only be loaded if the capability '[myproduct]' is set for a specific user, context, context set.

== Testing the capabilities ==

* For testing purposes use an URL parameter to test capabilities.

Add the following parameter to your AppSuite URL in the browser to activate:

&cap=[myproduct]

or use

&disableFeature=[myproduct]

to disable a certain capability.

In general, after adding those URL parameters, you need to reload the UI to temporarly test/enable the set capability.

== Further informations ==
* See the dedicated wiki page of the [[ConfigCascade]] mechanism for more details.
* If you want to know about existing capabilities and the way they are used for upsell, see [[AppSuite:Upsell#Capabilities_and_Upsell_triggers]]

[[Category: AppSuite]]
[[Category: Upsell]]

[[Category: Developer]]
[[Category: Custom development]]

AppSuite:OX Tutorial 10K

2018-02-08T08:28:52Z

Ioannis.chouklis: /* Install and configure OX */

= Tutorial: OX AppSuite Setup for up to 10.000 users =

'''This article describes what you need for a typical OX AppSuite Setup for up to 10.000 Users with minimal efforts.'''

It contains everything you need to:
* Understand the design of the OX AppSuite setup including additional services
* Install the whole system based on the relevant articles
* Find pointers to the next steps of integration

= System Design =

[[Image:AppSuite-10k.png|frameless|alt=Architecture-10k|800px]]

The system is designed to provide maximum functionality with a minimum of necessary hardware. All OX services are running on one single machine.

== Core Components for OX AppSuite ==

* One OX AppSuite server (HW recommendation: 16GB RAM / 4 cores)
* MySQL installed directly on this server
* Optional: NFS Server to store documents and files

== Infrastructure Components not delivered by OX ==

* An email system providing IMAP and SMTP
* A control panel for creation and administration of users

= Overview Installation Steps =

'''To deploy the described OX setup, the following steps need to be done. '''

== Mandatory Steps ==
# Initialize and configure MySQL database
# Install and configure OX service

== Steps depending on your environment ==
# Connect Control Panel
# Connect Email System

== Recommended Optional Next Steps ==
# Automated Frontend Tests (see [[Automated_GUI_Tests|here]])
# Upsell Plugin (see [[AppSuite:Upsell|here]] and [[AppSuite:Upsell_tools|here]])
# Automatic FailOver
# Theming (see [https://documentation.open-xchange.com/latest/ui/theming.html here])

= Mandatory Installation Steps - Instructions & Recommendations =

'''The following steps need to be done in every case to get OX up and running:'''

== Install and configure OX ==

OX will be installed on the server.

* [[AppSuite:Open-Xchange_Installation_Guide_for_Debian_6.0|Download and Installation Guide for Debian GNU/Linux 6.0 (Squeeze)]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_Debian_7.0|Download and Installation Guide for Debian GNU/Linux 7.0 (Wheezy)]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_SLES11|Download and Installation Guide for SUSE Linux Enterprise Server 11]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_RHEL6|Download and Installation Guide for RedHat Enterprise Linux 6]]

You also should install and configure the OXtender for Business Mobility

[[AppSuite:OXtender_for_Business_Mobility_Installation_Guide|Installation of the OXtender for Business Mobility]]

Let your users connect to their data from other services like Twitter or LinkedIn (removed since 7.10.0) by configuring the "SocialOX"

[[SocialOX|SocialOX-Configuration]]

= Installation Steps depending on your environment - Instructions & Recommendations =

'''The following components need to be implemented in your environment.'''

{{OX_HE_Tutorial_CP}}

{{OX_HE_Tutorial_HGP}}

{{OX_HE_Tutorial_Plesk}}

{{OX_HE_Tutorial_Auth}}

== Connect Email System ==

Every email system providing IMAP and SMTP can be used as backend to OX. Best experiences are made with the widespread Linux based IMAP servers [http://dovecot.org/ Dovecot], [http://www.cyrusimap.org/ Cyrus] or [http://www.courier-mta.org/imap/ Courier].

Other IMAP servers need to be tested thoroughly before going into production.

There are several possibilities to implement the Email system:

# You already have an email system available: Nothing needs to be done, it just needs to be configured
# You use Plesk Panel: Nothing special needs to be done, everything you need is contained in the OXtender for Plesk
# You want to setup a new Email system: It is recommended to use Dovecot, as this is very stable, fast, feature rich and easy to scale

{{OX_HE_Tutorial_Dovecot}}

{{AppSuite:OX_Tutorial_Next}}

AppSuite:Versioning and Numbering

2018-02-08T08:28:29Z

Ioannis.chouklis: /* Please Note - Additional Information */

=Versioning and Numbering of Open-Xchange Products=

== Abbreviations ==

The Open-Xchange versioning 2015 will be structured in the following way:<br><br>
'''<generation>.<major release>.<minor release> Rev<build number>'''<br>

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |Abbreviation
!align="left" |Meaning
!align="left" |Comparison
|-
|<generation>
|The first number is the product generation number. A new generation may contain new architecture, different technology and many more.
|<font color="#008000">OX App Suite 7</font><font color="#FF0000"></font>
|-
|<major release>
|The second version number (major release) indicates significant program changes in terms of added functionality. Major changes to design and enhancements of APIs are possible. All APIs shall be backward compatible, which means, that mainly new functions can be added. If Open-Xchange releases a new major release this will be an even number, unstable interim releases have odd numbers.
|<font color="#008000">OX App Suite v7.6</font><font color="#FF0000"> </font>
|-
|<minor release>
|The third version number (minor releases) indicates an update with consolidated bug fixes and non-intrusive feature enhancements. APIs and database will not be changed if this can be avoided. All changes must be backward compatible.
|<font color="#008000">OX App Suite v7.6.1</font><font color="#FF0000"></font>
|-
|<build number>
|The Rev-number (Revision) shows the progress of the development in single steps
|<font color="#008000">OX App Suite v7.6.1-Rev3</font><font color="#FF0000"></font>
|-
|
|
|
|-
|Public Patch Release / Patch Release
|A Public Patch Release enables Open-Xchange to publish a feature together with a patch. This in turn enables Open-Xchange to react more flexibly to time requests for certain features, thus relieving minor releases and making it possible to shift them. Delivering a feature with a Public Patch Release requires:
* It can be implemented without far-reaching side effects. This is especially true for features that are implemented as plug-ins. To a limited extend, features affecting a limited sub set of core functionality can be included. Technical pragmatism is fine to reach the goal (e.g., copy & paste of functionality instead of abstraction into a service). This pragmatism has to be leveled out though as soon as the feature is ported into a more flexible branch.
*It can be deactivated and is deactivated by default. If a customer installs a Public Patch Release, the familiar feature set does not change. Only if explicitly activating the enhanced features, will they be available to the end user.
*If features require changes to the data base schema or configuration files, they have to be developed in such a way that they do not impair the running system.
*Side-effects of Public Patch Releases are evaluated by the respective developers. Together with the QA team, they make a test plan for checking for those side effects and other effects.
|
|}
<br>

== Release Levels of Open-Xchange ==

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |<font color="#008000">OX Release Level (new)
!align="left" |<font color="#008000">New Generation
!align="left" |<font color="#008000">Major Release
!align="left" |<font color="#008000">Minor Release
!align="left" |<font color="#008000">Public Patch Release
!align="left" |<font color="#008000">Patch Release
|-
|'''Target Audience'''
|All
|Public/All
|Maintenance customers & Partners
|Public/All
|L3 Support Customers, Value Package Partners
|-
|'''Purpose'''
|Provide new technologies
|Provide functional enhancements including Bug Fixes, accumulate earlier Patch Releases's / major releases. Major changes to design and enhancements of APIs are possible. All APIs shall be backward compatible.
|Provide common bug fixes for all customers, accumulate previous Patch Release's and non-intrusive feature enhancements. APIs and database will not be changed if this can be avoided. All changes must be backward compatible.
|Provide fixes for severity level 1/2 tickets, for all Support Customer, small features (developed in such a way that they do not impair the running system), temporary until next Maintenance Release accumulative.
|Provide fixes for severity level 1/2 tickets, for a specific Support Customer, small features, temporary until next Maintenance Release accumulative
|-
|'''Frequency'''
|Open-Xchange Roadmap
|Decided by Open-Xchange
|Decided by Open-Xchange
|As soon as required
|According to SLA
|-
|'''[[AppSuite:Version_Support_Committment|Support Committment]]'''
|5 years after First Customer Shippment (FCS)
|6 months after FCS (Latest Minor Release at the Major-Release cycle will be official supported)
|Last Minor Release of a supported Major Release
|Next Public Patch Release
|Next (Public) Patch Release
|-
|'''Requested by'''
|Product Management
|Product Management, Professional Services
|Support, QA, Product Management, Professional Services
|Entitled Customer (Support, Professional Services), Product Management
|Entitled Customer (Support, Professional Services)
|-
|'''Compatibility requirements/backward compatibility'''
|
|Database updates, Changes of configuration files
|Backward compatibility to last major release. In urgent cases there could be database updates or configuration file changes
|Backward compatibility to last major release
|Backward compatibility to last major release
|-
|'''Test Efforts OX (QA)'''
|Smoke Tests, Always Tests, Bug Fix Tests, Feature Tests, Dependencies Tests, Heuristic Tests, Performance Tests
|Smoke Tests, Always Tests, Bug Fix Tests, Feature Tests, Dependencies Tests, Heuristic Tests, Performance Tests
|Smoke Test, Always Tests, Bug Fix Tests, Dependencies Tests, Heuristic Tests, Performance Tests
|Smoke Tests, Always Tests, Bug Fix Tests - Fix Approval
|Smoke Tests, Always Tests, Bug Fix Tests - Support: Fix Approval
|-
|'''Test Efforts Customer/Partner'''
|Smoke Tests, Bug Fix Tests, New Feature Tests, Integration Tests
|Smoke Tests, Bug Fix Tests, New Feature Tests, Integration Tests
|Smoke Tests, Bug Fix Tests, Integration Tests
|Smoke Tests
|Smoke Tests, Bug Fix Approval
|-
|}
<br>

== Open-Xchange Server 6 ==

=== Editions ===
{| border="1" cellpadding="3" cellspacing="0"
!align="left" width="50"|Abbreviation
!align="left" width="200"|Description
!align="left" |Target usage
|-
|OX:HE
|Open-Xchange Hosting Edition
|Designed for organizations that want to provide a scalable, multi-tenant e-mail and collaboration solution to their customers. Focus: Software-as-a-Service offerings
|-
|OX:SE
|Open-Xchange Server Edition
|Designed for medium and large size organizations, educational institutions and public administrations seeking a customizable communication solution. Focus: System Integrators
|-
|OX:SEforUCS
|Open-Xchange Server Edition for Univention Corporate Server
|Integration to in-house customer environments
|}

== Open-Xchange App Suite ==

=== Editions ===
{| border="1" cellpadding="3" cellspacing="0"
!align="left" width="50"|Abbreviation
!align="left" width="200"|Description
!align="left" |Target usage
|-
|OX App Suite
|Open-Xchange App Suite Community Version
|Need to revitalize business growth and increase your competitive advantage? OX App Suite integrates smoothly into existing infrastructures and massively scales across multi-tenant architectures securely and reliably. Offer your users a seamless messaging experience to deliver branded, app-economy services and take back the user experience. German engineered and designed for a mobile world, OX App Suite uses open API's to deliver device independent access to email and messaging, social collaboration and digital media via a rich web-based interface. Through a modular App-based portal, HTML5 interoperability gives providers a new basis to up-sell and cross-sell white-labeled services and mobile applications.
|}

== Releases ==

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2007 2007]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2008 2008]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2009 2009]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2010 2010]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2011 2011]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2012 2012]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2013 2013]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2014 2014]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2015 2015]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2016 2016]===

===[http://oxpedia.org/wiki/index.php?title=Versioning_and_Numbering_2017 2017]===

===2018 ===

'''Please Note: Minor and Major Product Releases in bold'''

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |GA
!align="left" |Product
!align="left" |Major Release
!align="left" |Minor Release
!align="left" |Public Patch Releases
!align="left" |Shipped Packages
|-
|2018-01-08
|OX App Suite v7.8.3 and OX 6 Middleware v7.8.3
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.3-rev42<br>Open-Xchange App Suite Frontend v7.8.3-rev36
|-
|2018-01-08
|OX App Suite v7.8.4, OX 6 Middleware v7.8.4 and OX Documents v7.8.4
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.4-rev20<br>Open-Xchange App Suite Frontend v7.8.4-rev18<br>Open-Xchange Documentconverter 7.8.4-rev6
|-
|2018-01-09
|OX Guard v2.8.0
|
|
|[[File:check.gif]]
|Open-Xchange Guard v2.8.0-rev13
|-
|2018-01-22
|OX App Suite v7.8.3 and OX 6 Middleware v7.8.3
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.3-rev43<br>Open-Xchange App Suite Frontend v7.8.3-rev37
|-
|2018-01-22
|OX App Suite v7.8.4, OX 6 Middleware v7.8.4 and OX Documents v7.8.4
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.4-rev21<br>Open-Xchange App Suite Frontend v7.8.4-rev19<br>Open-Xchange Office-web v7.8.4-rev8<br>Open-Xchange Office v7.8.4-rev7
|-
|2018-02-05
|eM Client for OX App Suite v7.1.3
|
|[[File:check.gif]]
|
|eM Client for OX App Suite v7.1.32056
|-
|2018-02-07
|OX App Suite v7.8.4, OX 6 Middleware v7.8.4 and OX Documents v7.8.4
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.4-rev22<br>Open-Xchange App Suite Frontend v7.8.4-rev20<br>Open-Xchange Office-web v7.8.4-rev9<br>Open-Xchange Readerengine v7.8.4-rev4
|-
|2018-02-07
|OX App Suite v7.8.3, OX 6 Middleware v7.8.3 and OX Documents v7.8.3
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.3-rev44<br>Open-Xchange App Suite Frontend v7.8.3-rev38<br>Open-Xchange Office-web v7.8.3-rev12<br>Open-Xchange Readerengine v7.8.3-rev6
|-
|2018-02-07
|OX App Suite v7.8.2, OX 6 Middleware v7.8.2 and OX Documents v7.8.2
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.8.2-rev39<br>Open-Xchange Frontend v7.8.2-rev30<br>Open-Xchange Readerengine v7.8.2-rev6
|-
|2018-02-07
|OX App Suite v7.6.3, OX 6 Middleware v7.6.3 and OX Documents v7.6.3
|
|
|[[File:check.gif]]
|Open-Xchange App Suite / OX 6 Middleware (backend) v7.6.3-rev36<br>Open-Xchange App Suite Frontend v7.6.3-rev30<br>Open-Xchange Readerengine v7.6.3-rev3
|}

== Current Product Version Matrix ==

Open-Xchange products comprise of two major components: Front End and Back End. Each of these components can be rev’ed independently of each other. The following table shows the most recent combinations of Front End version and Back End version that make up a complete product version.

=== OX App Suite ===

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |Version
!align="left" |Backend
!align="left" |Frontend
|-
|v7.8.4
|v7.8.4-rev22
|v7.8.4-rev20
|-
|v7.8.3
|v7.8.3-rev44
|v7.8.3-rev38
|-
|v7.8.2
|v7.8.2-rev39
|v7.8.2-rev30
|-
|v7.6.3
|v7.6.3-rev36
|v7.6.3-rev30
|-
|}

=== Open-Xchange Server 6 ===

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |Version
!align="left" |Backend
!align="left" |Frontend
|-
|v7.8.4 / v6.22.13
|v7.8.4-rev22
|v6.22.13-rev5
|-
|v7.8.3 / v6.22.13
|v7.8.3-rev44
|v6.22.13-rev5
|-
|v7.8.2 / v6.22.12
|v7.8.2-rev39
|v6.22.12-rev4
|-
|v7.6.3
|v7.6.3-rev36
|v6.22.9-rev16
|-
|}

==Please Note - Additional Information ==

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |Product-, Release- and Component Name
!align="left" |Additional Information
|-
|File Storage Integrations
|OX App Suite has the possibility to let users integrate their cloud storage accounts of 3rd party services with the OX Drive module of the web UI: [[AppSuite:Filestorages|File Storages]]. Access to these services is intentionally limited to web UI and will not be part of the OX Drive apps or the existing WebDAV interface.
|-
|LinkedIn Integration
|Regarding the integration between OX App Suite and LinkedIn, we would like to notify you about an upcoming LinkedIn API change, which is used by the App Suite app server.

We were informed by LinkedIn this week that LinkedIn will restrict access to parts of their currently available API for all existing users and partners by May 15th. LinkedIn will only allow access to the full API, if you sign up for the LinkedIn partner program. Read More: [https://forum.open-xchange.com/showthread.php?9261 Open-Xchange Forum]

The LinkedIn integration was removed since 7.10.0
|-
|Facebook Integration
|Facebook has introduced a new API Permission called “read_stream”, which allows clients of their API to retrieve the Facebook stream of a user. This data was used in the OX App Suite Portal widget to give users instant access to their Facebook data without leaving App Suite. The issue with this new API permission is that Facebook only grants it to 3rd party applications which do not run on the following platforms (All platforms where Facebook already is present): Web, TV, iOS, Android, In-Car. Read More: [https://forum.open-xchange.com/showthread.php?9403 Open-Xchange Forum]
|-
|T-Online Integration
|Regarding the integration between App Suite and the social network T-Online, we would like to notify you about an upcoming T-Online change, which is used by the App Suite app server. As a result of the change from a clickable HTML page to a single-page-javascript application, the Open-Xchange App Suite Integration for T-Online will stop working and removed.
|}

==Maintenance expires==

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |Product-, Release- and Component Name
!align="left" |Maintance expires
|-
|In accordance with the supported platform policy, Open-Xchange will discontinue maintenance and support for Connector for Microsoft Outlook, Open-Xchange Updater (with all components inside) with the next major release (planned beginning of 2018). Existing customers with Connector for Microsoft Outlook in their portfolio, will receive full maintenance and support until beginning 2018. To support the discontinuation, we are happy to announce that Open-Xchange will provide releases of all native apps including OX Mail App, OX Drive App, eM client for OX App Suite and OX Sync App over the coming months. This has the advantage of providing a similar user experience on all devices, to all clients, and allows us to take a holistic approach to the development of our product portfolio.
|Beginning 2018
|-
|Open-Xchange will discontinue support for Apple iOS 9 with the next major release (planned beginning of 2018). Open-Xchange supports Apple iOS 11 now.
|Beginning 2018
|}

==Maintenance expired (Archive)==

{| border="1" cellpadding="3" cellspacing="0"
!align="left" |Product-, Release- and Component Name
!align="left" |Maintance expired
|-
|In accordance with the supported platform policy, Open-Xchange announces the discontinuation of support for Suse Linux Enterprise Server 11 (SLES 11) and Debian Wheezy with an upcoming release of OX App Suite, planned for Q4 2016. We encourage administrators to update to the latest operating system version, Suse Linux Enterprise Server 12 (SLES 12) and Debian Jessie. For details of all supported platforms and databases please refer to the requirements page at: http://oxpedia.org/wiki/index.php?title=AppSuite:OX_System_Requirements#Server_Platforms
|Since OX App Suite v7.8.3: 2016-11-30
|-
|In accordance with the supported platform policy, Open-Xchange discontinues support for the following platform operating systems: Apple iOS 8, Apple Mac OS X 10.10 (Yosemite), Windows 7 and Windows Phone 7.
|Since OX App Suite v7.8.3: 2016-11-30
|-
|In accordance with the supported platform policy, Open-Xchange announces the discontinuation of Internet Explorer 10 support for OX App Suite web frontend. This comes in with the release of OX App Suite v7.8.1. For details of all supported browsers please refer to the requirements page at:
http://oxpedia.org/wiki/index.php?title=AppSuite:OX_System_Requirements#Desktop_Browser_.28Minimum_display_resolution:_1024_x_768.29
|Since OX App Suite v7.8.1: 2016-03-31
|-
|Open-Xchange will discontinue support for Apple iOS 7 with the next major release of OX App Suite v7.8.0
|Since OX App Suite v7.8.0: 2015-10-07
|-
|Open-Xchange will discontinue support for Debian Squeeze (Debian 6) with the next major release of OX App Suite v7.8.0. We encourage administrators to update to the latest operating system version of Debian.
|Since OX App Suite v7.8.0: 2015-10-07
|-
|With the v7.8.0 release, Open-Xchange will discontinue support for the Random Token login method (sometimes also called Easy Login). Specifically, this means that the "login?action=redirect" call (see http://oxpedia.org/wiki/index.php?title=HTTP_API#Redirect) will be removed. Furthermore, the "com.openexchange.ajax.login.randomToken" setting will be removed from the "login.properties" file, and the "login?action=login" call will never contain the "random" token. We strongly encourage users of the Random Token login method to change their custom login implementations and use one of the supported methods.
|Since OX App Suite v7.8.0: 2015-10-07
|-
|Open-Xchange discontinues support for Apple Mac OS X 10.8 Mountain Lion with the minor release of OX App Suite, v7.6.2: 2015-03-11
|Since OX App Suite v7.6.2: 2015-03-16
|-
|Open-Xchange discontinues support for Apple iOS 6 with the minor release of OX App Suite, v7.6.2
|Since OX App Suite v7.6.2: 2015-03-16
|-
|Open-Xchange discontinued support of all old Android stock browsers on mobile and tablet devices with the release of OX App Suite v7.6.1. OX App Suite is only supported on the new official stock browser, Chrome on Android.
|Since OX App Suite v7.6.1: 2014-10-15
|-
|Support for AJP based communication between the HTTP server and the OX backend server. Open-Xchange already provides a new HTTP connector which is based on the Grizzly project. Download and configuration instructions are available at http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly
|Since OX App Suite v7.6.0: 2014-06-25
|-
|Open-Xchange discontinued OX App Suite web frontend support for Internet Explorer 9 with the major release of OX App Suite v7.6.0.
|Since OX App Suite v7.6.0: 2014-06-25
|-
|Open-Xchange discontinued Open-Xchange Server 6 and OX App Suite calendar and contact synchronization (CalDAV/CardDAV) support for Mac OS X 10.6 (Snow Leopard) and Mac OS X 10.7 (Lion) with the major release of OX App Suite v7.6.0.
|Since OX App Suite v7.6.0: 2014-06-25
|-
|Open-Xchange discontinued Connector for Business Mobility support for Windows Mobile 6, 6.5, Symbian (Mail for Exchange 3.x), Apple iPhone iOS 5 and Blackberry with the major release of OX App Suite v7.6.0.
|Since OX App Suite v7.6.0: 2014-06-25
|-
|With OX App Suite v7.4.2, the name of the “Files” app was changed to “Drive”. As part of our product strategy we developed clients for different desktop and mobile devices to provide improved file handling and synchronization.
|Since OX App Suite v7.4.2: 2014-02-11
|-
|Debian 7 (Wheezy) was released by the Debian project on May 4th 2013. Both OX App Suite and Open-Xchange Server 6 support Debian 7 with OpenJDK 7 and MySQL 5.5 with this release of OX App Suite. Please note that the combination Debian 7 / OpenJDK 6 or Sun Java 6 will not be supported as a platform by Open-Xchange.
|Since OX App Suite v7.4.0: 2013-09-26
|-
|Open-Xchange discontinued support for the currently available "showruntimestats" monitoring function (which fetches runtime information from the Java virtual machine and about the Open-Xchange Groupware backend). With OX App Suite v7.4.0, there is a new monitoring function using Jolokia for Open-Xchange. From v7.4.0 onwards, this is located inside the Open-Xchange Bundle and configured by jolokia.properties. Further information can be found at http://oxpedia.org/wiki/index.php?title=Jolokia
|Since OX App Suite v7.4.0: 2013-09-26
|-
|Open-Xchange provided a new LDAP Contact Storage Integration Bundle. Open-Xchange discontinued support for the old bundle with OX App Suite v7.2.1. Further configuration information is available at the Open-Xchange Knowledgebase under: http://oxpedia.org/wiki/index.php?title=ContactStorageLDAP
|Since OX App Suite v7.2.1: 2013-05-27
|}

== What version do I have installed ==

Check [[UpdatingOXPackages#What_Service_Pack_do_I_have_installed.3F|this article]] to find out.

[[Category: OX7]]
[[Category: AppSuite]]

OX Permission Level

2018-02-08T08:19:46Z

Ioannis.chouklis: /* Additional Flexible Functions */

{{VersionTo|7.4.1}}
''Note: This represents the state of OX6 and AppSuite until v7.4.1. For the newer implementation, see [[AppSuite: Permission Level]].''

= OX Permission Level Matrix=

OX HE/SE/App Suite allows to provide different permission levels to the users.

The levels start with pure webmail-only functionality and end with the full featured groupware product including all connectors and are described in the first table.

* '''Webmail''' contains pure webmail functionality including a private addressbook
* '''PIM''' (Private Information Management) adds private calendar and private tasks, no group or sharing permissions are available
* '''PIM + Mobility''' adds mobile synchronisation to the PIM level
* '''PIM + InfoStore''' adds private InfoStore functionality to the PIM level
* '''Groupware Standard''' includes all group and sharing permissions as well as the InfoStore
* '''Groupware Premium''' adds all external connectors and mobile synchronisation to Groupware Standard

In addition to this levels, OX HE/SE/App Suite contains several functions, which can flexible be used with every level. This functions are described in the second table.

== How to read the Matrix ==

{|
|-
! !! Definition
|-
| '''Mandatory''' || This column defines the options, which must not be changed for this level. '''This is a technical requirement and necessary for the correct functioning of OX HE/SE/App Suite'''
|-
| '''Default''' || This column lists the options, which are activated per default for this level
|-
| '''API Parameter''' || Related parameter in the RMI, SOAP and CLT API - described in the [http://software.open-xchange.com/OX6/doc/OX6-Provisioning.pdf Provisioning Documentation]
|-
|  ||  
|-
| '''and/or''' || Minimum one of this options need to be activated in this level
|-
|style="background-color:#C0C0C0" |  || Fields in this color define the most important differentiator to the next lower level
|}

== Matrix - Permission Levels ==

This table describes the mandatory parameters for the different permission levels.

{|
|-
! OX Base Levels !! Functionality !! Mandatory (technical requirement) !! Default !! Requirements / Description !!   !! API Parameter
|-
| rowspan="2" | '''Webmail'''
Webmail only
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||  || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|   ||   ||   ||   ||   ||   ||  
|-
| rowspan="5" | '''PIM'''<br>Private use only<br>No sharing, no group functions.
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || rowspan="3" | The absence of other features defines this level ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   || calendar
|-
|Global Addressbook ||   || [[File:Cross_gray.gif]] ||  ||   || globaladdressbookdisabled
|-
|Tasks ||   || [[File:check.gif]] ||  ||   || tasks
|-
|   ||   ||   ||   ||   ||   || 
|-
| rowspan="9" | '''PIM + Mobility'''<br>Private use only<br>No sharing, no group functions<br>Enabled for mobile synchronization
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#F0F0F0" | USM ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || usm
|-
|style="background-color:#C0C0C0" | Active Sync ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="2" | This defines the level<br>At least one of these needs to be set<br>Typically "Active Sync"||   || activesync
|-
|style="background-color:#C0C0C0" | SyncML ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || syncml (deprecated)
|-
|Global Addressbook ||  || [[File:Cross_gray.gif]] ||  ||   || globaladdressbookdisabled
|-
|Tasks ||   || [[File:check.gif]] ||  ||   || tasks
|-
|   ||   ||   ||   ||   ||  
|-
| rowspan="6" | '''PIM + InfoStore''' <br>Private use only<br>No sharing, no group functions<br>Enabled for document storage.
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#C0C0C0" | InfoStore ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || This combined with the absence of other switches defines the level <br> ||   || infostore
|-
|Global Addressbook ||   || [[File:Cross_gray.gif]] ||  ||   || globaladdressbookdisabled
|-
|Tasks ||   || [[File:check.gif]] ||  ||   || tasks
|-
|   ||   ||   ||   ||   ||   ||  
|-
| rowspan="9" | '''Groupware Standard'''<br>Full Groupware functionality<br>Access restricted to Web GUI
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#F0F0F0" | Tasks ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || tasks
|-
|style="background-color:#C0C0C0" | Shared Folders ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="3" | This defines the level<br>All need to be set together ||   || readcreatesharedfolders
|-
|style="background-color:#C0C0C0" | Public Folders ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || editpublicfolders
|-
|style="background-color:#C0C0C0" | Task Delegation ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || delegatetask
|-
|style="background-color:#F0F0F0" | Global Addressbook ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || globaladdressbookdisabled
|-
|InfoStore ||   || [[File:check.gif]] ||  ||   || infostore
|-
|   ||   ||   ||   ||   ||   ||  
|-
| rowspan="16" | '''Groupware Premium'''<br>Full Groupware functionality<br>All external clients enabled (Mobility, Outlook, Mac)
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || webmail
|-
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || contacts
|-
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || calendar
|-
|style="background-color:#F0F0F0" | Tasks ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||  ||   || tasks
|-
|style="background-color:#F0F0F0" | Shared Folders ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || readcreatesharedfolders
|-
|style="background-color:#F0F0F0" | Public Folders ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || editpublicfolders
|-
|style="background-color:#F0F0F0" | Task Delegation ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || delegatetask
|-
|style="background-color:#F0F0F0" | Global Addressbook ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || globaladdressbookdisabled
|-
|style="background-color:#F0F0F0" | USM ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] ||   ||   || usm
|-
|style="background-color:#C0C0C0" | OLOX2 ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="4" | This defines the level<br>At least one of these needs to be set.<br>Typically OLOX2 and Active Sync ||   || olox20
|-
|style="background-color:#C0C0C0" | OLOX (Legacy) ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || webdavxml (deprecated)
|-
|style="background-color:#C0C0C0" | Active Sync ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || activesync
|-
|style="background-color:#C0C0C0" | SyncML ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] ||   || syncml (deprecated)
|-
|InfoStore ||   || [[File:check.gif]] ||  ||   || infostore
|-
|iCal Access ||   || [[File:check.gif]] ||  ||   || ical (deprecated)
|-
|vCard Access ||   || [[File:check.gif]] ||  ||   || vcard (deprecated)
|-
|}
<br>
<br>

== Additional Flexible Functions ==

The following functions can be added flexible to each permission level.

{|
|-
! Additional Functions !! Default !! Requirements / Description !!   !! API Parameter
|-
| rowspan="2" | '''Minimum Webmail'''
|Collect Emailaddresses || Email addresses typed into sent/reveived emails can be saved automatically in a dedicated folder ||   || collectemailaddresses
|-
|Edit Password || If a plugin to change the own password is installed on the system, it will be displayed in the settings area ||   || editpassword
|-
|   ||   ||   ||   ||  
|-
| rowspan="3" | '''Minimum PIM'''
|Multiple Mailaccounts || The user can use external IMAP/POP3 Mailaccounts within the OX WebGUI. Starting with 6.20 this can be configured per email service ||   || multiplemailaccounts
|-
|Subscriptions || The user can subscribe to external/social datasources, like LinkedIN (removed since 7.10.0), XING, Facebook, Gmail, .... Starting with 6.20 this can be configured per subscription service ||   || subscriptions
|-
|Publications || The user can publish his own data (contacts/documents) for other users in the internet ||   || publication
|-
|   ||   ||   ||   ||  
|-
| '''Minimum PIM + InfoStore'''
|WebDAV || Allows WebDAV access to InfoStore documents; Requires InfoStore ||   || webdav
|-
|   ||   ||   ||   ||  
|-
| rowspan="2" | '''Minimum GW Standard'''
|Manage Resources || The user is allowed to create and manage resources for the whole company ||   || editresource
|-
|Manage Groups || The user is allowed to create and manage groups for the whole company ||   || editgroup
|-
|   ||   ||   ||   ||  
|-
| rowspan="2" | '''Minimum GW Premium'''
|vCard || The user can download all his contacts via the vCard interface ||   || vcard (deprecated)
|-
|iCal || The user can download all his contacts via the iCal interface ||   || ical (deprecated)
|-
|}

OX HE Tutorial 10K

2018-02-08T08:17:49Z

Ioannis.chouklis: /* Install and configure OX */

= Tutorial: OX HE Setup for up to 10.000 users =

'''This article describes what you need for a typical OX HE Setup for up to 10.000 Users with minimal efforts.'''

It contains everything you need to:
* Understand the design of the OX HE setup including additional services
* Install the whole system based on the relevant articles
* Find pointers to the next steps of integration

= System Design =

[[Image:SaaS-10k.jpg]]

The system is designed to provide maximum functionality with a minimum of necessary hardware. All OX services are running on one single machine.

== Core Components for OX HE ==

* One OX HE server (HW recommendation: 16GB RAM / 4 cores)
* MySQL installed directly on this server
* Optional: NFS Server to store documents and files

== Infrastructure Components not delivered by OX ==

* An email system providing IMAP and SMTP
* A control panel for creation and administration of users

= Overview Installation Steps =

'''To deploy the described OX setup, the following steps need to be done. '''

== Mandatory Steps ==
# Initialize and configure MySQL database
# Install and configure OX service

== Steps depending on your environment ==
# Connect Control Panel
# Connect Email System

== Recommended Optional Next Steps ==
# Automated Frontend Tests
# Upsell Plugin
# Mobile Autoconfiguration
# Branding

= Mandatory Installation Steps - Instructions & Recommendations =

'''The following steps need to be done in every case to get OX up and running:'''

== Install and configure OX ==

OX will be installed on the server.

* [[AppSuite:Open-Xchange_Installation_Guide_for_Debian_6.0|Download and Installation Guide for Debian GNU/Linux 6.0 (Squeeze)]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_Debian_7.0|Download and Installation Guide for Debian GNU/Linux 7.0 (Wheezy)]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_SLES11|Download and Installation Guide for SUSE Linux Enterprise Server 11]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_RHEL6|Download and Installation Guide for RedHat Enterprise Linux 6]]
* [[AppSuite:Open-Xchange_Installation_Guide_for_CentOS_6|Download and Installation Guide for CentOS 6]]

You also should install and configure the OXtender for Business Mobility

[[OXtender_for_Business_Mobility_Installation_Guide|Installation of the OXtender for Business Mobility]]

Let your users connect to their data from other services like Twitter or LinkedIn (removed since 7.10.0) by configuring the "SocialOX"

[[SocialOX|SocialOX-Configuration]]

= Installation Steps depending on your environment - Instructions & Recommendations =

'''The following components need to be implemented in your environment.'''

{{OX_HE_Tutorial_CP}}

{{OX_HE_Tutorial_HGP}}

{{OX_HE_Tutorial_Plesk}}

{{OX_HE_Tutorial_Auth}}

== Connect Email System ==

Every email system providing IMAP and SMTP can be used as backend to OX. Best experiences are made with the widespread Linux based IMAP servers [http://dovecot.org/ Dovecot], [http://www.cyrusimap.org/ Cyrus] or [http://www.courier-mta.org/imap/ Courier].

Other IMAP servers need to be tested thoroughly before going into production.

There are several possibilities to implement the Email system:

# You already have an email system available: Nothing needs to be done, it just needs to be configured
# You use Plesk Panel: Nothing special needs to be done, everything you need is contained in the OXtender for Plesk
# You want to setup a new Email system: It is recommended to use Dovecot, as this is very stable, fast, feature rich and easy to scale

{{OX_HE_Tutorial_Dovecot}}

{{OX_HE_Tutorial_Next}}

OX HE Tutorial 1M

2018-02-08T08:17:14Z

Ioannis.chouklis: /* Install and configure OX on both servers */

= Tutorial: High Available OX HE Setup for up to 1 Milion users =

'''This article describes what you need for a typical OX HE Setup for up to 1.000.000 Users, which is fully clustered, high available and scaling very flexible.'''

It contains everything you need to:
* Understand the design of the OX HE setup including additional services
* Install the whole system based on the relevant articles
* Find pointers to the next steps of integration

= System Design =

[[Image:SaaS-1M.jpg]]

The system is designed to provide maximum functionality and availability with a minimum of necessary hardware. If the services on one OX server fail, this is transparently handled by the load balancer. If one MySQL server fails, it is sufficient to take over the IP address on the other MySQL server in the cluster to stay fully in operation.

== Core Components for OX HE ==

* Minimum two (recommended three) OX HE servers (HW recommendation: 32GB RAM / 8 cores each)
* Minimum one MySQL cluster with two servers in Master-Master configuration (HW recommendation: 32GB RAM / 8 cores each)
* NFS Server to store documents and files
* Recommended for more than 500.000 mailboxes: one OX HE server dedicated for user provisioning (HW recommendation: 16GB RAM / 4 cores each)

== Infrastructure Components not delivered by OX ==

* An email system providing IMAP and SMTP
* A control panel for creation and administration of users
* A Load Balancer in front of the OX servers (optional, recommended)

= Overview Installation Steps =

'''To deploy the described OX setup, the following steps need to be done. '''

== Mandatory Steps ==
# Initialize and configure MySQL database servers
# Install and configure OX on all servers

== Steps depending on your environment ==
# Implement Load Balancer
# Connect Control Panel
# Connect Email System

== Recommended Optional Next Steps ==
# Automated Frontend Tests
# Upsell Plugin
# Mobile Autoconfiguration
# Automatic FailOver
# Branding

= Mandatory Installation Steps - Instructions & Recommendations =

'''The following steps need to be done in every case to get OX up and running:'''

== Initialize and configure MySQL database ==

MySQL will be configured as redundant, highly-availabe MySQL instance to ensure data consistency on all servers. This can be implemented for example using Galera or a Master-Master replication configuration. If one machine fails, the other machine(s) will take over all functionality.

[[OXLoadBalancingClustering_Database|Database setup for clustered environments]]

== Install and configure OX on both servers ==

OX will be installed on minimum two servers. It will be configured to '''write''' to the '''first''' MySQL database and to '''read''' from the '''second''' MySQL database in one cluster. This will distribute the load during normal operation as smooth as possible. During FailOver the IP address of the failed MySQL server will be taken over to the working server, the system stays operable.

[[OXLoadBalancingClustering_OXConfiguration|Open-Xchange setup and configuration for clustered environments]]

The NFS server will be mounted on all machines and registered as filestore.

[[OXLoadBalancingClustering_Filestore|Filestore setup for clustered environments]]

When multiple Open-Xchange Servers are configured within a cluster Session and Loadbalancing needs to be set up.

[[OXLoadBalancingClustering_SessionLoadbalancing|Session and Loadbalancing for clustered environments]]

[[OXLoadBalancingClustering_NetworkConfiguration|Network configuration for clustered environments]]

You also should install and configure the OXtender for Business Mobility:

[[OXtender_for_Business_Mobility| exchange active sync configuration for Open-Xchange]]

Let your users connect to their data from other services like Twitter or LinkedIn (removed since 7.10.0) by configuring the "SocialOX"

[[SocialOX|SocialOX-Configuration]]

= Installation Steps depending on your environment - Instructions & Recommendations =

'''The following components need to be implemented in your environment.'''

== Implement Load Balancer ==

A load balancer in front of the OX servers is necessary for this deployment size. It needs to handle the requests if one OX server fails.

If you already have a hardware load balancing solution in place, this can be used. OX is known to work with the standard load balancing solutions from BigIP, Barracuda, Foundry, ...

If you do not have a load balancing solution already in place, we recommend to use [http://www.keepalived.org/ Keepalived] as reliable and cost effective solution.

Read more about configuring [[Keepalived | Keepalived for Open-Xchange]]

{{OX_HE_Tutorial_CP}}

{{OX_HE_Tutorial_HGP}}

{{OX_HE_Tutorial_POA}}

{{OX_HE_Tutorial_Auth}}

== Connect Email System ==

Every email system providing IMAP and SMTP can be used as backend to OX. Best experiences are made with the widespread Linux based IMAP servers [http://dovecot.org/ Dovecot], [http://www.cyrusimap.org/ Cyrus] or [http://www.courier-mta.org/imap/ Courier].

Other IMAP servers need to be tested thoroughly before going into production.

There are several possibilities to implement the Email system:

# You already have an email system available: Nothing needs to be done, it just needs to be configured
# You use Parallels Automation (POA): Nothing special needs to be done, everything you need is contained in the APS package
# You want to setup a new Email system: It is recommended to use Dovecot, as this is very stable, fast, feature rich and easy to scale

{{OX_HE_Tutorial_Dovecot}}

{{OX_HE_Tutorial_Next}}

OX HE Tutorial 100K

2018-02-08T08:16:40Z

Ioannis.chouklis: /* Install and configure OX on both servers */

= Tutorial: High Available OX HE Setup for up to 100.000 users =

'''This article describes what you need for a typical OX HE Setup for up to 100.000 Users, which is fully clustered and high available.'''

It contains everything you need to:
* Understand the design of the OX HE setup including additional services
* Install the whole system based on the relevant articles
* Find pointers to the next steps of integration

= System Design =

[[Image:SaaS-100k-1.jpg]]

The system is designed to provide maximum functionality and availability with a minimum of necessary hardware. If the services on one server fail, it is enough to take over the IP address to the other machine and service will stay up and running.

== Core Components for OX HE ==

* Two OX HE servers (HW recommendation: 16GB RAM / 4 cores each)
* MySQL installed directly on these server
* NFS Server to store documents and files

== Infrastructure Components not delivered by OX ==

* An email system providing IMAP and SMTP
* A control panel for creation and administration of users
* A Load Balancer in front of the OX servers (optional, recommended)

= Overview Installation Steps =

'''To deploy the described OX setup, the following steps need to be done. '''

== Mandatory Steps ==
# Initialize and configure MySQL database on both servers
# Install and configure OX on both servers

== Steps depending on your environment ==
# Implement Load Balancer
# Connect Control Panel
# Connect Email System

== Recommended Optional Next Steps ==
# Automated Frontend Tests
# Upsell Plugin
# Mobile Autoconfiguration
# Automatic FailOver
# Branding

= Mandatory Installation Steps - Instructions & Recommendations =

'''The following steps need to be done in every case to get OX up and running:'''

== Initialize and configure MySQL database on both servers ==

MySQL will run on both servers. MySQL will be configured as Master-Master configuration to ensure data consistency on both servers.
If one machine fails, the other machine will take over all functionality.

[[OXLoadBalancingClustering_Database|Database setup for clustered environments]]

== Install and configure OX on both servers ==

OX will be installed on both servers. It will be configured to '''write''' to the '''first''' MySQL database and to '''read''' from the '''second''' MySQL database. This will distribute the load during normal operation as smooth as possible. During FailOver the IP address of the failed server will be taken over to the working server, the system stays operable.

[[OXLoadBalancingClustering_OXConfiguration|Open-Xchange setup and configuration for clustered environments]]

The NFS server will be mounted on both machines and registered as filestore.

[[OXLoadBalancingClustering_Filestore|Filestore setup for clustered environments]]

When multiple Open-Xchange Servers are configured within a cluster Session and Loadbalancing needs to be set up.

[[OXLoadBalancingClustering_SessionLoadbalancing|Session and Loadbalancing for clustered environments]]

[[OXLoadBalancingClustering_NetworkConfiguration|Network configuration for clustered environments]]

You also should install and configure the OXtender for Business Mobility

[[OXtender_for_Business_Mobility_Installation_Guide|Installation of the OXtender for Business Mobility]]

Let your users connect to their data from other services like Twitter or LinkedIn (removed since 7.10.0) by configuring the "SocialOX"

[[SocialOX|SocialOX-Configuration]]

= Installation Steps depending on your environment - Instructions & Recommendations =

'''The following components need to be implemented in your environment.'''

== Implement Load Balancer ==

A load balancer in front of the OX servers is recommended, but optional in this deployment size. (In small environments, DNS Round Robin may be sufficient).

If you already have a hardware load balancing solution in place, this can be used. OX is known to work with the standard load balancing solutions from BigIP, Barracuda, Foundry, ...

If you do not have a load balancing solution already in place, we recommend to use [http://www.keepalived.org/ Keepalived] as reliable and cost effective solution.

Read more about configuring [[Keepalived | Keepalived for Open-Xchange]]

{{OX_HE_Tutorial_CP}}

{{OX_HE_Tutorial_HGP}}

{{OX_HE_Tutorial_POA}}

{{OX_HE_Tutorial_Auth}}

== Connect Email System ==

Every email system providing IMAP and SMTP can be used as backend to OX. Best experiences are made with the widespread Linux based IMAP servers [http://dovecot.org/ Dovecot], [http://www.cyrusimap.org/ Cyrus] or [http://www.courier-mta.org/imap/ Courier].

Other IMAP servers need to be tested thoroughly before going into production.

There are several possibilities to implement the Email system:

# You already have an email system available: Nothing needs to be done, it just needs to be configured
# You use Parallels Automation (POA): Nothing special needs to be done, everything you need is contained in the APS package
# You want to setup a new Email system: It is recommended to use Dovecot, as this is very stable, fast, feature rich and easy to scale

{{OX_HE_Tutorial_Dovecot}}

{{OX_HE_Tutorial_Next}}

{{OX_HE_Tutorial_FailOver}}

SupportedCrawler

2018-02-08T08:16:03Z

Ioannis.chouklis: /* Social OX PlugIn Matrix */

= Open-Xchange Supported Social OX PlugIn Matrix =
Open-Xchange introduces a new groupware concept called “Social OX,” which aggregates e-mail and contact information in one place -- whether personal or business -- avoiding time-consuming searching and giving users access to information anywhere, anytime and with any device. The new concept provides
* The integration of any kind of existing webmail accounts (from Google, Yahoo, etc.) into a folder in Open-Xchange, including merging of data
* Contact details from social networks such as LinkedIn or Xing will be added automatically to the Open-Xchange address book – giving users easy access to the latest contact information within their personal network.
* In addition, Open-Xchange users can share their data with other users in a controlled way -- without sending the information via e-mail. For example, with Social OX published data can be shared so there is no need to send large documents as an attachment via e-mail.

The following Matrix will show the official supported Social OX PlugIn to subscribe social networks.

= Supported Social OX PlugIn Matrix (Status OX6 v.6.18.2)=

==Caption of the Matrix==

{|
|-
! Icon !! Definition
|-
| [[File:Cross_gray.gif]] || Not provided by the external service
|-
| [[File:cross.gif]] || Not provided
|-
| [[File:check.gif]] || Available
|-
|}

==Social OX PlugIn Matrix==

{|
|-
! Social Service !! Type !! Subscribed fields !! .de !! .com !! .uk !! .fr !! .es !! .nl
|-
| rowspan="4" | Google
| IMAP ||   || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| POP ||   || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Contacts || display_name, first_name, middle_name, last_name, suffix, company, email1, email2, email3, telephone_business1, telephone_home1, telephone_other1, work_fax, home_fax, cellular_telephone1, birthday, street_home, postal_code_home, city_home, country_home, street_business, postal_code_business, city_business, country_business, street_other, postal_code_other, city_other, country_other, instant_messenger1, image || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Calendar || title, start_date, end_date, note, Serial information || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-

| rowspan="4" | LinkedIn
| IMAP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
| POP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
| Contacts || first-name, last-name, telephone_business1, telephone_private1, instant_messenger1, date-of-birth, main-address, picture, positions || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
| colspan="8" | <span style="color: red;">LinkedIn was removed since 7.10.0</span>
|-

| rowspan="4" | Xing
| IMAP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
| POP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
| Contacts || first_name, last_name, display_name, email1, street_business, postal_code_business, city_business, state_business, country_business, telephone_business1, fax_work, company, title, image || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-

| rowspan="4" | Yahoo
| IMAP ||   || [[File:check.gif]] || [[File:check.gif]] (US Pro-Account only) || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]]
|-
| POP ||   || [[File:check.gif]] || [[File:check.gif]] (US Pro-Account only) || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]]
|-
| Contacts || display_name, email, telephone_home1, telephone_business1, cellular_telephone1, company, title, street_business, postal_code_business, city_business, instant_messenger1, street_home, postal_code_home, city_home, birthday || [[File:check.gif]] || [[File:check.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-

| rowspan="4" | MSN
| IMAP ||   || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| POP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] ||[[File:Cross_gray.gif]]
|-
| Contacts || first_name, last_name, city_home, country_home, image || [[File:check.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-

| rowspan="4" | T-Online
| IMAP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]|| [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
| POP ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] ||[[File:Cross_gray.gif]]
|-
| Contacts || birthday, email2, email1, cellular_telephone2, cellular_telephone1, telephone_home1, telephone_business1, street_home, postal_code_home, city_home, country_home, street_business, postal_code_business, city_business, country_business || [[File:check.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]] || [[File:cross.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-

| rowspan="4" | [https://www.ox.io/de/quickstart Open-Xchange]
| IMAP ||   || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]]
|-
| POP ||   || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]]
|-
| Contacts || All available contact fields of Open-Xchange || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-

| rowspan="4" | GMX
| IMAP ||   || [[File:check.gif]] || [[File:cross.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]]
|-
| POP ||   || [[File:check.gif]] || [[File:cross.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]]
|-
| Contacts || All available contact fields of Open-Xchange || [[File:check.gif]] ||[[File:cross.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-

| rowspan="4" | Web.de
| IMAP ||   || [[File:check.gif]] || [[File:cross.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]]
|-
| POP ||   || [[File:check.gif]] || [[File:cross.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]|| [[File:check.gif]]
|-
| Contacts || All available contact fields of Open-Xchange || [[File:check.gif]] || [[File:cross.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]] || [[File:check.gif]]
|-
| Calendar ||   || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]] || [[File:Cross_gray.gif]]
|-
|}

= Custom Social OX PlugIn Request =

== Custom Social OX PlugIn Development ==
To ensure that mission critical Social OX PlugIn for single customers can be implemented into Open-Xchange products even if they do not match the requirements to be prioritized within the standard process, there is the possibility to order custom Social OX PlugIn development.

== Social OX as Plugin ==
Open-Xchange products have the ability to implement additional Social OX as plugins. These Social OX PlugIn are mainly available for the interfaces between Open-Xchange and the existing infrastructure: authentication, email access, SPAM filtering, and 3rd party applications. In most cases, these plugins are developed in close cooperation with the customer from the project team.

== Offering ==
Offerings for the implementation of Social OX PlugIn requests, which can be technically implemented as a plugin can be obtained from the Open-Xchange project or sales teams.

AppSuite:Open-Xchange Installation Guide for Debian 8.0

2017-11-14T09:17:33Z

Ioannis.chouklis: Fix for documentation bug 43225

{{Version|7.8.0}}

= OX App Suite on Debian GNU/Linux 8.0 =

{{QuickInstIntro|release=appsuite}}

= Requirements =

* Plain installed Debian GNU/Linux 8.0, no graphical tools required
* A supported Java Virtual Machine ([http://oxpedia.org/wiki/index.php?title=AppSuite:OX_System_Requirements#Server_Platforms learn more])
* A working internet connection
* vim is not installed by default on Debian. If you want to copy & paste the commands from this article into a shell window, you need to <code>apt-get install vim</code> first.

{{AddReposDebian|debname=jessie|debnameox=DebianJessie|release=appsuite}}

= Updating repositories and install packages =

It is highly recommended to import the Open-Xchange build key to your package systems trusted keyring in order to make sure only Open-Xchange packages with valid signing are installed on the system. Otherwise you'll encounter warnings about untrusted package sources. To import the Open-Xchange buildkey, please refer to this quick guide: [[Importing_OX_Buildkey#Importing_key_into_apt_based_systems|Importing OX Buildkey]].

Reload the package index. This will download the package descriptions available at the software repositories and will enable the Open-Xchange repository as a valid source for signed packages:

$ apt-get update

The following command starts the download and installation process of all required package for Open-Xchange deployment:

{{OXPackageInstallation|installer=apt-get|mysql=mysql-server|javavendor=sun|release=appsuite}}

You will be asked multiple times to enter a MySQL password, please do '''not''' enter a password at this point. You should enter a strong MySQL admin password for the user "mysql" after the installation has been finished. See: [http://dev.mysql.com/doc/refman/5.0/en/passwords.html MySQL Reference Manual]

'''Important:''' Some of the scripts assume you have mysql root access from the command line, therefore the advice of "not" to enter a password. If you do, you may find problems following the instructions provided in this howto.

{{OXConfiguration|mysqlstart=systemctl start mysql}}

{{oxinstaller|connector=http}}

After initializing the configuration, restart the Open-Xchange Administration service by executing:

$ systemctl restart open-xchange

{{OXRegister|globaldb=true}}

= Configure services =

{{ApacheOXModsDebian|connector=http|extramods=lbmethod_byrequests}}

{{Template:ApacheAppSuiteConf|connector=http|connectorConf=/etc/apache2/conf-available/proxy_http.conf|apacheconf=/etc/apache2/sites-enabled/000-default.conf|docroot=/var/www/html|loadmodule=|syncProxyName=eas_oxcluster}}

Enable the proxy configuration

$ a2enconf proxy_http.conf

After the configuration is done, restart the Apache webserver

$ systemctl restart apache2

== Upgrade from Debian 7 ==

If you updated from Debian 7 to Debian 8 the proxy_http.conf file is still located in the <tt>conf.d</tt> directory which is not read in Debian 8. So you have to move the file to <tt>conf-available</tt> and execute <tt>a2enconf proxy_http</tt> afterwards.

== Apache Setting for more concurrent Connections ==

By default apache2 is configured to support 150 concurrent connections. This forces all parallel requests beyond that limit to wait. Especially if, for example, active sync clients maintain a permanent connection for push events to arrive. The following article explains how that can be done

[[Tune_apache2_for_more_concurrent_connections|Apache Setting for more concurrent Connections]]

{{ContextUserAndLogs}}

[[Category: AppSuite]]

AppSuite:OX Logging

2017-09-09T06:51:38Z

Ioannis.chouklis: /* Categories vs. Log Levels */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Exception Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2017-09-09T06:51:29Z

Ioannis.chouklis: /* Logging Filters vs. Loggers */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers vs. Exception Categories ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2017-09-09T06:50:05Z

Ioannis.chouklis: /* logconf CLT */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone). The ruby code block is only needed for Elasticsearch version 2.0 or newer.
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
ruby {
code => "event.to_hash.keys.each { |k| event[ k.gsub('.','_') ] = event.remove(k) if k.include?'.' }"
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Logging Filters vs. Loggers ===

As already mentioned in the beginning, with this command line tool you can do multiple things, therefore there are different "categories" of data objects so to speak, i.e. Logging Filters, Loggers and Exception Categories. Hence, specific flags of the tool are explicitly used for only one of these data object categories and nowhere else (with the exception of the -l flag):

# Manage logging filters for
#* Sessions
#* Contexts
#* Context/User tuples
#: For the above three cases the -a, -d and -lf flags are relevant
# Change the log level of already existing loggers of the system
#: For this case the -l and -ll flags are relevant
# Suppress the stack-traces for defined exception categories
#: For this case only the -oec flag is relevant

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema
<pre>
com.openexchange.mail.accountId
</pre>
The mail account identifier used in the request
<pre>
com.openexchange.mail.host
</pre>
The mail host used in the requst
<pre>
com.openexchange.mail.login
</pre>
The login identifier used to login to the mail server

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:Context management

2017-06-20T07:50:52Z

Ioannis.chouklis: Removed the WebDAV XML remnants

== createcontext ==

'''<code>createcontext</code>''' is the tool to create new contexts. A context is an independent instance within the createcontext Open-Xchange system and holds users, groups
and resources and all their objects. Data from one context is not visible to other contexts. Module access (calendar, tasks, email) can be set via predefined "access combination names". These
names can be configured on the server side. All users which are created during later use of the "createuser" tool will inherit the module access rights from the context. If you do not specify any
access rights on createcontext minimal access rights will be granted. Currently, these are Webmail and Contacts access rights.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <integer>
|The id of the context, when starting with 0, 0 is deleted
|-
| -q,--quota <integer>
|Context wide filestore quota in MB. -1 = unlimited. '''Note:''' The context-associated filestore is not only used by Infostore/Drive module, but also for other features like snippets/signatures, thumbnail cache, PIM (contacts, calendar & tasks) attachments, etc. Thus even if you don't use the Infostore/Drive, you should always set an appropriate amount so users can e.g. store signatures or attach files to PIM items.
|-
| -u,--username <string>
|Username for the new context admin user
|-
| -d,--displayname <string>
|Displayname for the new context admin user
|-
| -g,--givenname <string>
|Given name for the new context admin user
|-
| -s,--surname <string>
|Surname/last name for the new context Admin user
|-
| -p,--password <string>
|Password for the new context Admin user
|-
| -e,--email <string>
|Primary E-Mail address for the new context Admin user
|-
| -l,--lang <lang>
|Language for the new context Admin user
|-
| -t,--timezone <timezone>
|Timezone for the new context Amin user
|-
| -N,--contextname <string>
|Context name
|-
| -L,--addmapping <string>
|Add login mappings separated by ","
|-
| -F,--destination-store-id <integer>
|Specifies the optional file store identifier to which the context gets assigned; if missing the file store gets auto-detected
|-
| -D,--destination-database-id <integer>
|Specifies the optional database identifier to which the context gets assigned; if missing the database gets auto-detected
|-
| --access-combination-name <access-combination-name>
|Access combination name
|-
| --access-denied-portal <on/off>
|Denies portal access (Default is off)
|-
| --csv-import <CSV file>
| Full path to CSV file with user data to import. This option makes mandatory options obsolete, except credential options (if needed).
|}

==== --csv-import <CSV file> ====

Full path to CSV file with user data to import. This option makes mandatory command line options obsolete, except credential options (if needed). But they
have to be set in the CSV file.

With this option you can specify a csv file (a full pathname must be given) with the data which should be imported. The columnnames in the CSV file must be
the same as the long-options of the command line tools, without the prefix "--".

This option will normally be used to fill new large installations with the new data. So instead of calling
the command line tools in a shell script every time, just a csv file needs to be created, containing the whole data.

Note that the credentials of the masteradmin in the createcontext call
must be given on the command line with the -A and -P options nevertheless - if authentication is enabled. If the createuser command line tool is used, the credentials are part of the csv file, and
cannot be set as options on the command line itself. The reason for this different behavior is that different contexts have different credentials for the admin user, so they must be set in every
line of the csv file. Opposed to this the credentials of the masteradmin are always the same.

==== Extra parameters when authentication is enabled ====

{| border="1"
|-
| -A,--adminuser <string>
|Master Admin user name
|-
| -P,--adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

'''<code>contextid {adminuser adminpass} quota username displayname givenname surname password email</code>'''

=== Command output ===

On success:

<code>context <contextid> created</code>

On
failure:

<code>context <contextid> could not be created: <reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/createcontext
-c 123 -q 1000 -N CompanyA -u "admin" -d "Admin of CompanyA" -g John -s Example -p newpw -e john@example.com</code>'''

<code>context 123
created</code>

== deletecontext ==

'''<code>deletecontext</code>''' is the tool to delete contexts and all data stored that belong to it. This includes all database entries and files in the infostore but no
E-Mail components.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <contextid>
|The id of the context
|-
| -N,--contextname <contextname>
|Context name
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Master Admin user name
|-
| -P,--adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

'''<code>(contextid or contexname) {adminuser adminpass}</code>'''

=== Command output ===

On success:

<code>context <contextid> deleted</code>

On failure:

<code>context
<contextid> could not be deleted: <reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/deletecontext -c
123</code>'''

<code>context 123 deleted</code>

== listcontext ==

'''<code>listcontext</code>''' is the tool to list and search for contexts.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -s,--searchpattern <string>
|Search/List pattern, default “*”
|-
| --csv
|Command output as csv
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <adminuser>
|Master Admin user name
|-
| -P,--adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

'''<code>{adminuser adminpass}</code>'''

=== Command output ===

Standard output:

<pre>cid fid fname enabled qmax qused name
lmappings . . ... ... ... ... ... ...
</pre>

csv output:

<code>id,filestore_id,filestore_name,enabled,max_quota,used_quota,name,lmappings</code>

=== Example ===

<pre>root@oxhe:/opt/open-xchange/sbin# ./listcontexts cid fid fname
enabled qmax qused name lmappings 6 3 6_ctx_store true 1000 0 customerA 6,customerA,secondlogin
</pre>

== disablecontext ==

'''<code>disablecontext</code>''' is the tool to disable contexts. Whenever a customer tries to log in to a disabled context, the login is denied.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <integer>
|The id of the context
|-
| -N,--contextname <string>
|Context name
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Master Admin user name
|-
| -P,--adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on
failure

=== Mandatory parameters ===

'''<code>(contextid or
contextname) {adminuser adminpass}</code>'''

=== Command output ===

On
success:

<code>context <contextid> disabled</code>

On failure:

<code>context <contextid> could not be disabled:
<reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/disablecontext -c 123</code>'''

<code>context 123
disabled</code>

== disableallcontexts ==

'''<code>disableallcontexts</code>''' is the tool to disable all contexts. Whenever a customer tries to log in to a disabled context, the login is denied.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Master Admin user
name
|-
| -P,--adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on
failure

=== Mandatory parameters ===

'''<code>{adminuser
adminpass}</code>'''

=== Command output ===

On success:

<code>all contexts disabled</code>

On failure:

<code>all contexts could not be disabled: <reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/disableallcontexts</code>'''

<code>all contexts disabled</code>

== enablecontext ==

'''<code>enablecontext</code>''' is the tool to enable a disabled context.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from
output
|-
| -c,--contextid <integer>
|The id of the context
|-
| -N,--contextname <string>
|Context name
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <adminuser>
|Master Admin user name
|-
| -P,--adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

'''<code>(contextid or contextname) {adminuser adminpass}</code>'''

=== Command output ===

On success:

<code>context <contextid> enabled</code>

On failure:

<code>context <contextid> could not be enabled: <reason from server></code>

=== Example ===

<code>root@oxhe~#
</code>'''<code>/opt/open-xchange/sbin/enablecontext -c 123</code>'''

<code>context <contextid> enabled</code>

== enableallcontexts ==

'''<code>enableallcontexts</code>''' is the tool to enable all disabled contexts.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from
output
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Master Admin user name
|-
| -P,--adminpass
<string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

'''<code>{adminuser adminpass}</code>'''

=== Command output ===

On success:

<code>all contexts enabled</code>

On
failure:

<code>all contexts could not be enabled: <reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/enableallcontexts</code>'''

<code>all contexts enabled</code>

== getcontextcapabilities ==

'''<code>getcontextcapabilities</code>''' is the tool to list available capabilities for a certain context.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <integer>
|The id of the context
|-
| -N,--contextname <contextname>
|context name
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Context Admin user name
|-
| -P,--adminpass <string>
|Context Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===
<code>contextid adminuser adminpass</code>

=== Command output ===

Either "There are no capabilities set for context <context-id>"
or a line-wise listing of identifiers for available capabilities

=== Example ===

<pre> root@oxhe:~# /opt/open-xchange/sbin/getcontextcapabilities -c 6
</pre>

== changecontext ==

'''<code>changecontext</code>''' makes context-wide changes.<br>

If you specify module access options; e.g. "--access-edit-password on"; then please be aware that basic module access set is the one from context's administrator. Meaning any option not explicitly specified as CLI argument will fall-back to context administrator setting for _every_ user in associated context.<br>

You can use changecontext to change the current quota for a given context. When the context has more changecontext space in use than the new quota allows,
the customer is only able to delete files until the usage is below quota. Module access (calendar,tasks,email) can be set via predefined "access combination names". These names can be configured on
the server side. All users which are created during later use of the "createuser" tool will inherit the module access rights from the context. If you do not specify any access rights on
createcontext minimal access rights will be granted. Currently, these are Webmail and Contacts access rights.

There are some default combinations in the ModuleAccessDefinitions.properties
file on the admin server, like:

{| border="1"
|-
|webmail=webmail, contacts, globaladdressbookdisabled, collectemailaddresses, editpassword
|-
|pim=webmail, ''calendar'', contacts, ''tasks'', globaladdressbookdisabled, collectemailaddresses, ''multiplemailaccounts'', ''subscription'', ''publication'', editpassword
|-
|pim_infostore=webmail, calendar, contacts, tasks, ''infostore'', ''webdav'', globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication
|-
|pim_mobility=webmail, calendar, contacts, tasks, syncml, ''usm'', activesync, globaladdressbookdisabled, collectemailaddresses, multiplemailaccounts, subscription, publication, ''editpassword''
|-
|groupware_standard=webmail, calendar, contacts, infostore, tasks, webdav, ical, vcard, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication (Groupware Standard always gets new features except mobility and OXtender. )
|-
|groupware_premium=webmail, calendar, contacts, infostore, tasks, webdav, ical, vcard, ''syncml, ''usm'', ''olox20'', ''activesync'', readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, collectemailaddresses, multiplemailaccounts, subscription, publication
|-
|all=webmail, calendar, contacts, infostore, tasks, webdav, ical, vcard, syncml, usm, olox20, activesync, readcreatesharedfolders, delegatetask, editpublicfolders, editgroup, editresource, editpassword, ''publicfoldereditable'', collectemailaddresses, multiplemailaccounts, subscription, publication (This is a right tailored to a context administrator)
|}

'''Note:''' Italics denote additional rights in comparison to the previous set where applicable.

When having changed the access rights of the context and its users with "changecontext" the "downgrade" command should be called on the admin server. All unnecessary data are removed from
the data base via "groupware api". If e. g. the context 1 is changed from "pim_infostore" to "webmail", the "downgrade" command has to be called for this context then. Then, all unnecessary
folders for this context are removed from the data base.

=== Parameters ===

{| border="1"
|-
| -h,- -help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,- -contextid <integer>
|The id of the context
|-
| -N,- -contextname <string>
|The name of the context
|-
| -L,- -addmapping <string(s)>
|Add login mappings. Separated by ","
|-
| -R,- -removemapping <stirng(s)>
|Remove login mappings. Separated by ","
|-
| -q,- -quota <integer>
|Quota for the context filestore in MB
|-
| --access-combination-name <access-combination-name>
|Access combination name
|-
| --capabilities-to-add <capabilities-to-add>
| The capabilities to add as a comma-separated string (from 7.2.0 on)
|-
| --capabilities-to-remove <capabilities-to-remove>
| The capabilities to remove as a comma-separated string (from 7.2.0 on)
|-
| --capabilities-to-drop <capabilities-to-drop>
|The capabilities to drop; e.g. cleanse from storage; as a comma-separated string (from 7.6.0 on)
|-
| --quota-module <quota-module>
|The identifier of the module to which to apply the quota value (from 7.2.0 on)
|-
| --quota-value <quota-value>
| from v7.2.0 on: The quota value; zero is unlimited<br>from v7.6.0 on: The numeric quota value specifying the max. number of items allowed for context. Zero is unlimited. A value less than zero deletes the quota entry (and falls back to configured behavior)
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,- -adminuser <string>
|Master Admin user name
|-
| -P,- -adminpass <string>
|Master Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on
failure

=== Mandatory parameters ===

'''<code>(contextid or
contextname) {adminuser adminpass} and at minimum one attribute to change</code>'''

=== Command output ===

On success:

<code>context <contextid> changed</code>

On failure:

<code>context
<contextid> could not be changed: <reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/changecontext -c 123 -q
500</code>'''

<code>context 123 changed</code>

== getAdminId ==

Returns the ID of the context administrator.

[[Category: Administrator]]

[[Category: AppSuite]]
[[Category: AdminGuide]]
[[Category: CommandLineTools]]

AppSuite:User management

2017-06-20T07:39:55Z

Ioannis.chouklis: Removed the WebDAV XML remnants

== createuser ==

'''<code>createuser</code>''' is the tool to create new users in a given context. The displayname must be unique in one context.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show infoabout commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| --extendedoptions
|Set this if you want to see all options, use this instead of help option
|-
|csv-import <CSV file>
| Full path to CSV file with user data to import. This option makes mandatory options obsolete, except credential options (if needed).
|-
| -c,--contextid <integer>
|The id of the context
|-
| -u,--username <string>
|Username of the user
|-
| -d,--displayname <string>
|Display name of the user
|-
| -g,--givenname <string>
|Given name for the user
|-
| -s,--surname <string>
|Surname of the user
|-
| -p,--password <string>
|Password for the user
|-
| -e,--email <string>
|Primary mail address
|-
| -l,--language <lang>
|Language for the user (de_DE,en_US,fr_FR)
|-
| -t,--timezone <timezone>
|Timezone of the user (Europe/Berlin)
|-
| -x,--department <string>
|Department of the user
|-
| -z,--company <string>
|Company of the user
|-
| -a,--aliases <string>
|E-Mail aliases of the user, separated by ","
|-
| --access-combination-name <access-combination-name>
|Access combination name
|-
| --addguipreferences <addguipreferences>
|Add a GUI setting (key=value)
|}
For the GUI preferences please also see [http://oxpedia.org/wiki/index.php?title=Gui_path]

==== --csv-import <CSV file> ====

Full path to CSV file with user data to
import. This option makes mandatory command line options obsolete, except credential options (if needed). But they have to be set in the CSV file.

With this option you can specify a csv file
(a full pathname must be given) with the data which should be imported. The columnnames in the CSV file must be the same as the long-options of the command line tools, without the prefix
"--".

This option will normally be used to fill new large installations with the new data. So instead of calling the command line tools in a shell script every time, just a csv file needs to
be created, containing the whole data.

Note that the credentials of the masteradmin in the createcontext call must be given on the command line with the -A and -P options nevertheless - if
authentication is enabled. If the createuser command line tool is used, the credentials are part of the csv file, and cannot be set as options on the command line itself. The reason for this
different behavior is that different contexts have different credentials for the admin user, so they must be set in every line of the csv file. Opposed to this the credentials of the masteradmin
are always the same.

=== Extended options ===

{| border="1"
|-
| --email1 <string>
|Email1
|-
| --birthday <datevalue>
|Birthday
|-
| --anniversary <datevalue>
|Anniversary
|-
| --branches <string>
|Branches
|-
| --business_category <string>
|Business_category
|-
| --postal_code_business <string>
|Postal_code_business
|-
| --state_business <string>
|State_business
|-
| --street_business <string>
|Street_business
|-
| --telephone_callback <string>
|Telephone_callback
|-
| --city_home <string>
|City_home
|-
| --commercial_register <string>
|Commercial_register
|-
| --country_home <string>
|Country_home
|-
| --email2 <string>
|Email2
|-
| --email3 <string>
|Email3
|-
| --employeetype <string>
|EmployeeType
|-
| --fax_business <string>
|Fax_business
|-
| --fax_home <string>
|Fax_home
|-
| --fax_other <string>
|Fax_other
|-
| --imapserver <string>
|ImapServer
|-
| --imaplogin <string>
|ImapLogin
|-
| --smtpserver <string>
|SmtpServer
|-
| --instant_messenger1 <string>
|Instant_messenger1
|-
| --instant_messenger2 <string>
|Instant_messenger2
|-
| --telephone_ip <string>
|Telephone_ip
|-
| --telephone_isdn <string>
|Telephone_isdn
|-
| --mail_folder_drafts_name <string>
|Mail_folder_drafts_name
|-
| --mail_folder_sent_name <string>
|Mail_folder_sent_name
|-
| --mail_folder_spam_name <string>
|Mail_folder_spam_name
|-
| --mail_folder_trash_name <string>
|Mail_folder_trash_name
|-
| --mail_folder_archive_full_name <string>
|Mail_folder_archive_full_name
|-
| --manager_name <string>
|Manager_name
|-
| --marital_status <string>
|Marital_status
|-
| --cellular_telephone1 <string>
|Cellular_telephone1
|-
| --cellular_telephone2 <string>
|Cellular_telephone2
|-
| --info <string>
|Info
|-
| --nickname <string>
|Nickname
|-
| --number_of_children <string>
|Number_of_children
|-
| --note <string>
|Note
|-
| --number_of_employee <string>
|Number_of_employee
|-
| --telephone_pager <string>
|Telephone_pager
|-
| --password_expired <booleanvalue>
|Password_expired
|-
| --telephone_assistant <string>
|Telephone_assistant
|-
| --telephone_business1 <string>
|Telephone_business1
|-
| --telephone_business2 <string>
|Telephone_business2
|-
| --telephone_car <string>
|Telephone_car
|-
| --telephone_company <string>
|Telephone_company
|-
| --telephone_home1 <string>
|Telephone_home1
|-
| --telephone_home2 <string>
|Telephone_home2
|-
| --telephone_other <string>
|Telephone_other
|-
| --postal_code_home <string>
|Postal_code_home
|-
| --profession <string>
|Profession
|-
| --telephone_radio <string>
|Telephone_radio
|-
| --room_number <string>
|Room_number
|-
| --sales_volume <string>
|Sales_volume
|-
| --city_other <string>
|City_other
|-
| --country_other <string>
|Country_other
|-
| --middle_name <string>
|Middle_name
|-
| --postal_code_other <string>
|Postal_code_other
|-
| --state_other <string>
|State_other
|-
| --street_other <string>
|Street_other
|-
| --spouse_name <string>
|Spouse_name
|-
| --state_home <string>
|State_home
|-
| --street_home <string>
|Street_home
|-
| --suffix <string>
|Suffix
|-
| --tax_id <string>
|Tax_id
|-
| --telephone_telex <string>
|Telephone_telex
|-
| --telephone_ttytdd <string>
|Telephone_ttytdd
|-
| --uploadFileSizeLimitPerFile <string>
|uploadFileSizeLimitPerFile
|-
| --uploadFileSizeLimit <string>
|uploadFileSizeLimit
|-
| --url <string>
|Url
|-
| --userfield01 <string>
|Userfield01
|-
| --userfield02 <string>
|Userfield02
|-
| --userfield03 <string>
|Userfield03
|-
| --userfield04 <string>
|Userfield04
|-
| --userfield05 <string>
|Userfield05
|-
| --userfield06 <string>
|Userfield06
|-
| --userfield07 <string>
|Userfield07
|-
| --userfield08 <string>
|Userfield08
|-
| --userfield09 <string>
|Userfield09
|-
| --userfield10 <string>
|Userfield10
|-
| --userfield11 <string>
|Userfield11
|-
| --userfield12 <string>
|Userfield12
|-
| --userfield13 <string>
|Userfield13
|-
| --userfield14 <string>
|Userfield14
|-
| --userfield15 <string>
|Userfield15
|-
| --userfield16 <string>
|Userfield16
|-
| --userfield17 <string>
|Userfield17
|-
| --userfield18 <string>
|Userfield18
|-
| --userfield19 <string>
|Userfield19
|-
| --userfield20 <string>
|Userfield20
|-
| --city_business <string>
|City_business
|-
| --country_business <string>
|Country_business
|-
| --assistant_name <string>
|Assistant_name
|-
| --telephone_primary <string>
|Telephone_primary
|-
| --categories <string>
|Categories
|-
| --mail_folder_confirmed_ham_name <string>
|Mail_folder_confirmed_ham_name
|-
| --mail_folder_confirmed_spam_name <string>
|Mail_folder_confirmed_spam_name
|-
| --gui_spam_filter_capabilities_enabled <booleanvalue>
|GUI_spam_filter_capabilities_enabled
|-
| --mailenabled <true/false>
|Mailenabled
|-
| --defaultsenderaddress <stringvalue>
|DefaultSenderAddress
|-
| --title <string>
|Title
|-
| --position <string>
|Position
|-
| --access-calendar <on/off>
|Calendar module (Default is off)
|-
| --access-contacts <on/off>
|Contact module access (Default is on)
|-
| --access-delegate-tasks <on/off>
|Delegate tasks access (Default is off)
|-
| --access-edit-public-folder <on/off>
|Edit public folder access (Default is off)
|-
| --access-ical <on/off>
|Ical module access (Default is off)
|-
| --access-infostore <on/off>
|Infostore module access (Default is off)
|-
| --access-read-create-shared-Folders <on/off>
|Read create shared folder access (Default is off)
|-
| --access-syncml <on/off>
|Syncml access (Default is off)
|-
| --access-active-sync <on/off>
|Exchange Active Sync access (Default is off)
|-
| --access-usm <on/off>
|Universal Sync Module access (Default is off)
|-
| --access-tasks <on/off>
|Tasks access (Default is off)
|-
| --access-vcard <on/off>
|Vcard access (Default is off)
|-
|
--access-webmail <on/off>
|Webmail access (Default is on)
|-
| --access-publication <on/off>
|Publication permission (Default is on). Note: access-publication needs access-infostore and is optional for Groupware+ and premium
|-
| --access-subscription <on/off>
|Subscription permission (Default is on)
|-
| --access-edit-group <on/off>
|Edit group access (Default is off)
|-
| --access-edit-resource <on/off>
|Edit resource access (Default is off)
|-
| --access-edit-password <on/off>
|Edit password access (Default is off)
|-
| --access-collect-email-addresses <on/off>
|Edit collect email addresses (Default is off)
|-
| --access-multiple-mail-accounts <on/off>
|Use multiple mail account feature (Default is off)
|-
| --access-global-address-book-disabled <on/off>
|Access to global address book (Default is off). Note: Setting this option to true is only allowed in combination with PIM and Webmail rights. Note: There is a 'restoregaddefaults' script to restore the default permissions of the global address book folder.
|-
| --access--voipnow <on/off>
|Access to VoiceOverIP feature.
|-
| --access-public-folder-editable <on/off>
|Access to public folders. Allows or denies to see public folders.
|-
| --foldertree <0/1>
|0 sets the OX standard folder tree and 1 sets the Outlook-like folder tree.
|-
| --access-olox20 <on/off>
| Access to Olox2.0
|-
| --default-folder-mode
| The mode how the default folders should be created. 'default', 'default-deletable', 'no-default-folders'. If not selected, 'default' is applied.
|}

=== Open-Xchange module access ===

With Open-Xchange it is
possible to limit the access to the available modules per context i. e., all users in one context per default get the same access rights. The rights though can be changed per user. Currently,
following modules are implemented: access-calendar, access-contacts, access-delegate-tasks, access-edit-public-folder, access-ical, access-infostore, access-read-create-shared-Folders,
access-tasks, access-vcard, access-webdav, access-syncml and access-webmail. There are several combinations possible and four are supported (not mentioned modules need to be
disabled). This limitation is needed because some modules depend on access to others. There are different Open-Xchange packages available for the customer: Webmail+, PIM+, Groupware+, Premium.
These packages have to be configured per context i. e., all users in a context need to use the same package. Each package consists of a combination of modules that has to be set up appropriately.
The following sections quickly introduce the packages and their module configuration. Open-Xchange also provides the possibility to use "access combination names" when creating and changing
contexts/users. If you want to change the package acess rights for a context, you can simply add the "access-combination-name" switch to the appropriate tool
(createcontext,createuser,changecontext etc.).

==== Webmail+ ====

If there are no access rights specified when creating a new user Webmail+ is used as default. Webmail+ is a base package that allows access to the
webmail interface and a personal address book. To grant access to this package, the following modules have to be set to "on" for all users in a context:

{| border="1"
|-
|access-contacts
|Access combination name: webmail_plus
|-
|access-webmail
|Access combinationname: webmail_plus
|}

==== PIM+ ====

PIM+
is another base package that gives access to the webmailer, personal address book, calendar and tasks. Group appointments and delegating tasks are not supported. To grant access to this package,
the following modules have to be set to "on" for all users in a context:

{| border="1"
|-
|access-contacts
|Access combination name: pim_plus
|-
|access-webmail
|Access combination name: pim_plus
|-
|access-calendar
|Access combination name: pim_plus
|-
|access-delegate-tasks
|Access combination name: pim_plus
|-
|access-tasks
|Access combination name: pim_plus
|}

==== Groupware+ ====

Groupware+ is an upsell package that provides full groupware functionality: private, shared and public folders, conflict handling for appointments, team view. Furthermore, the InfoStore is
available. To grant access to this package, the following modules have to be set to "on" for all users in a context:

{| border="1"
|-
|access-contacts
|Access combination name: groupware_plus
|-
|access-webmail
|Access combination name: groupware_plus
|-
|access-calendar
|Access combination name: groupware_plus
|-
|access-delegate-tasks
|Access combination name: groupware_plus
|-
|access-tasks
|Access combination name: groupware_plus
|-
|access-edit-public-folder
|Access combination name: groupware_plus
|-
|access-infostore
|Access combination name: groupware_plus
|-
|access-read-create-shared-Folders
|Access combination name: groupware_plus
|}

==== Premium ====

Premium is a desktop integration package. It provides the functionality of the "Groupware+" package and comes with interfaces to integrate with other software: The OXtender for MS Outlook and the
WebDAV interface to integrate the InfoStore with desktops. To grant access to this package, the following modules have to be set to "on" for all users in a context:

{| border="1"
|-
|access-contacts
|Access combination name: premium
|-
|access-webmail
|Access combination name: premium
|-
|access-calendar
|Access combination name: premium
|-
|access-delegate-tasks
|Access combination name: premium
|-
|access-tasks
|Access combination name: premium
|-
|access-edit-public-folder
|Access combination name: premium
|-
|access-infostore
|Access combination name: premium
|-
|access-read-create-shared-Folders
|Access combination name: premium
|-
|access-ical
|Access combination name: premium
|-
|access-vcard
|Access combination name: premium
|-
|access-webdav
|Access combination name: premium
|}

==== All ====
The setting <code>all</code> is equivalent to <code>premium</code> for ordinary users. For context administrators, it adds the right <code>publicfoldereditable</code>, which allows the admin to change the access rights to public folders for groups.

==== Package access configuration ====

This section provides a quick overview about the different packages that can be configured per context and the
required access configuration:

{| border="1"
|-
|Module
|Webmail+
|PIM+
|Groupware+
|Premium
|-
| -access-calendar
|off
|on
|on
|on
|-
| -access-contacts
|on
|on
|on
|on
|-
| -access-delegate-tasks
|off
|on
|on
|on
|-
| -access-edit-public-folder
|off
|off
|on
|on
|-
| -access-ical
|off
|off
|off
|on
|-
| -access-infostore
|off
|off
|on
|on
|-
| -access-read-create-shared-Folders
|off
|off
|on
|on
|-
| -access-syncml
|off
|off
|off
|off
|-
|–access-tasks
|off
|on
|on
|on
|-
| -access-vcard
|off
|off
|off
|on
|-
| -access-webdav
|off
|off
|off
|on
|-
| -access-webmail
|on
|on
|on
|on
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Context admin user name
|-
| -P,--adminpass <string>
|Context admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

<code>contextid {adminuser adminpass} username displayname givenname surname password email</code>

=== Command output ===

On success:

<code>user <userid> in context <contextid> created</code>

On failure:

<code>user in context <contextid> could not be created: <reason from server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code>/opt/open-xchange/sbin/createuser -c 123 -u jd -d "john doe"
-g John -s Doe -p userpw -e jd@example.com</code>'''

<code>user 3 in context 123 created</code>

== deleteuser ==

'''<code>deleteuser</code>''' is the tool to delete a user in a given context. If you delete a user the public folder entries of this user are
transferred to the admin user. All other data are deleted.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <integer>
|The id of them context
|-
| -i,--userid <integer>
|Id of the user
|-
| -u,--username <string>
|Username ofthe user
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Context Admin user name
|-
| -P,--adminpass <string>
|Context Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===
<code>contextid {adminuser adminpass} (userid or username)</code>

=== Command output ===

On success:

<code>user <userid> in context <contextid> deleted</code>

On failure:

<code>user <userid> in context <contextid> could not be deleted: <reason from
server></code>

=== Example ===

<code>root@oxhe~# </code>'''<code> /opt/open-xchange/deleteuser -c 123 -i 3</code>'''

<code>user 3 in context 123 deleted</code>

== listuser ==

'''<code>listuser</code>''' is the tool to list and search for users.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <integer>
|The id of the context
|-
| -s,--searchpattern <string>
|Search/List pattern, default “*”
|-
| --csv
|Command output as csv
|-
| -i,--ignorecase
|Do a case-insensitive search with the given search pattern
|-
| --includeguests
|Add guest users to listing '''Available with v7.8.0'''
|-
| --excludeusers
|Exclude usual users from listing '''Available with v7.8.0'''
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Context Admin user name
|-
| -P,--adminpass <string>
|Context Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===
<code>contextid adminuser adminpass</code>

=== Command output ===

Standard output (only a subset of available attributes are printed also only disabled
modules):

{| border="1"
|-
|id
|enabled
|imapServer
|smtpserver
|language
|Webdav
|-
|3
|true
|localhost
|localhost
|en_US
|false
|false
|}

csv output:
Name,Language,Id,Display_name,PrimaryEmail,MaxQuota,UsedQuota,Email1,Mailenabled,Password,Sur_name,Given_name,
FilestoreId,FilestoreOwner,Filestore_name,Birthday,Anniversary,Branches,Business_category,Postal_code_business,
State_business,Street_business,Telephone_callback,City_home,Commercial_register,Country_home,Company,Department,
Email2,Email3,EmployeeType,Fax_business,Fax_home,Fax_other,ImapServer,ImapLogin,SmtpServer,Instant_messenger1,
Instant_messenger2,Telephone_ip,Telephone_isdn,Mail_folder_drafts_name,Mail_folder_sent_name,
Mail_folder_spam_name,Mail_folder_trash_name,Mail_folder_archive_full_name,Manager_name,Marital_status,Cellular_telephone1,Cellular_telephone2,
Info,Nickname,Number_of_children,Note,Number_of_employee,Telephone_pager,Password_expired,Telephone_assistant,
Telephone_business1,Telephone_business2,Telephone_car,Telephone_company,Telephone_home1,Telephone_home2,
Telephone_other,Position,Postal_code_home,Profession,Telephone_radio,Room_number,Sales_volume,City_other,
Country_other,Middle_name,Postal_code_other,State_other,Street_other,Spouse_name,State_home,Street_home,Suffix,
Tax_id,Telephone_telex,Timezone,Title,Telephone_ttytdd,UploadFileSizeLimit,UploadFileSizeLimitPerFile,Url,
Userfield01,Userfield02,Userfield03,Userfield04,Userfield05,Userfield06,Userfield07,Userfield08,Userfield09,
Userfield10,Userfield11,Userfield12,Userfield13,Userfield14,Userfield15,Userfield16,Userfield17,Userfield18,
Userfield19,Userfield20,Aliases,City_business,Country_business,Assistant_name,Telephone_primary,Categories,
PasswordMech,Mail_folder_confirmed_ham_name,Mail_folder_confirmed_spam_name,GUI_Spam_filter_capabilities_enabled,
DefaultSenderAddress,FolderTree,UserAttributes,GuiPreferences,access-calendar,access-contacts,
access-delegate-tasks,access-edit-public-folder,access-ical,access-infostore,
access-read-create-shared-Folders,access-syncml,access-tasks,access-vcard,access-webdav,
access-webmail,access-edit-group,access-edit-resource,access-edit-password,access-collect-email-addresses,
access-multiple-mail-accounts,access-subscription,access-publication,access-active-sync,access-usm,
access-olox20,access-denied-portal,access-global-address-book-disabled,access-public-folder-editable

=== Example ===

<pre> root@oxhe:~# /opt/open-xchange/sbin/listuser -c 6 Id Name Displayname Email 2 admin admin admin@example.com 3 holger Holger
holger@example.com
</pre>

== getusercapabilities ==

'''<code>getusercapabilities</code>''' is the tool to list available capabilities for a certain user.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| -c,--contextid <integer>
|The id of the context
|-
| -i,--userid <userid>
|Id of the user
|-
| -u,--username <username>
|Username of the user
|}

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
| -A,--adminuser <string>
|Context Admin user name
|-
| -P,--adminpass <string>
|Context Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===
<code>contextid userid adminuser adminpass</code>

=== Command output ===

Either "There are no capabilities set for user <user-id> in context <context-id>"
or a line-wise listing of identifiers for available capabilities

=== Example ===

<pre> root@oxhe:~# /opt/open-xchange/sbin/getusercapabilities -c 6 -i 345
</pre>

== changeuser ==

The '''<code>changeuser</code>''' tool allows to modify attributes of an existing user in a given context. The displayname must be unique in
one context.

=== Parameters ===

{| border="1"
|-
| -h,--help
|Prints a help text
|-
| --environment
|Show info about commandline environment
|-
| --nonl
|Remove all newlines (\n) from output
|-
| --responsetimeout <integer>
|response timeout in seconds for reading response from the backend (default 0s; infinite) '''Available with v7.8.0'''
|-
| --extendedoptions
|Set this if you want to see all options, use this instead of help option
|-
| -c,--contextid <integer>
|The id of the context
|-
| -i,--userid <integer>
|Id of the user
|-
| -u,--username <string>
|Username of the user
|-
| -d,--displayname <string>
|Display name of the user
|-
| -g,--givenname <string>
|Given name for the user
|-
| -s,--surname <string>
|Surname of the user
|-
| -p,--password <string>
|Password for the user
|-
| -e,--email <string>
|Primary mail address
|-
| -l,--language <lang>
|Language for the user (de_DE,en_US, fr_FR)
|-
| -t,--timezone <timezone>
|Timezone of the user (Europe/Berlin)
|-
| -x,--department <string>
|Department of the user
|-
| -z,--company <string>
|Company of the user
|-
| -a,--aliases <string>
|E-Mail aliases of the user, separated by ","
|-
| --access-combination-name <access-combination-name>
|Access combination name
|-
| --addguipreferences <addguipreferences>
|Add a GUI setting (key=value)
|-
| --removeguipreferences <removeguipreferences>
|Remove a GUI setting
|-
| --access-denied-portal <on/off>
|Denies portal access (Default is off)
|-
| --capabilities-to-add <capabilities-to-add>
| The capabilities to add as a comma-separated string (from 7.2.0 on)
|-
| --capabilities-to-remove <capabilities-to-remove>
|The capabilities to remove as a comma-separated string (from 7.2.0 on)
|-
| --capabilities-to-drop <capabilities-to-drop>
|The capabilities to drop; e.g. cleanse from storage; as a comma-separated string (from 7.6.0 on)
|}
For the GUI preferences please also see http://www.open-xchange.com/wiki/index.php?title=Gui_path

=== Extended options ===

{| border="1"
|-
| --email1 <string>
|Email1
|-
| --mailenabled <booleanvalue >
|Mailenabled
|-
| --birthday <datevalue>
|Birthday
|-
| --anniversary <datevalue>
|Anniversary
|-
| --branches <string>
|Branches
|-
| --business_category <string>
|Business_category
|-
| --postal_code_business <string>
|Postal_code_business
|-
| --state_business <string>
|State_business
|-
| --street_business <string>
|Street_business
|-
| --telephone_callback <string>
|Telephone_callback
|-
| --city_home <string>
|City_home
|-
| --commercial_register <string>
|Commercial_register
|-
| --country_home <string>
|Country_home
|-
| --email2 <string>
|Email2
|-
| --email3 <string>
|Email3
|-
| --employeetype <string>
|EmployeeType
|-
| --fax_business <string>
|Fax_business
|-
| --fax_home <string>
|Fax_home
|-
| --fax_other <string>
|Fax_other
|-
| --imapserver <string>
|ImapServer
|-
| --imaplogin <string>
|ImapLogin
|-
| --smtpserver <string>
|SmtpServer
|-
| --instant_messenger1 <string>
|Instant_messenger1
|-
| --instant_messenger2 <string>
|Instant_messenger2
|-
| --telephone_ip <string>
|Telephone_ip
|-
| --telephone_isdn <string>
|Telephone_isdn
|-
| --mail_folder_drafts_name <string>
|Mail_folder_drafts_name
|-
| --mail_folder_sent_name <string>
|Mail_folder_sent_name
|-
| --mail_folder_spam_name <string>
|Mail_folder_spam_name
|-
| --mail_folder_trash_name <string>
|Mail_folder_trash_name
|-
| --mail_folder_archive_full_name <string>
|Mail_folder_archive_full_name
|-
| --manager_name <string>
|Manager_name
|-
| --marital_status <string>
|Marital_status
|-
| --cellular_telephone1 <string>
|Cellular_telephone1
|-
| --cellular_telephone2 <string>
|Cellular_telephone2
|-
| --info <string>
|Info
|-
| --nickname <string>
|Nickname
|-
| --number_of_children <string>
|Number_of_children
|-
| --note <string>
|Note
|-
| --number_of_employee <string>
|Number_of_employee
|-
| --telephone_pager <string>
|Telephone_pager
|-
| --password_expired <booleanvalue>
|Password_expired
|-
| --telephone_assistant <string>
|Telephone_assistant
|-
| --telephone_business1 <string>
|Telephone_business1
|-
| --telephone_business2 <string>
|Telephone_business2
|-
| --telephone_car <string>
|Telephone_car
|-
| --telephone_company <string>
|Telephone_company
|-
| --telephone_home1 <string>
|Telephone_home1
|-
| --telephone_home2 <string>
|Telephone_home2
|-
| --telephone_other <string>
|Telephone_other
|-
| --postal_code_home <string>
|Postal_code_home
|-
| --profession <string>
|Profession
|-
| --telephone_radio <string>
|Telephone_radio
|-
| --room_number <string>
|Room_number
|-
| --sales_volume <string>
|Sales_volume
|-
| --city_other <string>
|City_other
|-
| --country_other <string>
|Country_other
|-
| --middle_name <string>
|Middle_name
|-
| --postal_code_other <string>
|Postal_code_other
|-
| --state_other <string>
|State_other
|-
| --street_other <string>
|Street_other
|-
| --spouse_name <string>
|Spouse_name
|-
| --state_home <string>
|State_home
|-
| --street_home <string>
|Street_home
|-
| --suffix <string>
|Suffix
|-
| --tax_id <string>
|Tax_id
|-
| --telephone_telex <string>
|Telephone_telex
|-
| --telephone_ttytdd <string>
|Telephone_ttytdd
|-
| --url <string>
|Url
|-
| --userfield01 <string>
|Userfield01
|-
| --userfield02 <string>
|Userfield02
|-
| --userfield03 <string>
|Userfield03
|-
| --userfield04 <string>
|Userfield04
|-
| --userfield05 <string>
|Userfield05
|-
| --userfield06 <string>
|Userfield06
|-
| --userfield07 <string>
|Userfield07
|-
| --userfield08 <string>
|Userfield08
|-
| --userfield09 <string>
|Userfield09
|-
| --userfield10 <string>
|Userfield10
|-
| --userfield11 <string>
|Userfield11
|-
| --userfield12 <string>
|Userfield12
|-
| --userfield13 <string>
|Userfield13
|-
| --userfield14 <string>
|Userfield14
|-
| --userfield15 <string>
|Userfield15
|-
| --userfield16 <string>
|Userfield16
|-
| --userfield17 <string>
|Userfield17
|-
| --userfield18 <string>
|Userfield18
|-
| --userfield19 <string>
|Userfield19
|-
| --userfield20 <string>
|Userfield20
|-
| --city_business <string>
|City_business
|-
| --country_business <string>
|Country_business
|-
| --assistant_name <string>
|Assistant_name
|-
| --telephone_primary <string>
|Telephone_primary
|-
| --categories <string>
|Categories
|-
| --mail_folder_confirmed_ham_name <string>
|Mail_folder_confirmed_ham_name
|-
| --mail_folder_confirmed_spam_name <string>
|Mail_folder_confirmed_spam_name
|-
| --gui_spam_filter_capabilities_enabled <booleanvalue>
|GUI_Spam_filter_capabilities_enabled
|-
| --defaultsenderaddress<string>
|DefaultSenderAddress
|-
| --title <string>
|Title
|-
| --position <string>
|Position
|-
| --access-calendar
<on/off>
|Calendar module (Default is off)
|-
| --access-contacts <on/off>
|Contact module access (Default is on)
|-
| --access-delegate-tasks <on/off>
|Delegate tasks access (Default is off)
|-
| --access-edit-public-folder <on/off>
|Edit public folder access (Default is off)
|-
| --access-ical <on/off>
|Ical module access (Default is off)
|-
| --access-infostore <on/off>
|Infostore module access (Default is off)
|-
| --access-read-create-shared-Folders <on/off>
|Read create shared folder access (Default is off)
|-
| --access-syncml <on/off>
|Syncml access (Default is off)
|-
| --access-active-sync <on/off>
|Exchange Active Sync access (Default is off)
|-
| --access-usm <on/off>
|Universal Sync Module access (Default is off)
|-
| --access-tasks <on/off>
|Tasks access (Default is off)
|-
| --access-vcard <on/off>
|Vcard access (Default is off)
|-
| --access-webdav <on/off>
|Webdav access (Default is off)
|-
| --access-webmail <on/off>
|Webmail access (Default is on)
|-
| --access-publication <on/off>
|Publication permission (Default is on). Note: access-publication needs access-infostore and is optional for Groupware+ and premium
|-
| --access-subscription <on/off>
|Subscription permission (Default is on)
|-
| --access-edit-group <on/off>
|Edit group access (Default is off)
|-
| --access-edit-resource <on/off>
|Edit resource access (Default is off)
|-
| --access-edit-password <on/off>
|Edit password access (Default is off)
|-
| --access-collect-email-addresses <on/off>
|Edit collect email addresses (Default is off)
|-
| --access-multiple-mail-accounts <on/off>
|Use multiple mail account feature (Default is off)
|-
| --access-global-address-book-disabled <on/off>
|Access to global address book (Default is off). Note: Setting this option to true is only allowed in combination with PIM and Webmail rights. Note: There is a 'restoregaddefaults' script to restore the default permissions of the global address book folder.
|-
| --access--voipnow <on/off>
|Access to VoiceOverIP feature.
|-
| --access-public-folder-editable <on/off>
|Access to public folders. Allows or denies to see public folders.
|-
| --foldertree <0/1>
|0 sets the OX standard folder tree and 1 sets the Outlook-like folder tree.
|-
| --access-olox20 <on/off>
| Access to Olox2.0
|}

=== Access changes for existing users ===

Changes to module access must be done for all users in a given context. On downgrade i. e., to revoke former given access, the data for objects will still be present in the database and on the filestore but is not visible to the customer any more. Please note that only the specified modules are changed. That is why it is required to explicitly turn modules off. A list of packages and the required module configuration is provided in [[the section called “Package access configuration”]].

=== Extra parameters when authentication is enabled ===

{| border="1"
|-
|-A,--adminuser <string>
|Context Admin user name
|-
|-P,--adminpass <string>
|Context Admin password
|}

=== Return value ===

<code>0</code> on success

<code>>0</code> on failure

=== Mandatory parameters ===

'''<code>contextid {adminuser adminpass} (userid or username) and at minimum one attribute to change</code>'''

primaryMail, Email1 and defaultSenderAddress must be present in set of aliases i. e., whenever you want to change one of
* --email
* --email1
* --defaultsenderaddress
you MUST take care, that the address you want to set is already contained in the aliases of the user.

So when user has aliases: foo, bar and you want to change email to anotheraddr, you
must add anotheraddr to the aliases, first.

If needed, this can be done with one commandline call, e.g.:

'''<code>/changeuser -A oxadmin -P secret -c 666 -i 4 -e
anotheraddr -a foo,bar,anotheraddr</code>'''

=== Command output ===

On success:

<code>user <userid> in <contextid> changed</code>

On failure:

<code>user
<userid> in <contextid> could not be changed: <reason from server></code>

=== Example ===

<code>root@oxhe~#</code>'''<code> changeuser -c 123 -i 3 -p newpwd</code>'''

<code>user 3 in context 123 changed</code>

[[Category: Administrator]]

[[Category: AppSuite]]
[[Category: AdminGuide]]
[[Category: CommandLineTools]]

AppSuite:Configuration properties 7.6.1

2017-06-13T10:14:57Z

Ioannis.chouklis: Undo revision 23479 by Ioannis.chouklis (talk)

{{Version|7.6.1}}
This is an overview of all configuration parameters for the AppSuite backend. By default, this list is sorted by the .properties files they appear in.
Yet for most parameters, it does not really matter in which file are found. This does not apply to some core configuration files which are explicitly loaded by name. For these, you cannot re-define the value in another file:

<code>AdminUser.properties, filestorage.properties, Group.properties, mailfilter.properties, ModuleAccessDefinitions.properties, recaptcha.properties, recaptcha_options.properties, Resource.properties, RMI.properties, Sql.properties</code>

{|width="100%" style="table-layout: fixed" class='wikitable sortable properties-table' border='1'
! scope="col" width="30%" class="key" | Key
! scope="col" width="20%" class="value"| Default value
! scope="col" width="35%" class="comment"| Comment
! scope="col" width="15%" class="location"| File
|-
| <nowiki>USER_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXUserMySQLStorage</nowiki>
| <nowiki></nowiki>
| AdminDaemon.properties:11
|-
| <nowiki>GROUP_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXGroupMySQLStorage</nowiki>
| <nowiki></nowiki>
| AdminDaemon.properties:12
|-
| <nowiki>RESOURCE_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXResourceMySQLStorage</nowiki>
| <nowiki></nowiki>
| AdminDaemon.properties:13
|-
| <nowiki>CONCURRENT_JOBS</nowiki>
| <nowiki>2</nowiki>
| <nowiki>how many jobs should be executed concurrently </nowiki>
| AdminDaemon.properties:16
|-
| <nowiki>MASTER_AUTHENTICATION_DISABLED</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Disabling authentication for system calls like context/server etc. creation! ONLY USE THIS SWITCH IF YOU EXACTLY KNOW WHAT YOU DO!!! </nowiki>
| AdminDaemon.properties:3
|-
| <nowiki>CONTEXT_AUTHENTICATION_DISABLED</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Disabling authentication for context calls like user/group etc. creation! This also disables authentication for calls which a "normal" user can make like change his own data or get his own data! ONLY USE THIS SWITCH IF YOU EXACTLY KNOW WHAT YOU DO!!! </nowiki>
| AdminDaemon.properties:9
|-
| <nowiki>CHECK_USER_UID_REGEXP</nowiki>
| <nowiki>[$@%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:10
|-
| <nowiki>SENT_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Elementy wys\u0142ane</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:102
|-
| <nowiki>TRASH_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Kosz</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:103
|-
| <nowiki>DRAFTS_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Szkice</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:104
|-
| <nowiki>SPAM_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:105
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Potwierdzony spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:106
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Potwierdzony nie-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:107
|-
| <nowiki>SENT_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta inviata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:111
|-
| <nowiki>TRASH_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Cestino</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:112
|-
| <nowiki>DRAFTS_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Bozze</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:113
|-
| <nowiki>SPAM_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta Indesiderata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:114
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta indesiderata accertata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:115
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta attendibile accertata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:116
|-
| <nowiki>SENT_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5df2\u53d1\u9001\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:120
|-
| <nowiki>TRASH_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5783\u573e\u7b52</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:121
|-
| <nowiki>DRAFTS_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u8349\u7a3f</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:122
|-
| <nowiki>SPAM_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5783\u573e\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:123
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5df2\u786e\u8ba4\u7684\u5783\u573e\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:124
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5df2\u786e\u8ba4\u7684\u6b63\u5e38\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:125
|-
| <nowiki>SENT_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Odeslan\u00e9 polo\u017eky</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:129
|-
| <nowiki>AUTO_TO_LOWERCASE_UID</nowiki>
| <nowiki>false</nowiki>
| <nowiki>this will lowercase the uid </nowiki>
| AdminUser.properties:13
|-
| <nowiki>TRASH_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Ko\u0161</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:130
|-
| <nowiki>DRAFTS_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Koncepty</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:131
|-
| <nowiki>SPAM_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:132
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Potvrzen\u00fd spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:133
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Potvrzen\u00e1 norm\u00e1ln\u00ed po\u0161ta</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:134
|-
| <nowiki>SENT_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Elk\u00fcld\u00f6tt elemek</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:138
|-
| <nowiki>TRASH_MAILFOLDER_HU_HU</nowiki>
| <nowiki>T\u00f6r\u00f6lt elemek</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:139
|-
| <nowiki>DRAFTS_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Piszkozatok</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:140
|-
| <nowiki>SPAM_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Lev\u00e9lszem\u00e9t</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:141
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Elfogadott k\u00e9retlen</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:142
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Elfogadott \u00e1l-k\u00e9retlen</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:143
|-
| <nowiki>SENT_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Odoslan\u00e9 polo\u017eky</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:147
|-
| <nowiki>TRASH_MAILFOLDER_SK_SK</nowiki>
| <nowiki>K\u00f4\u0161</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:148
|-
| <nowiki>DRAFTS_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Rozp\u00edsan\u00e9</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:149
|-
| <nowiki>SPAM_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:150
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Potvrden\u00fd spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:151
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Potvrden\u00e9 ako nie spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:152
|-
| <nowiki>SENT_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Nos\u016Bt\u012Bt\u0101s vien\u012Bbas</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:156
|-
| <nowiki>TRASH_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Atkritumi</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:157
|-
| <nowiki>DRAFTS_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Melnraksti</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:158
|-
| <nowiki>SPAM_MAILFOLDER_LV_LV</nowiki>
| <nowiki>M\u0113stules</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:159
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Apstiprin\u0101ta "m\u0113stule"</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:160
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Apstiprin\u0101ts "ham"</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:161
|-
| <nowiki>USERNAME_CHANGEABLE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>WARNING: Changing the username might have impact on external systems like imap server that allows acls to be set. Imap ACLS usually use symbolic names so when changing the user name without changing the ACL breaks the ACL. open-xchange-admin will NOT change those ACLS, so DO NOT CHANGE THIS SETTING ON OX Express </nowiki>
| AdminUser.properties:20
|-
| <nowiki>PRIMARY_MAIL_UNCHANGEABLE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Here you can set whether the primary mail address can be changed or not. If set to false, it is possible to change the primary mail address. Only change, if you know what you are doing (Outlook might not work anymore under certain circumstances) Default is: false </nowiki>
| AdminUser.properties:27
|-
| <nowiki>DEFAULT_PASSWORD_MECHANISM</nowiki>
| <nowiki>SHA</nowiki>
| <nowiki>specify the default password mechanism to use possible values: CRYPT / SHA / BCRYPT </nowiki>
| AdminUser.properties:3
|-
| <nowiki>SENT_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Gesendete Objekte</nowiki>
| <nowiki>default mail folder fallback if not sent by rmi client: </nowiki>
| AdminUser.properties:30
|-
| <nowiki>TRASH_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Papierkorb</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:31
|-
| <nowiki>DRAFTS_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Entw\u00fcrfe</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:32
|-
| <nowiki>SPAM_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:33
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_DE_DE</nowiki>
| <nowiki>confirmed-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:34
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_DE_DE</nowiki>
| <nowiki>confirmed-ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:35
|-
| <nowiki>SENT_MAILFOLDER_EN_GB</nowiki>
| <nowiki>SentMail</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:39
|-
| <nowiki>TRASH_MAILFOLDER_EN_GB</nowiki>
| <nowiki>Trash</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:40
|-
| <nowiki>DRAFTS_MAILFOLDER_EN_GB</nowiki>
| <nowiki>Drafts</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:41
|-
| <nowiki>SPAM_MAILFOLDER_EN_GB</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:42
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_EN_GB</nowiki>
| <nowiki>confirmed-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:43
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_EN_GB</nowiki>
| <nowiki>confirmed-ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:44
|-
| <nowiki>SENT_MAILFOLDER_EN_US</nowiki>
| <nowiki>Sent Items</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:48
|-
| <nowiki>TRASH_MAILFOLDER_EN_US</nowiki>
| <nowiki>Trash</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:49
|-
| <nowiki>DRAFTS_MAILFOLDER_EN_US</nowiki>
| <nowiki>Drafts</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:50
|-
| <nowiki>SPAM_MAILFOLDER_EN_US</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:51
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_EN_US</nowiki>
| <nowiki>confirmed-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:52
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_EN_US</nowiki>
| <nowiki>confirmed-ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:53
|-
| <nowiki>SENT_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Objets envoy\u00e9s</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:57
|-
| <nowiki>TRASH_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Corbeille</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:58
|-
| <nowiki>DRAFTS_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Brouillons</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:59
|-
| <nowiki>UID_NUMBER_START</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>set to > 0 to use the uidnumber feature </nowiki>
| AdminUser.properties:6
|-
| <nowiki>SPAM_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Pourriel</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:60
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_FR_FR</nowiki>
| <nowiki>pourriel-confirme</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:61
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_FR_FR</nowiki>
| <nowiki>non-pourriel-confirme</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:62
|-
| <nowiki>SENT_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Verzonden items</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:66
|-
| <nowiki>TRASH_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Prullenbak</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:67
|-
| <nowiki>DRAFTS_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Concepten</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:68
|-
| <nowiki>SPAM_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:69
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_NL_NL</nowiki>
| <nowiki>bevestigde spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:70
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_NL_NL</nowiki>
| <nowiki>bevestigde ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:71
|-
| <nowiki>SENT_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Skickat</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:75
|-
| <nowiki>TRASH_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Papperskorgen</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:76
|-
| <nowiki>DRAFTS_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Utkast</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:77
|-
| <nowiki>SPAM_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Skr\u00E4ppost</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:78
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_SV_SV</nowiki>
| <nowiki>bekr\u00E4ftad-skr\u00E4ppost</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:79
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_SV_SV</nowiki>
| <nowiki>felaktigt-bekr\u00E4ftad-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:80
|-
| <nowiki>SENT_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Elementos enviados</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:84
|-
| <nowiki>TRASH_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Papelera</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:85
|-
| <nowiki>DRAFTS_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Borradores</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:86
|-
| <nowiki>SPAM_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Correo no deseado</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:87
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_ES_ES</nowiki>
| <nowiki>correo basura confirmado</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:88
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_ES_ES</nowiki>
| <nowiki>correo leg\u00EDtimo confirmado</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:89
|-
| <nowiki>CHECK_USER_UID_FOR_NOT_ALLOWED_CHARS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>this will check the user name using the check below </nowiki>
| AdminUser.properties:9
|-
| <nowiki>SENT_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u9001\u4FE1\u6E08\u30A2\u30A4\u30C6\u30E0</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:93
|-
| <nowiki>TRASH_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u524A\u9664\u6E08\u307F\u30A2\u30A4\u30C6\u30E0</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:94
|-
| <nowiki>DRAFTS_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u4E0B\u66F8\u304D</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:95
|-
| <nowiki>SPAM_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u8FF7\u60D1\u30E1\u30FC\u30EB</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:96
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u8FF7\u60D1\u30E1\u30FC\u30EB\uFF08\u78BA\u8A8D\u6E08\uFF09</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:97
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u4E00\u822C\u30E1\u30FC\u30EB\uFF08\u78BA\u8A8D\u6E08\uFF09</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:98
|-
| <nowiki>verbosity</nowiki>
| <nowiki>1</nowiki>
| <nowiki>verbosity: The level of messages for status/debug (messages go to standard output). The setting here is for your own local catalogs. The verbosity of Forrest's core catalogs is controlled via main/webapp/WEB-INF/cocoon.xconf The following messages are provided ... 0 = none 1 = ? (... not sure yet) 2 = 1+, Loading catalog, Resolved public, Resolved system 3 = 2+, Catalog does not exist, resolvePublic, resolveSystem 10 = 3+, List all catalog entries when loading a catalog (Cocoon also logs the "Resolved public" messages.) </nowiki>
| CatalogManager.properties:41
|-
| <nowiki>catalogs</nowiki>
| <nowiki>../resources/schema/catalog.xcat</nowiki>
| <nowiki>catalogs ... list of additional catalogs to load (Note that Apache Forrest will automatically load its own default catalog from main/webapp/resources/schema/catalog.xcat) Use either full pathnames or relative pathnames. pathname separator is always semi-colon (;) regardless of operating system directory separator is always slash (/) regardless of operating system </nowiki>
| CatalogManager.properties:49
|-
| <nowiki>relative-catalogs</nowiki>
| <nowiki>no</nowiki>
| <nowiki>relative-catalogs If false, relative catalog URIs are made absolute with respect to the base URI of the CatalogManager.properties file. This setting only applies to catalog URIs obtained from the catalogs property in the CatalogManager.properties file Example: relative-catalogs=[yes|no] </nowiki>
| CatalogManager.properties:57
|-
| <nowiki>GID_NUMBER_START</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>set to higher than 0 to enable gid number feature </nowiki>
| Group.properties:2
|-
| <nowiki>CHECK_GROUP_UID_FOR_NOT_ALLOWED_CHARS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>this will check the group name using the check below </nowiki>
| Group.properties:5
|-
| <nowiki>CHECK_GROUP_UID_REGEXP</nowiki>
| <nowiki>[ $@%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki></nowiki>
| Group.properties:6
|-
| <nowiki>AUTO_TO_LOWERCASE_UID</nowiki>
| <nowiki>false</nowiki>
| <nowiki>this will lowercase the uid </nowiki>
| Group.properties:9
|-
| <nowiki>webmail_plus</nowiki>
| <nowiki>contacts,webmail</nowiki>
| <nowiki>this are the deprecated definitions of module access combinations. please use the newly defined sets. </nowiki>
| ModuleAccessDefinitions.properties:40
|-
| <nowiki>pim_plus</nowiki>
| <nowiki>contacts,webmail,calendar,tasks</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:41
|-
| <nowiki>groupware_plus</nowiki>
| <nowiki>contacts,webmail,calendar,delegatetask,tasks,editpublicfolders,infostore,publicfoldereditable,readcreatesharedfolders</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:42
|-
| <nowiki>premium</nowiki>
| <nowiki>contacts,webmail,calendar,delegatetask,tasks,editpublicfolders,infostore,publicfoldereditable,readcreatesharedfolders,ical,vcard,webdav,webdavxml</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:43
|-
| <nowiki>groupware</nowiki>
| <nowiki>calendar,contacts,delegatetask,editpublicfolders,ical,infostore,publicfoldereditable,readcreatesharedfolders,tasks,vcard,webdav,webdavxml,webmail,editresource,editgroup,editpassword,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki>PLEASE Update accordingly when UPDATING "all" level! Includes all modules except mobility, </nowiki>
| ModuleAccessDefinitions.properties:47
|-
| <nowiki>webmail</nowiki>
| <nowiki>webmail,contacts,globaladdressbookdisabled,collectemailaddresses,editpassword</nowiki>
| <nowiki> </nowiki>
| ModuleAccessDefinitions.properties:50
|-
| <nowiki>pim</nowiki>
| <nowiki>webmail,calendar,contacts,tasks,globaladdressbookdisabled,collectemailaddresses,multiplemailaccounts,subscription,publication,editpassword</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:51
|-
| <nowiki>pim_infostore</nowiki>
| <nowiki>webmail,calendar,contacts,tasks,infostore,webdav,globaladdressbookdisabled,collectemailaddresses,multiplemailaccounts,subscription,publication,editpassword</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:52
|-
| <nowiki>pim_mobility</nowiki>
| <nowiki>webmail,calendar,contacts,tasks,syncml,usm,activesync,globaladdressbookdisabled,collectemailaddresses,multiplemailaccounts,subscription,publication,editpassword</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:53
|-
| <nowiki>groupware_standard</nowiki>
| <nowiki>webmail,calendar,contacts,infostore,tasks,webdav,ical,vcard,readcreatesharedfolders,delegatetask,editpublicfolders,editgroup,editresource,editpassword,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki>Groupware Standard always gets new features except mobility and OXtender. </nowiki>
| ModuleAccessDefinitions.properties:55
|-
| <nowiki>groupware_premium</nowiki>
| <nowiki>webmail,calendar,contacts,infostore,tasks,webdav,webdavxml,ical,vcard,syncml,usm,olox20,activesync,readcreatesharedfolders,delegatetask,editpublicfolders,editgroup,editresource,editpassword,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:56
|-
| <nowiki>all</nowiki>
| <nowiki>webmail,calendar,contacts,infostore,tasks,webdav,webdavxml,ical,vcard,syncml,usm,olox20,activesync,readcreatesharedfolders,delegatetask,editpublicfolders,editgroup,editresource,editpassword,publicfoldereditable,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki>By default 'all' is the same as 'groupware_premium', except the right 'publicfoldereditable'. As this right only applies to context administrators, 'all' is internally equivalent to 'groupware_premium' for normal users. </nowiki>
| ModuleAccessDefinitions.properties:59
|-
| <nowiki>CHECK_RES_UID_FOR_NOT_ALLOWED_CHARS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>this will check the resource name using the check below </nowiki>
| Resource.properties:2
|-
| <nowiki>CHECK_RES_UID_REGEXP</nowiki>
| <nowiki>[ $@%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki></nowiki>
| Resource.properties:3
|-
| <nowiki>AUTO_TO_LOWERCASE_UID</nowiki>
| <nowiki>false</nowiki>
| <nowiki>this will lowercase the uid </nowiki>
| Resource.properties:6
|-
| <nowiki>SERVLET_POOL_SIZE</nowiki>
| <nowiki> 1</nowiki>
| <nowiki>initial number of instances held in memory for each available single threaded servlet (single threaded servlets are deprecated and are not used by the open-xchange server) </nowiki>
| ajp.properties:13
|-
| <nowiki>AJP_SERVER_THREAD_SIZE</nowiki>
| <nowiki> 1</nowiki>
| <nowiki>Number of AJP server threads which create a client socket on an incoming request. This is the number of threads processing new opened AJP sockets. AJP sockets are kept alive by default therefore only one thread is recommended </nowiki>
| ajp.properties:18
|-
| <nowiki>AJP_LISTENER_POOL_SIZE</nowiki>
| <nowiki> 1</nowiki>
| <nowiki>AJP listener pool size number of initially created AJP listeners for processing incoming AJP requests This pool does grow dynamically but does not go below. </nowiki>
| ajp.properties:23
|-
| <nowiki>AJP_LISTENER_READ_TIMEOUT</nowiki>
| <nowiki> 60000</nowiki>
| <nowiki>The amount of time in milliseconds a listener is going to wait (or block) while waiting to read the initial bytes from web server from input stream 0 stands for unlimited and should not be changed because if the server does close connections here the sticky sessions would break. </nowiki>
| ajp.properties:29
|-
| <nowiki>AJP_KEEP_ALIVE_TIME</nowiki>
| <nowiki> 20000</nowiki>
| <nowiki>DEFINE THE AJP KEEP-ALIVE TIME. IF An INCOMIN REQUEST'S PROCESSING TIME EXCEEDS THIS VALUE, A KEEP-ALIVE IS FLUSHED TO WEB SERVER TO AVOID POSSIBLE TIMEOUTS ON SOCKET CONNECTION. A VALUE OF ZERO OR LESS DISABLES KEEP-ALIVE HEART BEAT </nowiki>
| ajp.properties:34
|-
| <nowiki>AJP_SERVLET_CONFIG_DIR</nowiki>
| <nowiki> null</nowiki>
| <nowiki>DEFINE THE DIRECTORY PATH THAT CARRIES SERVLETS' CONFIGURATION PROPERTIES. THE PROPERTIES DEFINED FOR A SERVLET CONSIST OF THREE PARTS: 1. THE GLOBAL PROPERTIES DIRECTLY LOCATED IN DIRECTORY PATH SPECIFIED BY THIS PROPERTY. THESE PROPERTIES APPLY TO ALL SERVLET INSTANCES 2. THE PATH-SPECIFIC PROPERTIES DEFINED IN A SUBDIRECTORY EQUAL TO SERVLET'S PATH 3. THE CLASS-SPECIFIC PROPERTIES DEFINED IN A FILE WHOSE NAMING IS EQUAL TO SERVLET CLASS' CANONICAL NAME WITH THE COMMON ".properties" PROPERTY FILE EXTENSION IF THIS VALUE IS LEFT TO "null" THIS PROPERTY FALLS BACK TO DEFAULT PATH: "/opt/open-xchange/etc/servletConfig" </nowiki>
| ajp.properties:47
|-
| <nowiki>AJP_LOG_FORWARD_REQUEST</nowiki>
| <nowiki> FALSE</nowiki>
| <nowiki>Logs corresponding AJP forward request if an unexpected empty body request is detected </nowiki>
| ajp.properties:51
|-
| <nowiki>AJP_BACKLOG</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specify the backlog for opened AJP server socket Default is zero; meaning using JVM's default backlog setting </nowiki>
| ajp.properties:8
|-
| <nowiki>basedir</nowiki>
| <nowiki>build</nowiki>
| <nowiki>base directory for the build scripts </nowiki>
| ant.properties:4
|-
| <nowiki>io.ox/core//theme</nowiki>
| <nowiki>default</nowiki>
| <nowiki></nowiki>
| appsuite.properties:1
|-
| <nowiki>io.ox/core/settingOptions//themes/default</nowiki>
| <nowiki>Default Theme</nowiki>
| <nowiki></nowiki>
| appsuite.properties:3
|-
| <nowiki>translator.get_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.IdListTranslator</nowiki>
| <nowiki>Translator configuration </nowiki>
| attachment-querybuilder.properties:12
|-
| <nowiki>get_request.id_field </nowiki>
| <nowiki> uuid</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:13
|-
| <nowiki>translator.all_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.AllTranslator</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:15
|-
| <nowiki>translator.custom </nowiki>
| <nowiki> com.openexchange.index.solr.internal.attachments.translators.CustomTranslator</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:17
|-
| <nowiki>field.param6 </nowiki>
| <nowiki> id</nowiki>
| <nowiki>Field configuration </nowiki>
| attachment-querybuilder.properties:2
|-
| <nowiki>handler.simple </nowiki>
| <nowiki> simpleSearch</nowiki>
| <nowiki>Handler configuration </nowiki>
| attachment-querybuilder.properties:5
|-
| <nowiki>handler.custom </nowiki>
| <nowiki> customSearch</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:6
|-
| <nowiki>handler.get_request </nowiki>
| <nowiki> getSearch</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:7
|-
| <nowiki>handler.all_request </nowiki>
| <nowiki> allSearch</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:8
|-
| <nowiki>handler.persons_and_topics </nowiki>
| <nowiki> personsAndTopics</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:9
|-
| <nowiki>MAX_UPLOAD_SIZE</nowiki>
| <nowiki>10485760</nowiki>
| <nowiki>If the sum of all uploaded files (for contacts, appointments or tasks) in one request is larger than this value, the upload will be rejected. If this value is not set or 0, the more general MAX_UPLOAD_SIZE configured in server.properties will be used. If that value is also 0 or not set, uploads will be unrestricted. The size is in Bytes. </nowiki>
| attachment.properties:5
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| audit.properties:1
|-
| <nowiki>com.openexchange.audit.logging.FileAccessLogging.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Set to true to enable logging of file accesses and downloads </nowiki>
| audit.properties:10
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.pattern</nowiki>
| <nowiki>/var/log/open-xchange/audit.log</nowiki>
| <nowiki></nowiki>
| audit.properties:2
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| audit.properties:3
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.limit</nowiki>
| <nowiki>2097152</nowiki>
| <nowiki></nowiki>
| audit.properties:4
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.count</nowiki>
| <nowiki>99</nowiki>
| <nowiki></nowiki>
| audit.properties:5
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.formatter</nowiki>
| <nowiki>java.util.logging.SimpleFormatter</nowiki>
| <nowiki></nowiki>
| audit.properties:6
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.append</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| audit.properties:7
|-
| <nowiki>LDAP_HOST</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki></nowiki>
| authplugin.properties:1
|-
| <nowiki>LDAP_BASE</nowiki>
| <nowiki>dc=example,dc=org</nowiki>
| <nowiki></nowiki>
| authplugin.properties:2
|-
| <nowiki>LDAP_PORT</nowiki>
| <nowiki>389</nowiki>
| <nowiki></nowiki>
| authplugin.properties:3
|-
| <nowiki>LDAP_SEARCH</nowiki>
| <nowiki>(&(objectClass=oxdbObject)(uid=@USER@))</nowiki>
| <nowiki>search query to get the users ldap dn ,@USER@ will be replaced by the username </nowiki>
| authplugin.properties:5
|-
| <nowiki>LDAP_ATTRIBUTE</nowiki>
| <nowiki>mailPrimaryAddress</nowiki>
| <nowiki>which attribute should be parsed for the email adress (context=domainpart) </nowiki>
| authplugin.properties:7
|-
| <nowiki>USE_POOL</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| authplugin.properties:8
|-
| <nowiki>AUTOCID_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.autocontextid.storage.mysqlStorage.OXAutoCIDMySQLStorage</nowiki>
| <nowiki></nowiki>
| autocid.properties:1
|-
| <nowiki>com.openexchange.mail.autoconfig.path</nowiki>
| <nowiki>/opt/open-xchange/ispdb</nowiki>
| <nowiki>Path to the local configuration files for mail domains. See https://developer.mozilla.org/en/Thunderbird/Autoconfiguration </nowiki>
| autoconfig.properties:3
|-
| <nowiki>com.openexchange.mail.autoconfig.ispdb</nowiki>
| <nowiki>https://live.mozillamessaging.com/autoconfig/v1.1/</nowiki>
| <nowiki>The ISPDB is a central database, currently hosted by Mozilla Messaging, but free to use for any client. It contains settings for the world's largest ISPs. We hope that the database will soon have enough information to autoconfigure approximately 50% of our user's email accounts. </nowiki>
| autoconfig.properties:8
|-
| <nowiki>modules/com.openexchange.blackwhitelist/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property enables the Black-/Whitelist GUI-Plugin </nowiki>
| blackwhitelist_gui.properties:11
|-
| <nowiki>jcs.region.[REGIONNAME]</nowiki>
| <nowiki>LTCP</nowiki>
| <nowiki>It's important that cache entries don't get invalidated, since the cache may not be deterministic for LDAP contacts. Therefore, the properties 'MaxMemoryIdleTimeSeconds', 'MaxLifeSeconds' and 'IdleTime' should be set to '-1', while 'MaxObjects' should be configured large enough to hold all contacts from the directory. </nowiki>
| cache.properties:13
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes</nowiki>
| <nowiki>org.apache.jcs.engine.CompositeCacheAttributes</nowiki>
| <nowiki></nowiki>
| cache.properties:14
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MaxObjects</nowiki>
| <nowiki>1000000</nowiki>
| <nowiki></nowiki>
| cache.properties:15
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MemoryCacheName</nowiki>
| <nowiki>org.apache.jcs.engine.memory.lru.LRUMemoryCache</nowiki>
| <nowiki></nowiki>
| cache.properties:16
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.UseMemoryShrinker</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:17
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MaxMemoryIdleTimeSeconds</nowiki>
| <nowiki>-1</nowiki>
| <nowiki></nowiki>
| cache.properties:18
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.ShrinkerIntervalSeconds</nowiki>
| <nowiki>60</nowiki>
| <nowiki></nowiki>
| cache.properties:19
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MaxSpoolPerRun</nowiki>
| <nowiki>500</nowiki>
| <nowiki></nowiki>
| cache.properties:20
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes</nowiki>
| <nowiki>org.apache.jcs.engine.ElementAttributes</nowiki>
| <nowiki></nowiki>
| cache.properties:21
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsEternal</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:22
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.MaxLifeSeconds</nowiki>
| <nowiki>-1</nowiki>
| <nowiki></nowiki>
| cache.properties:23
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IdleTime</nowiki>
| <nowiki>-1</nowiki>
| <nowiki></nowiki>
| cache.properties:24
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsSpool</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:25
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsRemote</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:26
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsLateral</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:27
|-
| <nowiki>com.openexchange.caching.jcs.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specify whether JCS-based caching should be enabled Default is "true" </nowiki>
| cache.properties:5
|-
| <nowiki>com.openexchange.caching.jcs.eventInvalidation</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures how remote cache invalidation is done. Set to 'true' for cache events via the cache event messaging service, or to 'false' to stick with the JCS-internal lateral auxiliary cache configuration. Defaults to 'true'. </nowiki>
| cache.properties:9
|-
| <nowiki>com.openexchange.caldav.interval.start</nowiki>
| <nowiki>one_month</nowiki>
| <nowiki>Appointments and tasks are available via the CalDAV interface if they fall into a configurable timeframe. This value specifies the start time of this interval, i.e. how far past appointments should be considered. More formal, this value defines the negative offset relative to the current date representing the minimum end time of appointments to be synchronized. Possible values are "one_month" (default), "one_year" and "six_months". </nowiki>
| caldav.properties:13
|-
| <nowiki>com.openexchange.caldav.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether CalDAV is enabled or not </nowiki>
| caldav.properties:2
|-
| <nowiki>com.openexchange.caldav.interval.end</nowiki>
| <nowiki>one_year</nowiki>
| <nowiki>Appointments and tasks are available via the CalDAV interface if they fall into a configurable timeframe. This value specifies the end time of this interval, i.e. how far future appointments should be considered. More formal, this value defines the positive offset relative to the current date representing the maximum start time of appointments to be synchronized. Possible values are "one_year" (default) and "two_years". </nowiki>
| caldav.properties:21
|-
| <nowiki>com.openexchange.caldav.url</nowiki>
| <nowiki>https://[hostname]/caldav/[folderId]</nowiki>
| <nowiki>Tells users where to find a caldav folder. This can be displayed in frontends. You can use the variables [hostname] and [folderId] If you chose to deploy caldav as a virtual host (say 'dav.open-xchange.com') use https://dav.open-xchange.com/caldav/[folderId] as the value If you are using user-agent sniffing use https://[hostname]/caldav/[folderId] </nowiki>
| caldav.properties:29
|-
| <nowiki>com.openexchange.caldav.tree</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Configures the ID of the folder tree used by the CalDAV interface </nowiki>
| caldav.properties:5
|-
| <nowiki>cp_dayview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:1
|-
| <nowiki>cp_monthview_list.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:2
|-
| <nowiki>cp_monthview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:3
|-
| <nowiki>cp_weekview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:4
|-
| <nowiki>cp_workweekview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:5
|-
| <nowiki>com.openexchange.carddav.tree</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Configures the ID of the folder tree used by the CardDAV interface </nowiki>
| carddav.properties:11
|-
| <nowiki>com.openexchange.carddav.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether CardDAV is enabled or not </nowiki>
| carddav.properties:2
|-
| <nowiki>com.openexchange.carddav.exposedCollections</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Controls which collections are exposed via the CardDAV interface. Possible values are '0', '1' and '2'. A value of '1' makes each visible folder available as a resource collection, while '2' only exposes an aggregated collection containing all contact resources from all visible folders. The default value '0' exposes either an aggregated collection or individual collections for each folder, depending on the client's user-agent that is matched against the pattern in 'userAgentForAggregatedCollection'. </nowiki>
| carddav.properties:20
|-
| <nowiki>com.openexchange.carddav.userAgentForAggregatedCollection</nowiki>
| <nowiki>.*CFNetwork.*Darwin.*|.*AddressBook.*CardDAVPlugin.*Mac_OS_X.*|.*Mac OS X.*AddressBook.*</nowiki>
| <nowiki>Regular expression to match against the client's user-agent to decide whether the aggregated collection is exposed or not. The default pattern matches all known varieties of the Mac OS Addressbook client, that doesn't support multiple collections. Only used if 'exposedCollections' is set to '0'. The pattern is used case insensitive. </nowiki>
| carddav.properties:27
|-
| <nowiki>com.openexchange.carddav.reducedAggregatedCollection</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies if all visible folders are used to create the aggregated collection, or if a reduced set of folders only containing the global addressbook and the personal contacts folders should be used. This setting only influences the aggregated collection that is used for clients that don't support multiple collections. Possible values are 'true' and 'false. </nowiki>
| carddav.properties:34
|-
| <nowiki>com.openexchange.carddav.ignoreFolders</nowiki>
| <nowiki></nowiki>
| <nowiki>A comma-separated list of folder IDs to exclude from the synchronization. Use this to disable syncing of very large folders (e.g. the global address list in large contexts, which always has ID 6). By default, no folders are excluded. </nowiki>
| carddav.properties:8
|-
| <nowiki>com.openexchange.passwordchange.script.shellscript</nowiki>
| <nowiki>/bin/changepwd.sh</nowiki>
| <nowiki>Script which updates the users passwd Must be executable (+x) and correct interpreter set (#!/bin/bash) Following values are passed by the servlet to the script: 1. --cid - Context ID 2. --username - Username of the logged in user 3. --userid - User ID of the logged in user 4. --oldpassword - Old user password 5. --newpassword - New user password see http://oxpedia.org/wiki/index.php?title=ChangePasswordExternal for some examples If script does not exit with status code 0 , an io-error is shown in the GUI. the following exit codes will display a defined error: 1: Cannot change password < %s >, see logfiles for details. 2: New password is too short 3: New password is too weak 4: Cannot find user 5: LDAP error </nowiki>
| change_pwd_script.properties:25
|-
| <nowiki>com.openexchange.database.replicationMonitor</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property allows to disable the replication monitor. This option is only useful if you have a MySQL master and slave setup. If the application code releases a connection to the MySQL master, a writing operation on the database is assumed. To be able to monitor the replication to the slave, a counter is increased after releasing the connection. Reading this counter from the slave indicates, the write operation is not replicated yet and instead of a slave connection a master connection is then used to read data. This prevents data reading inconsistencies. Unfortunately will this produce additional IO load on MySQL master and slave. This mechanism can be disabled with the following property. This saves IO load but it may cause data inconsistencies. Especially newly created objects can disappear in the following refresh requests. </nowiki>
| configdb.properties:102
|-
| <nowiki>com.openexchange.database.checkWriteCons</nowiki>
| <nowiki>false</nowiki>
| <nowiki>If com.openexchange.database.checkWriteCons is set to true, a warning will be logged every time when a writable connection is used to perform only SELECT queries. Default is 'false' to avoid flooding of log files. </nowiki>
| configdb.properties:106
|-
| <nowiki>readProperty.1</nowiki>
| <nowiki>user=openexchange</nowiki>
| <nowiki>username for the database user </nowiki>
| configdb.properties:11
|-
| <nowiki>readProperty.2</nowiki>
| <nowiki>password=secret</nowiki>
| <nowiki>password for the database user </nowiki>
| configdb.properties:13
|-
| <nowiki>readProperty.3</nowiki>
| <nowiki>useUnicode=true</nowiki>
| <nowiki>The driver properties should be kept at their defaults. </nowiki>
| configdb.properties:15
|-
| <nowiki>readProperty.4</nowiki>
| <nowiki>characterEncoding=UTF-8</nowiki>
| <nowiki></nowiki>
| configdb.properties:16
|-
| <nowiki>readProperty.5</nowiki>
| <nowiki>autoReconnect=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:17
|-
| <nowiki>readProperty.6</nowiki>
| <nowiki>useServerPrepStmts=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:18
|-
| <nowiki>readProperty.7</nowiki>
| <nowiki>useTimezone=true</nowiki>
| <nowiki></nowiki>
| configdb.properties:19
|-
| <nowiki>readProperty.8</nowiki>
| <nowiki>serverTimezone=UTC</nowiki>
| <nowiki></nowiki>
| configdb.properties:20
|-
| <nowiki>readProperty.9</nowiki>
| <nowiki>connectTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:21
|-
| <nowiki>readProperty.10</nowiki>
| <nowiki>socketTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:22
|-
| <nowiki>writeDriverClass</nowiki>
| <nowiki>com.mysql.jdbc.Driver</nowiki>
| <nowiki>the write connection must point to the database master </nowiki>
| configdb.properties:25
|-
| <nowiki>writeUrl</nowiki>
| <nowiki>jdbc:mysql://localhost/configdb</nowiki>
| <nowiki>writeURL holds the database host and the used schema name </nowiki>
| configdb.properties:27
|-
| <nowiki>writeProperty.1</nowiki>
| <nowiki>user=openexchange</nowiki>
| <nowiki>username for the database user </nowiki>
| configdb.properties:29
|-
| <nowiki>writeProperty.2</nowiki>
| <nowiki>password=secret</nowiki>
| <nowiki>password for the database user </nowiki>
| configdb.properties:31
|-
| <nowiki>writeProperty.3</nowiki>
| <nowiki>useUnicode=true</nowiki>
| <nowiki>The driver properties should be kept at their defaults </nowiki>
| configdb.properties:33
|-
| <nowiki>writeProperty.4</nowiki>
| <nowiki>characterEncoding=UTF-8</nowiki>
| <nowiki></nowiki>
| configdb.properties:34
|-
| <nowiki>writeProperty.5</nowiki>
| <nowiki>autoReconnect=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:35
|-
| <nowiki>writeProperty.6</nowiki>
| <nowiki>useServerPrepStmts=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:36
|-
| <nowiki>writeProperty.7</nowiki>
| <nowiki>useTimezone=true</nowiki>
| <nowiki></nowiki>
| configdb.properties:37
|-
| <nowiki>writeProperty.8</nowiki>
| <nowiki>serverTimezone=UTC</nowiki>
| <nowiki></nowiki>
| configdb.properties:38
|-
| <nowiki>writeProperty.9</nowiki>
| <nowiki>connectTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:39
|-
| <nowiki>writeProperty.10</nowiki>
| <nowiki>socketTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:40
|-
| <nowiki>cleanerInterval</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Timeinterval of cleaner thread in milliseconds. This thread removes idle timed out database connections and removes not used database connection pools. after each cleanerInterval. </nowiki>
| configdb.properties:45
|-
| <nowiki>maxIdle</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Number of maximum idle connections. More connections aren't pooled and closed. -1 stands for unlimited. </nowiki>
| configdb.properties:54
|-
| <nowiki>maxIdleTime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>Maximum time in milliseconds a connection can be idle. If this time is exceeded, the connection gets closed. </nowiki>
| configdb.properties:58
|-
| <nowiki>maxActive</nowiki>
| <nowiki>100</nowiki>
| <nowiki>If exhaustedAction is set to BLOCK, not more than maxActive connections will be opened to the mysql database. This value is overwritten for OX databases from configdb. </nowiki>
| configdb.properties:63
|-
| <nowiki>maxWait</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>If exhaustedAction is set to BLOCK, a thread will not wait for more than maxWait milliseconds. </nowiki>
| configdb.properties:67
|-
| <nowiki>readDriverClass</nowiki>
| <nowiki>com.mysql.jdbc.Driver</nowiki>
| <nowiki>the read connection must point to the database slave </nowiki>
| configdb.properties:7
|-
| <nowiki>maxLifeTime</nowiki>
| <nowiki>600000</nowiki>
| <nowiki>Maximum time in milliseconds a connection will be used. After this time the connection get closed. </nowiki>
| configdb.properties:71
|-
| <nowiki>exhaustedAction</nowiki>
| <nowiki>BLOCK</nowiki>
| <nowiki>BLOCK: If maxActive number of connections is reached threads have to wait for a connection. FAIL: If maxActive number of connections is reached an exception is thrown. GROW: Open more connections even if maxActive is already reached. This value is overwritten for OX databases from configdb. </nowiki>
| configdb.properties:77
|-
| <nowiki>testOnActivate</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Validate connections if they are activated. This is not necessary because the activation already includes a check if the connection isn't closed. </nowiki>
| configdb.properties:81
|-
| <nowiki>testOnDeactivate</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Check if connections can be reused after they are returned to the pool. </nowiki>
| configdb.properties:84
|-
| <nowiki>testOnIdle</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Not useful for connections. </nowiki>
| configdb.properties:87
|-
| <nowiki>readUrl</nowiki>
| <nowiki>jdbc:mysql://localhost/configdb</nowiki>
| <nowiki>readURL holds the database host and the used schema name </nowiki>
| configdb.properties:9
|-
| <nowiki>testThreads</nowiki>
| <nowiki>false</nowiki>
| <nowiki>if testThreads is set to true, more information is logged to the Open-Xchange log files about database connections. If this option is enabled the performance may degrade dramatically. The JVM has to generate then a lot of method call stack dumps. </nowiki>
| configdb.properties:93
|-
| <nowiki>URL</nowiki>
| <nowiki>http://localhost/?cid=%c&login=%u&pass=%p</nowiki>
| <nowiki>URL to the config interface. %c is replaced with context login information. %u is replaced with user login information. %p is replaced with user password. </nowiki>
| configjump.properties:5
|-
| <nowiki>validate_contact_email</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Check the entered email address from a new contact for correctness (syntactic check user@domain.tld) </nowiki>
| contact.properties:12
|-
| <nowiki>max_image_size</nowiki>
| <nowiki>4194304</nowiki>
| <nowiki>The maximum size in bytes for the upload of contact images. Remember: If you decrease the size after some images where uploaded already, you might trigger errors, for example when trying to modify the contact without adding an image of the correct size. </nowiki>
| contact.properties:16
|-
| <nowiki>com.openexchange.contact.mailAddressAutoSearch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Determines if a search is triggered if the dialog for searching for emailable contacts is opened. This dialog is used for selecting recipients for an email and for creating distribution lists. </nowiki>
| contact.properties:21
|-
| <nowiki>com.openexchange.contact.singleFolderSearch</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Searching for contacts can be done in a single folder or globally across all folders. Searching across all folders can cause high server and database load because first all visible folders must be determined and if a user has object read permissions in that folders. Software internal default is true to prevent high load if the property is not defined. Default here is false because it is easier for the user to find contacts. </nowiki>
| contact.properties:27
|-
| <nowiki>com.openexchange.contacts.characterSearch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables/Disables the start letter based quick select of contacts </nowiki>
| contact.properties:30
|-
| <nowiki>com.openexchange.contacts.allFoldersForAutoComplete</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The auto complete search for email addresses may be triggered easily and quite often if a new email is written and a part of a recipients address is written. This can lead to high load on the database system if a context has a lot of users and a lot of contacts. Therefore the scope if this search can be configured. Set this parameter to true and the auto complete search looks in every readable contact folder for contacts with emails addresses matching the already typed letters. If this parameter is configured to false, only three folders are considered for the search: the users private default contact folder, his contact folder for collected contacts and the global address book if that is enabled for the user. </nowiki>
| contact.properties:38
|-
| <nowiki>com.openexchange.contact.scaleVCardImages</nowiki>
| <nowiki>200x200</nowiki>
| <nowiki>Configures the maximum image dimension to use when serializing contacts to vCards in the format [max_width]x[max_height]. Larger images will be resized dynamically to fit the specified rectangular area. If left empty, images are not resized at all and serialized as-is. </nowiki>
| contact.properties:44
|-
| <nowiki>contact_first_letter_field</nowiki>
| <nowiki>field02</nowiki>
| <nowiki>First Letter Field, the field you sort in when you hit one of the start letters field02 Last name field03 First name </nowiki>
| contact.properties:8
|-
| <nowiki>com.openexchange.contactcollector.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether enabled or disabled regardless of bundle start-up Enabled by default (provided that bundle is installed and properly started) </nowiki>
| contactcollector.properties:5
|-
| <nowiki>com.openexchange.contactcollector.folder.deleteDenied</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether deletion of contact collector folder will be denied </nowiki>
| contactcollector.properties:8
|-
| <nowiki>CONTEXT_RESTORE_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.contextrestore.storage.mysqlStorage.OXContextRestoreMySQLStorage</nowiki>
| <nowiki>Define the storage implementation here </nowiki>
| contextrestore.properties:2
|-
| <nowiki>modules/themes/default</nowiki>
| <nowiki>Cool Water (Default)</nowiki>
| <nowiki>The following property defines the default theme of the AJAX GUI. </nowiki>
| cool-water-theme.properties:4
|-
| <nowiki>com.openexchange.subscribe.crawler.google.calendar</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:10
|-
| <nowiki>com.openexchange.subscribe.crawler.t-online.de</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:11
|-
| <nowiki>com.openexchange.subscribe.crawler.gmx.de</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:12
|-
| <nowiki>com.openexchange.subscribe.crawler.msn.de</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:13
|-
| <nowiki>com.openexchange.subscribe.crawler.suncontacts</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:14
|-
| <nowiki>com.openexchange.subscribe.crawler.suncalendar</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:15
|-
| <nowiki>com.openexchange.subscribe.crawler.suntasks</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:16
|-
| <nowiki>com.openexchange.subscribe.crawler.yahoocom</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:17
|-
| <nowiki>com.openexchange.subscribe.crawler.googlemail.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki>As an enhancement to the subscription module, we allow to configure that subscriptions should run automatically on login if a certain time interval between the last refresh run has elapsed (defaults to 1 day). </nowiki>
| crawler.properties:21
|-
| <nowiki>com.openexchange.subscribe.crawler.webde.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:23
|-
| <nowiki>com.openexchange.subscribe.crawler.google.calendar.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:24
|-
| <nowiki>com.openexchange.subscribe.crawler.gmx.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:25
|-
| <nowiki>com.openexchange.subscribe.crawler.t-online.de.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:26
|-
| <nowiki>com.openexchange.subscribe.crawler.gmx.de.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:27
|-
| <nowiki>com.openexchange.subscribe.crawler.msn.de.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:28
|-
| <nowiki>com.openexchange.subscribe.crawler.suncontacts.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:29
|-
| <nowiki>com.openexchange.subscribe.crawler.suncalendar.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:30
|-
| <nowiki>com.openexchange.subscribe.crawler.suntasks.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:31
|-
| <nowiki>com.openexchange.subscribe.crawler.path</nowiki>
| <nowiki>crawlers</nowiki>
| <nowiki>Points to the directory containing the workflow definitions of crawlers </nowiki>
| crawler.properties:4
|-
| <nowiki>com.openexchange.subscribe.crawler.googlemail</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable / Disable individual crawlers (true / false) </nowiki>
| crawler.properties:7
|-
| <nowiki>com.openexchange.subscribe.crawler.web.de</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:9
|-
| <nowiki>com.openexchange.groupware.dataRetrieval.lifetime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>Lifetime of a token in milliseconds. If this value is not set or negative the token only expires at the end of the session. </nowiki>
| dataRetrieval.properties:6
|-
| <nowiki>com.openexchange.groupware.dataRetrieval.onetime</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the token expires after the first access or not. Defaults to true. </nowiki>
| dataRetrieval.properties:9
|-
| <nowiki>com.openexchange.dataretention.sourceID</nowiki>
| <nowiki>OX_mail_01</nowiki>
| <nowiki>The string identifying the data source; e.g. "OX_mail_01" </nowiki>
| dataretention.properties:11
|-
| <nowiki>com.openexchange.dataretention.location</nowiki>
| <nowiki>DE/Olpe</nowiki>
| <nowiki>The location of the system generating the retention data </nowiki>
| dataretention.properties:14
|-
| <nowiki>com.openexchange.dataretention.timeZone</nowiki>
| <nowiki>GMT</nowiki>
| <nowiki>The time zone of the location </nowiki>
| dataretention.properties:17
|-
| <nowiki>com.openexchange.dataretention.dir</nowiki>
| <nowiki>/var/log/open-xchange</nowiki>
| <nowiki>The directory where the CSV file is held </nowiki>
| dataretention.properties:2
|-
| <nowiki>com.openexchange.dataretention.rotateLength</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specifies the max. output resource's length (in bytes) before it gets rotated. This option is only useful for implementations which output data to a file or to any limited resource. This value should have a reasonable size since multiple write accesses may occur at same time. Therefore small sizes (<= 200KB) cannot be guaranteed being obeyed. Moreover it is only an approximate limit which can vary about 8KB. A value less than or equal to zero means no rotation. </nowiki>
| dataretention.properties:26
|-
| <nowiki>com.openexchange.dataretention.versionNumber</nowiki>
| <nowiki>1</nowiki>
| <nowiki>The format version appended to each record type; e.g "H1" meaning "Header version 1". </nowiki>
| dataretention.properties:5
|-
| <nowiki>com.openexchange.dataretention.clientID</nowiki>
| <nowiki>Open-Xchange</nowiki>
| <nowiki>The string identifying the tenant; e.g "Open-Xchange". </nowiki>
| dataretention.properties:8
|-
| <nowiki>com.openexchange.spamhandler.defaultspamhandler.createConfirmedHam</nowiki>
| <nowiki>true</nowiki>
| <nowiki># Indicates whether to create the confirmed-ham folder during check for default mail folders # during login if spam is enabled for logged-in user. # Default is true. </nowiki>
| defaultspamhandler.properties:11
|-
| <nowiki>com.openexchange.spamhandler.defaultspamhandler.unsubscribeSpamFolders</nowiki>
| <nowiki>true</nowiki>
| <nowiki># Indicates whether the confirmed-spam/confirmed-ham folders shall automatically be unsubscribed during login. # Default is true. </nowiki>
| defaultspamhandler.properties:15
|-
| <nowiki>com.openexchange.spamhandler.defaultspamhandler.createConfirmedSpam</nowiki>
| <nowiki>true</nowiki>
| <nowiki># Indicates whether to create the confirmed-spam folder during check for default mail folders # during login if spam is enabled for logged-in user. # Default is true. </nowiki>
| defaultspamhandler.properties:6
|-
| <nowiki>com.openexchange.capability.drive</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables the "drive" module capability globally. The capability can also be set more fine-grained via config cascade. Per default it is only enabled for users that have the "infostore" permission set. This is configured in /opt/open-xchange/etc/contextSets/drive.yml. </nowiki>
| drive.properties:10
|-
| <nowiki>com.openexchange.drive.directLinkHelp</nowiki>
| <nowiki>[protocol]://[hostname]/[uiwebpath]/help-drive/l10n/[locale]/index.html</nowiki>
| <nowiki>Configures the pattern for a direct link to the online help. This serves as target for the "Help" section in the client applications. Text in brackets is replaced dynamically during link generation in the backend, however, it's still possible to overwrite them here with a static value, or even define an arbitrary URL here. [protocol] is replaced automatically with the protocol used by the client (typically "http" or "https"). [hostname] should be replaced with the server's canonical host name (if not, the server tries to determine the hostname on it's own), [uiwebpath] is replaced with the value of "com.openexchange.UIWebPath" as defined in "server.properties", while [dispatcherPrefix] is replaced with the value of "com.openexchange.dispatcher.prefix" ("server.properties", too). [contextid], [userid] and [login] are replaced to reflect the values of the current user. Defaults to "[protocol]://[hostname]/[uiwebpath]/help/[locale]/index.html". </nowiki>
| drive.properties:110
|-
| <nowiki>com.openexchange.drive.events.apn.ios.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables push event notifications to clients using the Apple Push Notification service (APNS) for iOS devices. This requires a valid configuration for the APNS certificate and keys, see either options below, or install the restricted components packages for drive. Defaults to "false". </nowiki>
| drive.properties:120
|-
| <nowiki>com.openexchange.drive.events.apn.ios.keystore</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the path to the local keystore file (PKCS #12) containing the APNS certificate and keys for the iOS application, e.g. "/opt/open-xchange/etc/drive-apns.p12". Required if "com.openexchange.drive.events.apn.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:127
|-
| <nowiki>com.openexchange.drive.events.apn.ios.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the password used when creating the referenced keystore containing the certificate of the iOS application. Note that blank or null passwords are in violation of the PKCS #12 specifications. Required if "com.openexchange.drive.events.apn.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:134
|-
| <nowiki>com.openexchange.drive.events.apn.ios.production</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Indicates which APNS service is used when sending push notifications to iOS devices. A value of "true" will use the production service, a value of "false" the sandbox service. Defaults to "true". </nowiki>
| drive.properties:139
|-
| <nowiki>com.openexchange.drive.events.apn.ios.feedbackQueryInterval</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Configures the interval between queries to the APN feedback service for the subscribed iOS devices. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). Leaving this parameter empty disables the feedback queries on this node. Since each received feedback is processed cluster-wide, only one node in the cluster should be enabled here. </nowiki>
| drive.properties:147
|-
| <nowiki>com.openexchange.drive.shortProductName</nowiki>
| <nowiki>OX Drive</nowiki>
| <nowiki>Short product name as used in the version comment string inserted for drive uploads, e.g. "Uploaded with OX Drive (Ottos Laptop)". Defaults to "OX Drive". </nowiki>
| drive.properties:15
|-
| <nowiki>com.openexchange.drive.events.apn.macos.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables push event notifications to clients using the Apple Push Notification service (APNS) for Mac OS devices. This requires a valid configuration for the APNS certificate and keys, see either options below, or install the restricted components packages for drive. Defaults to "false". </nowiki>
| drive.properties:154
|-
| <nowiki>com.openexchange.drive.events.apn.macos.keystore</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the path to the local keystore file (PKCS #12) containing the APNS certificate and keys for the Mac OS application, e.g. "/opt/open-xchange/etc/drive-apns.p12". Required if "com.openexchange.drive.events.apn.macos.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:161
|-
| <nowiki>com.openexchange.drive.events.apn.macos.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the password used when creating the referenced keystore containing the certificate of the Mac OS application. Note that blank or null passwords are in violation of the PKCS #12 specifications. Required if "com.openexchange.drive.events.apn.macos.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:168
|-
| <nowiki>com.openexchange.drive.events.apn.macos.production</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Indicates which APNS service is used when sending push notifications to Mac OS devices. A value of "true" will use the production service, a value of "false" the sandbox service. Defaults to "true". </nowiki>
| drive.properties:173
|-
| <nowiki>com.openexchange.drive.events.apn.macos.feedbackQueryInterval</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Configures the interval between queries to the APN feedback service for the subscribed Mac OS devices. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). Leaving this parameter empty disables the feedback queries on this node. Since each received feedback is processed cluster-wide, only one node in the cluster should be enabled here. </nowiki>
| drive.properties:181
|-
| <nowiki>com.openexchange.drive.events.gcm.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables push event notifications to clients using the Google Cloud Messaging (GCM) service. This requires a valid configuration for the GCM API key, see options below. Defaults to "false". </nowiki>
| drive.properties:186
|-
| <nowiki>com.openexchange.drive.events.gcm.key</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the API key of the server application. Required if "com.openexchange.drive.events.gcm.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:191
|-
| <nowiki>com.openexchange.drive.events.blockingLongPolling.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether blocking long polling for pushing synchronization events to clients may be used as fallback when no other long polling handlers are available due to missing support of the HTTP service. Handling long polling in a blocking manner consumes a server thread, and should therefore only be enabled for testing purposes. Defaults to "false". </nowiki>
| drive.properties:198
|-
| <nowiki>com.openexchange.drive.useTempFolder</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specifies whether the synchronization logic will make use of a folder named ".drive" below the root synchronization folder or not. If enabled, this folder is used to store temporary uploads and removed files, which usually leads to a better user experience since previously synchronized files can be restored from there for example. If not, removed files are not kept, and uploads are performed directly in the target folder. Defaults to "true". </nowiki>
| drive.properties:27
|-
| <nowiki>com.openexchange.drive.cleaner.interval</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Configures the interval between runs of the cleaner process for the temporary ".drive" folder. A cleaner run is only initiated if the synchronization is idle, i.e. the last synchronization resulted in no actions to be performed, and the last run was before the configured interval. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). </nowiki>
| drive.properties:35
|-
| <nowiki>com.openexchange.drive.cleaner.maxAge</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Defines the maximum age of files and directories to be kept inside the temporary ".drive" folder. Files or directories that were last modified before the configured age are deleted during the next run of the cleaner process. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). </nowiki>
| drive.properties:42
|-
| <nowiki>com.openexchange.drive.maxBandwidth</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Allows to limit the maximum used bandwidth for all downloads. If configured, downloads via the drive module handled by this backend node will not exceed the configured bandwidth. The available bandwidth is defined as the number of allowed bytes per second, where the byte value can be specified with one of the units "B" (bytes), "kB" (kilobyte), "MB" (Megabyte) or "GB" (Gigabyte), e.g. "10 MB". Must fit into the "Integer" range, i.e. the configured number of bytes has to be be smaller than 2^31. Defaults to "-1" (no limitations). </nowiki>
| drive.properties:55
|-
| <nowiki>com.openexchange.drive.maxBandwidthPerClient</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Allows to limit the maximum used bandwidth for client downloads within the same session. If configured, downloads originating in the same session via the drive module handled by this backend node will not exceed the configured bandwidth. The available bandwidth is defined as the number of allowed bytes per second, where the byte value can be specified with one of the units "B" (bytes), "kB" (kilobyte), "MB" (Megabyte) or "GB" (Gigabyte), e.g. "500 kB". Must fit into the "Integer" range, i.e. the configured number of bytes has to be be smaller than 2^31. Defaults to "-1" (no limitations). </nowiki>
| drive.properties:66
|-
| <nowiki>com.openexchange.drive.maxConcurrentSyncOperations</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the maximum allowed number of synchronization operations, i.e. all requests to the "drive" module apart from up- and downloads, that the server accepts concurrently. While the limit is reached, further synchronization requests are rejected in a HTTP 503 manner (service unavailable), and the client is instructed to try again at a later time. Defaults to "-1" (no limitations). </nowiki>
| drive.properties:74
|-
| <nowiki>com.openexchange.drive.directLinkQuota</nowiki>
| <nowiki>[protocol]://[hostname]</nowiki>
| <nowiki>Configures the pattern for a direct link to manage a user's quota. Text in brackets is replaced dynamically during link generation in the backend, however, it's still possible to overwrite them here with a static value, or even define an arbitrary URL here. [protocol] is replaced automatically with the protocol used by the client (typically "http" or "https"). [hostname] should be replaced with the server's canonical host name (if not, the server tries to determine the hostname on it's own), [uiwebpath] is replaced with the value of "com.openexchange.UIWebPath" as defined in "server.properties", while [dispatcherPrefix] is replaced with the value of "com.openexchange.dispatcher.prefix" ("server.properties", too). [contextid], [userid] and [login] are replaced to reflect the values of the current user. Defaults to "[protocol]://[hostname]". </nowiki>
| drive.properties:93
|-
| <nowiki>com.openexchange.oauth.dropbox.apiSecret</nowiki>
| <nowiki>PUT_YOUR_APP_SECRET_HERE</nowiki>
| <nowiki>The API secret </nowiki>
| dropbox.properties:10
|-
| <nowiki>com.openexchange.oauth.dropbox</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable </nowiki>
| dropbox.properties:4
|-
| <nowiki>com.openexchange.oauth.dropbox.apiKey</nowiki>
| <nowiki>PUT_YOUR_APP_KEY_HERE</nowiki>
| <nowiki>The API key </nowiki>
| dropbox.properties:7
|-
| <nowiki>com.openexchange.oauth.dropbox</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable </nowiki>
| dropboxoauth.properties:3
|-
| <nowiki>com.openexchange.oauth.dropbox.apiKey</nowiki>
| <nowiki></nowiki>
| <nowiki>The API key </nowiki>
| dropboxoauth.properties:6
|-
| <nowiki>com.openexchange.oauth.dropbox.apiSecret</nowiki>
| <nowiki></nowiki>
| <nowiki>The API secret </nowiki>
| dropboxoauth.properties:9
|-
| <nowiki>com.openexchange.mobile.configuration.urlencoding</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the URL encoding which will be used to modify the given URL </nowiki>
| eas-provisioning-mail.properties:11
|-
| <nowiki>com.openexchange.mobile.configuration.mail.from</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Define the FROM address of the email which will be sent to the user when he has selected the email transport as provisioning method. Possible values are: 1. A valid eMail address (eg.: admin@example.com) 2. user (Then the from address will be the standard address from the user who sends the provisioning message) </nowiki>
| eas-provisioning-mail.properties:19
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_US.subject</nowiki>
| <nowiki>Open-Xchange Mobility Provisioning</nowiki>
| <nowiki>Define the subject and the mailtext of the provisioning eMail which will be send to the user if he has chosen eMail as provisioning method. You can set a subject and text per language. If you want to add a new language code provide the following two configuration options: com.openexchange.mobile.configuration.mail.message.$languagecode_$LANDCODE.subject com.openexchange.mobile.configuration.mail.message.$languagecode_$LANDCODE.text </nowiki>
| eas-provisioning-mail.properties:28
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_US.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:29
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_GB.subject</nowiki>
| <nowiki>Open-Xchange Mobility Provisioning</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:30
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_GB.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:31
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.de_DE.subject</nowiki>
| <nowiki>Open-Xchange Mobility-Provisionierung</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:32
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.de_DE.text</nowiki>
| <nowiki>Bitte auf den folgenden Link klicken, um die Open-Xchange Mobility Provisionierungs-Applikation zu \u00F6ffnen: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:33
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.fr_FR.subject</nowiki>
| <nowiki>Pr\u00E9paration de la mobilit\u00E9 Open-Xchange</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:34
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.fr_FR.text</nowiki>
| <nowiki>Veuillez cliquer sur le lien suivant pour ouvrir l'application de pr\u00E9paration de la mobilit\u00E9 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:35
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.nl_NL.subject</nowiki>
| <nowiki>Open-Xchange-mobility-initialisatie</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:36
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.nl_NL.text</nowiki>
| <nowiki>Klik op de volgende link om de initialisatietoepasssing voor Open-Xchange-mobility te starten: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:37
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.es_ES.subject</nowiki>
| <nowiki>Configuraci\u00F3n m\u00F3vil de Open-Xchange</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:38
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.es_ES.text</nowiki>
| <nowiki>Por favor, haga clic en el siguiente enlace para ejecutar la aplicaci\u00F3n de configuraci\u00F3n m\u00F3vil de Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:39
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.it_IT.subject</nowiki>
| <nowiki>Fornitura in mobilit\u00E0 Open-Xchange</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:40
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.it_IT.text</nowiki>
| <nowiki>Fai clic sul seguente collegamento per aprire l'applicazione di fornitura in mobilit\u00E0 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:41
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.en_US.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki>Define the text of the provisioning SMS which will be send to the user if he has chosen SMS as provisioning method. You can set a text per language. If you want to add a new language code provide the following configuration option: com.openexchange.mobile.configuration.sms.message.$languagecode_$LANDCODE.text </nowiki>
| eas-provisioning-mail.properties:48
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.en_GB.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:49
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.de_DE.text</nowiki>
| <nowiki>Bitte auf den folgenden Link klicken, um die Open-Xchange Mobility Provisionierungs-Applikation zu \u00F6ffnen: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:50
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.fr_FR.text</nowiki>
| <nowiki>Veuillez cliquer sur le lien suivant pour ouvrir l'application de pr\u00E9paration de la mobilit\u00E9 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:51
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.nl_NL.text</nowiki>
| <nowiki>Klik op de volgende link om de initialisatietoepasssing voor Open-Xchange-mobility te starten: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:52
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.es_ES.text</nowiki>
| <nowiki>Por favor, haga clic en el siguiente enlace para ejecutar la aplicaci\u00F3n de configuraci\u00F3n m\u00F3vil de Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:53
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.it_IT.text</nowiki>
| <nowiki>Fai clic sul seguente collegamento per aprire l'applicazione di fornitura in mobilit\u00E0 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:54
|-
| <nowiki>com.openexchange.mobile.configuration.url</nowiki>
| <nowiki>https://%h/servlet/mobileconfig?l=%p</nowiki>
| <nowiki>Define the URL which will be send to the device via the transport. The following placeholders will be replaced by: %h : The Hostname taken from the URL of the user %l : The login which the user has entered on the login page %c : The context ID %u : The user login %p : Users primary email address </nowiki>
| eas-provisioning-mail.properties:8
|-
| <nowiki>com.openexchange.mobile.configuration.json.action.sms.sipgat.api.url</nowiki>
| <nowiki>https://samurai.sipgate.net/RPC2</nowiki>
| <nowiki>Properties for the ACTION SMS Provisioning Plugin Currently only SIPGATE is supported as SMS provider via XML-RPC API Sipgate API URL </nowiki>
| eas-provisioning-sms.properties:10
|-
| <nowiki>com.openexchange.mobile.configuration.json.action.sms.sipgat.api.username</nowiki>
| <nowiki>openexchange</nowiki>
| <nowiki> Sipgate API Username </nowiki>
| eas-provisioning-sms.properties:14
|-
| <nowiki>com.openexchange.mobile.configuration.json.action.sms.sipgat.api.password</nowiki>
| <nowiki>test</nowiki>
| <nowiki> Sipgate API Password </nowiki>
| eas-provisioning-sms.properties:18
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:1
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/fr_FR/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:10
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/fr_FR/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-French.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:11
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_US/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:12
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_US/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:13
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_GB/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:14
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_GB/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:15
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/nl_NL/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:16
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/nl_NL/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-Dutch.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:17
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/es_ES/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:18
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/es_ES/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-Spanish.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:19
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/de_DE/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki> Blackberry configuration description: </nowiki>
| eas-provisioning-ui.properties:23
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/de_DE/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-German.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:24
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/fr_FR/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:25
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/fr_FR/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-French.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:26
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_US/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:27
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_US/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:28
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_GB/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:29
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_GB/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:30
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/nl_NL/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:31
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/nl_NL/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-Dutch.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:32
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/es_ES/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:33
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/es_ES/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-Spanish.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:34
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/de_DE/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki> Android configuration description: </nowiki>
| eas-provisioning-ui.properties:38
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/de_DE/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-German.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:39
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/fr_FR/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:40
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/fr_FR/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-French.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:41
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_US/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:42
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_US/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:43
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_GB/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:44
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_GB/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:45
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/nl_NL/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:46
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/nl_NL/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-Dutch.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:47
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/es_ES/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:48
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/es_ES/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-Spanish.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:49
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/de_DE/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki>The following options will display the detailed setup descriptions from devices which don't support autoconfiguration emails. Nokia S60 configuration description: </nowiki>
| eas-provisioning-ui.properties:8
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/de_DE/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-German.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:9
|-
| <nowiki>com.openexchange.mobile.configuration.generator.OpensslBinary</nowiki>
| <nowiki></nowiki>
| <nowiki>The location of the openssl binary (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:10
|-
| <nowiki>com.openexchange.mobile.configuration.generator.OpensslTimeout</nowiki>
| <nowiki>3000</nowiki>
| <nowiki>The timeout for the openssl binary in milliseconds (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:12
|-
| <nowiki>com.openexchange.mobile.configuration.generator.CertFile</nowiki>
| <nowiki></nowiki>
| <nowiki>The cert file (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:14
|-
| <nowiki>com.openexchange.mobile.configuration.generator.KeyFile</nowiki>
| <nowiki></nowiki>
| <nowiki>The key file (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:16
|-
| <nowiki>com.openexchange.mobile.configuration.generator.iPhoneRegex</nowiki>
| <nowiki>^.*(iPhone|iPad).*$</nowiki>
| <nowiki>RegEx for iPhone browser detection </nowiki>
| eas-provisioning.properties:2
|-
| <nowiki>com.openexchange.mobile.configuration.generator.WinMobRegex</nowiki>
| <nowiki>^.*Windows Phone.*$</nowiki>
| <nowiki>RegEx for Windows Mobile browser detection </nowiki>
| eas-provisioning.properties:4
|-
| <nowiki>com.openexchange.mobile.configuration.generator.OnlySecureConnect</nowiki>
| <nowiki>true</nowiki>
| <nowiki>If only https should be used </nowiki>
| eas-provisioning.properties:6
|-
| <nowiki>com.openexchange.mobile.configuration.generator.SignConfig</nowiki>
| <nowiki>false</nowiki>
| <nowiki>If signing is used or not </nowiki>
| eas-provisioning.properties:8
|-
| <nowiki>read_cl </nowiki>
| <nowiki> ONE </nowiki>
| <nowiki>Consistency Levels. It can be defined on a per-column-family basis. Since we only have one column family, it only applies to that. Possible values (CaSe sensitive): ONE, TWO, THREE, QUORUM, ALL, ANY, EACH_QUORUM, LOCAL_QUORUM </nowiki>
| eavstorage.properties:15
|-
| <nowiki>write_cl </nowiki>
| <nowiki> ONE</nowiki>
| <nowiki></nowiki>
| eavstorage.properties:16
|-
| <nowiki>replication_factor </nowiki>
| <nowiki> 1</nowiki>
| <nowiki>Replication factor of the keyspace </nowiki>
| eavstorage.properties:2
|-
| <nowiki>keyspace </nowiki>
| <nowiki> OX</nowiki>
| <nowiki>Keyspace name </nowiki>
| eavstorage.properties:5
|-
| <nowiki>cf_xt_props </nowiki>
| <nowiki> ExtendedProperties</nowiki>
| <nowiki>Extended Properties column family name </nowiki>
| eavstorage.properties:8
|-
| <nowiki>com.openexchange.event.eventQueueDelay</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>This parameter set the delay in milliseconds when events are sent to the subscribed services. Events for example are triggered when deleting an appointment with attachment. The event then is for deleting the attachment. If this value is increased more events may be in the queue that must be executed. This can cause longer runtime delivering all those events. Lowering this value may cause too often look into the queue without finding events there to process. </nowiki>
| event.properties:17
|-
| <nowiki>com.openexchange.event.isEventQueueEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This option enables or disable the complete event handling for OX The event handling is a essential Open-Xchange component which needs to always run. This should only be set to false for debugging purposes. </nowiki>
| event.properties:8
|-
| <nowiki>com.openexchange.messaging.facebook.loginPageBaseURL</nowiki>
| <nowiki>http://www.facebook.com/login.php</nowiki>
| <nowiki>Specify the base URL of facebook's login page </nowiki>
| facebookmessaging.properties:10
|-
| <nowiki>com.openexchange.messaging.facebook.actionOfLoginForm</nowiki>
| <nowiki>https://login.facebook.com/login.php?login_attempt=1</nowiki>
| <nowiki>Specify the action of the facebook login form located at login page </nowiki>
| facebookmessaging.properties:13
|-
| <nowiki>com.openexchange.messaging.facebook.linkAfterLogin</nowiki>
| <nowiki>"\\Qhttp://www.facebook.com/profile.php?ref=profile&id=\\E([0-9]+)"</nowiki>
| <nowiki>Specify the regular expression (in quotes) for the link of the expected page after successfully passing facebook's login page Note: The (optional) capturing group is checked against facebook's user identifier. If no group is specified, no check is performed </nowiki>
| facebookmessaging.properties:17
|-
| <nowiki>com.openexchange.messaging.facebook.apiVersion</nowiki>
| <nowiki>1.0</nowiki>
| <nowiki>Specify the version of facebook's API </nowiki>
| facebookmessaging.properties:20
|-
| <nowiki>com.openexchange.messaging.facebook.nameOfUserField</nowiki>
| <nowiki>email</nowiki>
| <nowiki>Specify the name of the login field on facebook's login page </nowiki>
| facebookmessaging.properties:23
|-
| <nowiki>com.openexchange.messaging.facebook.nameOfPasswordField</nowiki>
| <nowiki>pass</nowiki>
| <nowiki>Specify the name of the password field on facebook's login page </nowiki>
| facebookmessaging.properties:26
|-
| <nowiki>com.openexchange.messaging.facebook</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| facebookmessaging.properties:3
|-
| <nowiki>com.openexchange.messaging.facebook.renewalFrequence</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Frequence for facebook session renewal in milliseconds. Default is 300000 (5 minutes). </nowiki>
| facebookmessaging.properties:7
|-
| <nowiki>com.openexchange.oauth.facebook</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable Facebook OAuth support </nowiki>
| facebookoauth.properties:2
|-
| <nowiki>com.openexchange.facebook.apiKey</nowiki>
| <nowiki>INSERT_YOUR_API_KEY_HERE</nowiki>
| <nowiki>Specify the API key obtained from facebook </nowiki>
| facebookoauth.properties:5
|-
| <nowiki>com.openexchange.facebook.secretKey</nowiki>
| <nowiki>INSERT_YOUR_API_SECRET_HERE</nowiki>
| <nowiki>Specify the secret key obtained from facebook </nowiki>
| facebookoauth.properties:8
|-
| <nowiki>com.openexchange.subscribe.socialplugin.facebook</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| facebooksubscribe.properties:1
|-
| <nowiki>com.openexchange.subscribe.socialplugin.facebook.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| facebooksubscribe.properties:2
|-
| <nowiki>java.util.logging.FileHandler.append</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| file-logging.properties:10
|-
| <nowiki>java.util.logging.FileHandler.append</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| file-logging.properties:10
|-
| <nowiki>.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>possible log levels are ALL INFO FINE </nowiki>
| file-logging.properties:2
|-
| <nowiki>.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>possible log levels are ALL INFO FINE </nowiki>
| file-logging.properties:2
|-
| <nowiki>com.openexchange.login.internal.LoginPerformer.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof. </nowiki>
| file-logging.properties:20
|-
| <nowiki>com.openexchange.login.internal.LoginPerformer.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof. </nowiki>
| file-logging.properties:20
|-
| <nowiki>com.openexchange.sessiond.impl.SessionHandler.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:21
|-
| <nowiki>com.openexchange.sessiond.impl.SessionHandler.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:21
|-
| <nowiki>sun.rmi.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:23
|-
| <nowiki>sun.rmi.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:23
|-
| <nowiki>org.apache.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:24
|-
| <nowiki>org.apache.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:24
|-
| <nowiki>com.sun.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:25
|-
| <nowiki>com.sun.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:25
|-
| <nowiki>javax.management.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:26
|-
| <nowiki>javax.management.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:26
|-
| <nowiki>javax.jmdns.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:27
|-
| <nowiki>javax.jmdns.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:27
|-
| <nowiki>com.hazelcast.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:28
|-
| <nowiki>com.hazelcast.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:28
|-
| <nowiki>org.glassfish.grizzly.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:29
|-
| <nowiki>org.glassfish.grizzly.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:29
|-
| <nowiki>org.apache.cxf.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set to FINE to log SOAP requests for debugging purpose </nowiki>
| file-logging.properties:32
|-
| <nowiki>org.apache.cxf.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set to FINE to log SOAP requests for debugging purpose </nowiki>
| file-logging.properties:32
|-
| <nowiki>com.openexchange.soap.cxf.logger.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:33
|-
| <nowiki>com.openexchange.soap.cxf.logger.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:33
|-
| <nowiki>org.jaudiotagger.level</nowiki>
| <nowiki>SEVERE</nowiki>
| <nowiki>Set org.jaudiotagger to SEVERE </nowiki>
| file-logging.properties:36
|-
| <nowiki>org.jaudiotagger.level</nowiki>
| <nowiki>SEVERE</nowiki>
| <nowiki>Set org.jaudiotagger to SEVERE </nowiki>
| file-logging.properties:36
|-
| <nowiki>com.openexchange.documentconverter.impl.Manager.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set global documentconverter logging level to WARNING </nowiki>
| file-logging.properties:39
|-
| <nowiki>com.openexchange.documentconverter.impl.Manager.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set global documentconverter logging level to WARNING </nowiki>
| file-logging.properties:39
|-
| <nowiki>handlers</nowiki>
| <nowiki>java.util.logging.FileHandler</nowiki>
| <nowiki></nowiki>
| file-logging.properties:4
|-
| <nowiki>handlers</nowiki>
| <nowiki>java.util.logging.FileHandler</nowiki>
| <nowiki></nowiki>
| file-logging.properties:4
|-
| <nowiki>com.gargoylesoftware.htmlunit.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Reduce log level for htmlunit.jar </nowiki>
| file-logging.properties:42
|-
| <nowiki>com.gargoylesoftware.htmlunit.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Reduce log level for htmlunit.jar </nowiki>
| file-logging.properties:42
|-
| <nowiki>com.openexchange.ajax.requesthandler.DispatcherServlet.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>A switch to control which exceptions are logged to the log file Set this to ALL to log all exceptions </nowiki>
| file-logging.properties:49
|-
| <nowiki>com.openexchange.ajax.requesthandler.DispatcherServlet.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>A switch to control which exceptions are logged to the log file Set this to ALL to log all exceptions </nowiki>
| file-logging.properties:49
|-
| <nowiki>java.util.logging.FileHandler.pattern</nowiki>
| <nowiki>/var/log/open-xchange/open-xchange.log</nowiki>
| <nowiki></nowiki>
| file-logging.properties:5
|-
| <nowiki>java.util.logging.FileHandler.pattern</nowiki>
| <nowiki>/var/log/open-xchange/open-xchange.log</nowiki>
| <nowiki></nowiki>
| file-logging.properties:5
|-
| <nowiki>java.util.logging.FileHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| file-logging.properties:6
|-
| <nowiki>java.util.logging.FileHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| file-logging.properties:6
|-
| <nowiki>java.util.logging.FileHandler.limit</nowiki>
| <nowiki>2097152</nowiki>
| <nowiki></nowiki>
| file-logging.properties:7
|-
| <nowiki>java.util.logging.FileHandler.limit</nowiki>
| <nowiki>2097152</nowiki>
| <nowiki></nowiki>
| file-logging.properties:7
|-
| <nowiki>java.util.logging.FileHandler.count</nowiki>
| <nowiki>99</nowiki>
| <nowiki></nowiki>
| file-logging.properties:8
|-
| <nowiki>java.util.logging.FileHandler.count</nowiki>
| <nowiki>99</nowiki>
| <nowiki></nowiki>
| file-logging.properties:8
|-
| <nowiki>java.util.logging.FileHandler.formatter</nowiki>
| <nowiki>java.util.logging.SimpleFormatter</nowiki>
| <nowiki></nowiki>
| file-logging.properties:9
|-
| <nowiki>java.util.logging.FileHandler.formatter</nowiki>
| <nowiki>java.util.logging.SimpleFormatter</nowiki>
| <nowiki></nowiki>
| file-logging.properties:9
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| filemanagementDistributed.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| filemanagementDistributed.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| filemanagementDistributed.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>distributedFiles-0</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| filemanagementDistributed.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>3600</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. </nowiki>
| filemanagementDistributed.properties:31
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].endpoint</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the endpoint (e.g. "ec2.amazonaws.com") or a full URL, including the protocol (e.g. "https://ec2.amazonaws.com") of the region specific AWS endpoint this client will communicate with. Defaults to "s3.amazonaws.com" if not defined. </nowiki>
| filestore-s3.properties:22
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].region</nowiki>
| <nowiki>us-west-2</nowiki>
| <nowiki>Configures the Amazon S3 region to use when creating new buckets. This value is also used to pre-configure the client when no specific endpoint is set. Possible values are "us-gov-west-1", "us-east-1", "us-west-1", "us-west-2", "eu-west-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1" and "sa-east-1". Defaults to "us-west-2". </nowiki>
| filestore-s3.properties:29
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].accessKey</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the AWS access key to use. Required. </nowiki>
| filestore-s3.properties:32
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].secretKey</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the AWS secret key to use. Required. </nowiki>
| filestore-s3.properties:35
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].encryption</nowiki>
| <nowiki>none</nowiki>
| <nowiki>Optionally specifies which client-side encryption should be used. Current options include "none" for no encryption, or "rsa" for an RSA-based asymmetric encryption. Defaults to "none". Please note that depending on the used key length and Java runtime, one might need to replace the so-called "JCE Unlimited Strength Jurisdiction Policy Files" accordingly. </nowiki>
| filestore-s3.properties:43
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].encryption.rsa.keyStore</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the path to the local keystore file (PKCS #12) containing the public-/private-key pair to use for encryption, e.g. "/opt/open-xchange/etc/cert/awss3.p12". Required if "com.openexchange.aws.s3.[filestoreID].encryption" is set to "rsa". </nowiki>
| filestore-s3.properties:49
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].encryption.rsa.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the password used when creating the referenced keystore containing public-/private-key pair to use for encryption. Note that blank or null passwords are in violation of the PKCS #12 specifications. Required if "com.openexchange.aws.s3.[filestoreID].encryption" is set to "rsa". </nowiki>
| filestore-s3.properties:55
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].bucketName</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the name of the parent bucket to use. The bucket will be created
automatically if it not yet exists, however, it's still possible to use an
already existing one. There are some naming restrictions, please refer to
http://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html for
details. Required. </nowiki>
| filestore-s3.properties
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].pathStyleAccess</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Defines if path-style-access should be used when accessing the S3 API. If not set to "true", virtual-hosted-style access is used. Please refer to
http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html for
details. Defaults to true. </nowiki>
| filestore-s3.properties
|-
| <nowiki>com.openexchange.find.basic.mail.searchmailbody </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Denotes if mail search queries should be matched against mail bodies. This improves the search experience within the mail module, if your mail backend supports fast full text search. Otherwise it can slow down the search requests significantly. Change the value to 'true', if fast full text search is supported. Default is 'false'. </nowiki>
| findbasic.properties:16
|-
| <nowiki>com.openexchange.find.basic.mail.allMessagesFolder </nowiki>
| <nowiki></nowiki>
| <nowiki>Some mail backends provide a virtual folder that contains all messages of a user to enable cross-folder mail search. Open-Xchange can make use of this feature to improve the search experience. Set the value to the name of the virtual mail folder containing all messages. Leave blank if no such folder exists. </nowiki>
| findbasic.properties:7
|-
| <nowiki>IGNORE_SHARED_ADDRESSBOOK</nowiki>
| <nowiki>TRUE</nowiki>
| <nowiki>Determine whether to ignore 'shared addressbook' folder or not. Possible values: TRUE / FALSE </nowiki>
| foldercache.properties:12
|-
| <nowiki>ENABLE_INTERNAL_USER_EDIT</nowiki>
| <nowiki>TRUE</nowiki>
| <nowiki>Define if users are allowed to edit their own contact object contained in folder 'Global Address Book' aka 'Internal Users'. Switching this parameter only has an effect for new created contexts. </nowiki>
| foldercache.properties:17
|-
| <nowiki>com.openexchange.folderstorage.outlook.showPersonalBelowInfoStore</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specifies whether a user's default InfoStore folder should appear below InfoStore root folder: - Infostore -- My files -- Public infostore -- Userstore -- Other infstore folders </nowiki>
| foldercache.properties:27
|-
| <nowiki>com.openexchange.folderstorage.database.preferDisplayName</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies whether default InfoStore folders are labeled with owning user's display name or name is read from folder storage (database) </nowiki>
| foldercache.properties:31
|-
| <nowiki>ENABLE_DB_GROUPING</nowiki>
| <nowiki> TRUE</nowiki>
| <nowiki>Define where to perform folder grouping. This filters the database results for duplicate folders in the where clause of the db statement or afterwards in the application. Possible values: TRUE / FALSE </nowiki>
| foldercache.properties:5
|-
| <nowiki>ENABLE_FOLDER_CACHE</nowiki>
| <nowiki> TRUE</nowiki>
| <nowiki>Enable or disable folder caching. Possible values: TRUE / FALSE </nowiki>
| foldercache.properties:8
|-
| <nowiki>com.openexchange.folder.json.module</nowiki>
| <nowiki>folders</nowiki>
| <nowiki># Define the module which also serves as the appendix for registered servlet: # If module is set to "myfolders", the servlet path is changed to "/ajax/myfolders" # Default is "folders" </nowiki>
| folderjson.properties:6
|-
| <nowiki>project.required.plugins</nowiki>
| <nowiki>org.apache.forrest.plugin.output.pdf</nowiki>
| <nowiki>The names of plugins that are required to build the project comma separated list (no spaces) You can request a specific version by appending "-VERSION" to the end of the plugin name. If you exclude a version number the latest released version will be used, however, be aware that this may be a development version. In a production environment it is recomended that you specify a known working version. Run "forrest available-plugins" for a list of plug-ins currently available </nowiki>
| forrest.properties:125
|-
| <nowiki>project.skin</nowiki>
| <nowiki>lucene</nowiki>
| <nowiki>Specifies name of Forrest skin to use See list at http://forrest.apache.org/docs/skins.html </nowiki>
| forrest.properties:29
|-
| <nowiki>com.openexchange.freebusy.provider.ews.password</nowiki>
| <nowiki></nowiki>
| <nowiki>The password to access the EWS. Required. </nowiki>
| freebusy_provider_ews.properties:11
|-
| <nowiki>com.openexchange.freebusy.provider.ews.detailed</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether the detailed free/busy-view including subject and location of the appointments is requested from EWS or not. </nowiki>
| freebusy_provider_ews.properties:15
|-
| <nowiki>com.openexchange.freebusy.provider.ews.emailSuffixes</nowiki>
| <nowiki></nowiki>
| <nowiki>Allows the definition of a comma-separated list of e-mail-address suffixes (e.g. domain parts like "@example.org") that are used to pre-filter the requested participants before passing them to EWS. Optional, but strongly recommended to reduce the amount of transferred data. </nowiki>
| freebusy_provider_ews.properties:21
|-
| <nowiki>com.openexchange.freebusy.provider.ews.validEmailsOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether only valid e-mail addresses are used in the free/busy lookup or not. </nowiki>
| freebusy_provider_ews.properties:25
|-
| <nowiki>com.openexchange.freebusy.provider.ews.trustAllCerts</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to skip certificate validation and trust all server certificates. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory". </nowiki>
| freebusy_provider_ews.properties:30
|-
| <nowiki>com.openexchange.freebusy.provider.ews.skipHostVerification</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to bypass hostname verification. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.hostname.verifier". </nowiki>
| freebusy_provider_ews.properties:35
|-
| <nowiki>com.openexchange.freebusy.provider.ews.exchangeVersion</nowiki>
| <nowiki>EXCHANGE_2010</nowiki>
| <nowiki>Configures the requested Exchange Server version. Possible values include "EXCHANGE_2007_SP_1", "EXCHANGE_2010", "EXCHANGE_2010_SP_1" and "EXCHANGE_2010_SP_2". </nowiki>
| freebusy_provider_ews.properties:40
|-
| <nowiki>com.openexchange.freebusy.provider.ews.url</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the URL to the Exchange Web Service (usually something like http://exchange.example.com/EWS/Exchange.asmx). Required. </nowiki>
| freebusy_provider_ews.properties:5
|-
| <nowiki>com.openexchange.freebusy.provider.ews.userName</nowiki>
| <nowiki></nowiki>
| <nowiki>The user name to access the EWS. Required. </nowiki>
| freebusy_provider_ews.properties:8
|-
| <nowiki>com.openexchange.freebusy.provider.google.emailSuffixes</nowiki>
| <nowiki>@gmail.com,@googlemail.com</nowiki>
| <nowiki>Allows the definition of a comma-separated list of e-mail-address suffixes (e.g. domain parts like "@googlemail.com") that are used to pre-filter the requested participants before passing them to Google. Optional, but strongly recommended to reduce the amount of transferred data. </nowiki>
| freebusy_provider_google.properties:15
|-
| <nowiki>com.openexchange.freebusy.provider.google.validEmailsOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether only valid e-mail addresses are used in the free/busy lookup or not. </nowiki>
| freebusy_provider_google.properties:19
|-
| <nowiki>com.openexchange.freebusy.provider.google.apiEndpoint</nowiki>
| <nowiki>https://www.googleapis.com/calendar/v3</nowiki>
| <nowiki>Configures the URI of the Google Calendar API endpoint and should normally not be changed. Required. </nowiki>
| freebusy_provider_google.properties:5
|-
| <nowiki>com.openexchange.freebusy.provider.google.apiKey</nowiki>
| <nowiki>{YOUR_API_KEY}</nowiki>
| <nowiki>Sets the Google API key to be used for requests to the Google Calendar API. Required. </nowiki>
| freebusy_provider_google.properties:9
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.userID</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the user ID of the user in whose name the internal free/busy data is requested from the server (should normally be the internal user ID of the context administrator). Required. </nowiki>
| freebusy_publisher_ews.properties:10
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.url</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the URL to the Exchange Web Service (usually something like http://exchange.example.com/EWS/Exchange.asmx). Required. </nowiki>
| freebusy_publisher_ews.properties:14
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.userName</nowiki>
| <nowiki></nowiki>
| <nowiki>The user name to access the EWS. Required. </nowiki>
| freebusy_publisher_ews.properties:17
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.password</nowiki>
| <nowiki></nowiki>
| <nowiki>The password to access the EWS. Required. </nowiki>
| freebusy_publisher_ews.properties:20
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.publishMonths</nowiki>
| <nowiki>3</nowiki>
| <nowiki>Configures the amount of free/busy data to be published. The period always starts at the first of the current month. Defaults to '3'. </nowiki>
| freebusy_publisher_ews.properties:24
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.delay</nowiki>
| <nowiki>15</nowiki>
| <nowiki>Specifies the time in minutes between publication cycles, i.e. configures the free/busy data update interval. Defaults to '15'. </nowiki>
| freebusy_publisher_ews.properties:28
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.initialDelay</nowiki>
| <nowiki>5</nowiki>
| <nowiki>Specifies the time in minutes before starting the first publication cycle upon bundle startup. Defaults to '5'. </nowiki>
| freebusy_publisher_ews.properties:32
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.chunkSize</nowiki>
| <nowiki>50</nowiki>
| <nowiki>Defines the number of users that are processed in a chunk when publishing free/busy data. Default to '50'. </nowiki>
| freebusy_publisher_ews.properties:36
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.exchangeVersion</nowiki>
| <nowiki>EXCHANGE_2010</nowiki>
| <nowiki>Configures the requested Exchange Server version. Possible values include "EXCHANGE_2007_SP_1", "EXCHANGE_2010", "EXCHANGE_2010_SP_1" and "EXCHANGE_2010_SP_2". Defaults to 'EXCHANGE_2010'. </nowiki>
| freebusy_publisher_ews.properties:41
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.trustAllCerts</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to skip certificate validation and trust all server certificates. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory". </nowiki>
| freebusy_publisher_ews.properties:46
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.contextID</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the context ID of the users whose free/busy data is published to the Exchange server. Required. </nowiki>
| freebusy_publisher_ews.properties:5
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.skipHostVerification</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to bypass hostname verification. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.hostname.verifier". </nowiki>
| freebusy_publisher_ews.properties:51
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies how the legacyExchangeDN for free/busy users is retrieved. May be one of 'static' or 'ldap'. A static lookup uses existing user attributes to construct the legacyExchangeDN path, while 'ldap' queries the 'legacyExchangeDN' attribute from the Active Directory using one or more user attributes. Required. </nowiki>
| freebusy_publisher_ews.properties:58
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.static</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the template to construct the legacyExchangeDN path. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'static'. All occurrences of the following user attributes are replaced: [displayName], [contactId], [givenName], [surName], [userId], [imapLogin], [imapServer], [mailDomain], [mail], [loginInfo]. An example template would be "/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/ cn=Recipients/cn=[displayName]" </nowiki>
| freebusy_publisher_ews.properties:67
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.filter</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the LDAP filter used to query the Active Directory for the legacyExchangeDN of a user. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. Within the search filter, all occurrences of the following user attributes are replaced dynamically: [displayName], [contactId], [givenName], [surName], [userId], [imapLogin], [imapServer], [mailDomain], [mail], [loginInfo]. For example: "(&(objectClass=contact)(cn=[displayName]))" </nowiki>
| freebusy_publisher_ews.properties:76
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.uri</nowiki>
| <nowiki></nowiki>
| <nowiki>The URI of the LDAP server, should be in the format ldap://myserver.example.com:389. For SSL access, use the ldaps protocol and the appropriate port, e.g. ldaps://myserver.example.com:636. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. </nowiki>
| freebusy_publisher_ews.properties:82
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.baseDN</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures a base LDAP path. If defined, all Distinguished Names supplied to and received from LDAP operations will be relative to the LDAP path supplied. If not defined, the default naming context of the RootDSE is used as baseDN. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. </nowiki>
| freebusy_publisher_ews.properties:89
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.bindDN</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the bind DN used for LDAP authentication here. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. If left empty, anonymous authentication is used. </nowiki>
| freebusy_publisher_ews.properties:94
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.bindPW</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the bind password used for LDAP authentication here. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap' and 'com.openexchange.freebusy.publisher.ews.lookup.ldap.bindDN' is defined. </nowiki>
| freebusy_publisher_ews.properties:99
|-
| <nowiki>com.openexchange.http.grizzly.hasCometEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Comet is an umbrella term used to describe a technique allowing web browser to receive almost real time updates from the server. The two most common approaches are long polling and streaming. Long polling differs from streaming in that each update from the server ultimately results in another follow up request from the client. Default value: true </nowiki>
| grizzly.properties:18
|-
| <nowiki>com.openexchange.http.grizzly.hasWebSocketsEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Bi-directional, full-duplex communications channels over a single TCP connection. Default value: false </nowiki>
| grizzly.properties:23
|-
| <nowiki>com.openexchange.http.grizzly.hasJMXEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Do you want to enable grizzly monitoring via JMX? Default value: true. </nowiki>
| grizzly.properties:31
|-
| <nowiki>com.openexchange.http.grizzly.hasAJPEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Grizzly is able to communicate via AJP besides its default prototcol HTTP. Do you want to use AJP instead of HTTP? Default value: false </nowiki>
| grizzly.properties:40
|-
| <nowiki>com.openexchange.http.grizzly.ping</nowiki>
| <nowiki>PROCESSING</nowiki>
| <nowiki>Specify the ping mechanism to use. Currently supported values: * NONE -- No ping at all * PROCESSING -- Ping through 102 Processing interim response * CONTINUE -- Ping through 100 Continue interim response * WHITESPACE -- Ping through transmitting a whitespace character (and implicitly committing HTTP response) Default is PROCESSING. </nowiki>
| grizzly.properties:52
|-
| <nowiki>com.openexchange.http.grizzly.pingDelay</nowiki>
| <nowiki>90000</nowiki>
| <nowiki>The ping delay aka frequency in milliseconds. Default is 90000. </nowiki>
| grizzly.properties:56
|-
| <nowiki>com.openexchange.http.grizzly.maxPingCount</nowiki>
| <nowiki>9</nowiki>
| <nowiki>The number of pings allowed being initiated before quit A value of zero or less means unlimited (actually 2^31 - 1) Default is 9 (because Apache has a hard-coded limit of 10) </nowiki>
| grizzly.properties:61
|-
| <nowiki>com.openexchange.halo.linkedin.enabledMailCapableKey</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether LinkedIn API key/secret are allowed to access E-Mail-sensitive data </nowiki>
| halo-linkedin.properties:4
|-
| <nowiki>com.openexchange.hazelcast.network.portAutoIncrement</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures if automatically the next port should be tried if the incoming port is already in use. Defaults to "true". </nowiki>
| hazelcast.properties:102
|-
| <nowiki>com.openexchange.hazelcast.network.outboundPortDefinitions</nowiki>
| <nowiki></nowiki>
| <nowiki>By default, Hazelcast lets the system to pick up an ephemeral port during socket bind operation. But security policies/firewalls may require to restrict outbound ports to be used by Hazelcast enabled applications. To fulfill this requirement, you can configure Hazelcast to use only defined outbound ports. You can use port ranges and/or comma separated ports, e.g. "35000-35100" or "36001, 36002, 36003". Defaults to "". </nowiki>
| hazelcast.properties:110
|-
| <nowiki>com.openexchange.hazelcast.network.enableIPv6Support</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables support for IPv6. IPv6 support is switched off by default, since some platforms have issues in use of IPv6 stack, and some other platforms such as Amazon AWS have no support at all. Defaults to "false". </nowiki>
| hazelcast.properties:116
|-
| <nowiki>com.openexchange.hazelcast.socket.bindAny</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether to bind the server- and client-sockets to any local interface or not. Defaults to "false", which restricts the bind operation to the picked interface address based on the value of "com.openexchange.hazelcast.network.interfaces". </nowiki>
| hazelcast.properties:122
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables symmetric encryption. When enabled, the entire communication between the hazelcast members is encrypted at socket level. Ensure that all symmetric encryption settings are equal on all participating nodes in the cluster. More advanced options (including asymmetric encryption and SSL) may still be configured via the "hazelcast.xml" file, see instructions on top of this file. Defaults to "false". /!\ ---==== Additional note ====--- /!\ If symmetric encryption is enabled, it might have impact on Hazelcast cluster stability. Hazelcast nodes start loosing cluster connectivity under high load scenarios </nowiki>
| hazelcast.properties:140
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.algorithm</nowiki>
| <nowiki>PBEWithMD5AndDES</nowiki>
| <nowiki>Configures the name of the symmetric encryption algorithm to use, such as "DES/ECB/PKCS5Padding", "PBEWithMD5AndDES", "Blowfish" or "DESede". The available cipher algorithms may vary based on the underlying JCE. Defaults to "PBEWithMD5AndDES". </nowiki>
| hazelcast.properties:146
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.salt</nowiki>
| <nowiki>2mw67LqNDEb3</nowiki>
| <nowiki>Specifies the salt value to use when generating the secret key for symmetric encryption. Defaults to "2mw67LqNDEb3". </nowiki>
| hazelcast.properties:150
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.password</nowiki>
| <nowiki>D2xhL8mPkjsF</nowiki>
| <nowiki>Specifies the pass phrase to use when generating the secret key for symmetric encryption. Defaults to "D2xhL8mPkjsF". </nowiki>
| hazelcast.properties:154
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.iterationCount</nowiki>
| <nowiki>19</nowiki>
| <nowiki>Configures the iteration count to use when generating the secret key for symmetric encryption. Defaults to "19". </nowiki>
| hazelcast.properties:158
|-
| <nowiki>com.openexchange.hazelcast.logging.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether Hazelcast's internal logging system is enabled or not. Defaults to "true". </nowiki>
| hazelcast.properties:165
|-
| <nowiki>com.openexchange.hazelcast.maxOperationTimeout</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Specifies the implicit maximum operation timeout in milliseconds for operations on distributed data structures, if no explicit timeout is specified for an operation. Defaults to "5000". </nowiki>
| hazelcast.properties:170
|-
| <nowiki>com.openexchange.hazelcast.jmx</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables or disables JMX monitoring for hazelcast components such as statistics about distributed data structures. Defaults to "true". </nowiki>
| hazelcast.properties:174
|-
| <nowiki>com.openexchange.hazelcast.jmxDetailed</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies whether detailed JMX monitoring is enabled or not, i.e. detailed information about entries in distributed data structures. Only taken into account if "com.openexchange.hazelcast.jmx" is "true". Defaults to "false". </nowiki>
| hazelcast.properties:179
|-
| <nowiki>com.openexchange.hazelcast.memcache.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables Hazelcast's internal Memcache client request listener service. Defaults to "false", as it's not needed by the backend. </nowiki>
| hazelcast.properties:183
|-
| <nowiki>com.openexchange.hazelcast.rest.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables Hazelcast's internal REST client request listener service. Defaults to "false", as it's not needed by the backend. </nowiki>
| hazelcast.properties:187
|-
| <nowiki>com.openexchange.hazelcast.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables or disables Hazelcast. Setting this property to "false" will result in no Hazelcast instance being created for this node, and all other dependent features will be disabled. Defaults to "true". </nowiki>
| hazelcast.properties:32
|-
| <nowiki>com.openexchange.hazelcast.group.name</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the name of the cluster. Only nodes using the same group name will join each other and form the cluster. Required if "com.openexchange.hazelcast.network.join" is not "empty" (see below). </nowiki>
| hazelcast.properties:37
|-
| <nowiki>com.openexchange.hazelcast.group.password</nowiki>
| <nowiki>wtV6$VQk8#+3ds!a</nowiki>
| <nowiki>The password used when joining the cluster. Defaults to "wtV6$VQk8#+3ds!a". Please change this value, and ensure it's equal on all nodes in the cluster. </nowiki>
| hazelcast.properties:41
|-
| <nowiki>com.openexchange.hazelcast.network.join</nowiki>
| <nowiki>empty</nowiki>
| <nowiki>Specifies which mechanism is used to discover other backend nodes in the cluster. Possible values are "empty" (no discovery for single-node setups), "static" (fixed set of cluster member nodes) or "multicast" (automatic discovery of other nodes via multicast). Defaults to "empty". Depending on the specified value, further configuration might be needed, see "Networking" section below. </nowiki>
| hazelcast.properties:52
|-
| <nowiki>com.openexchange.hazelcast.network.join.static.nodes</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures a comma-separated list of IP addresses / hostnames of possible nodes in the cluster, e.g. "10.20.30.12, 10.20.30.13:5701, 192.178.168.110". Only used if "com.openexchange.hazelcast.network.join" is set to "static". It doesn't hurt if the address of the local host appears in the list, so that it's still possible to use the same list throughout all nodes in the cluster. </nowiki>
| hazelcast.properties:60
|-
| <nowiki>com.openexchange.hazelcast.network.join.multicast.group</nowiki>
| <nowiki>224.2.2.3</nowiki>
| <nowiki>Configures the multicast address used to discover other nodes in the cluster dynamically. Only used if "com.openexchange.hazelcast.network.join" is set to "multicast". If the nodes reside in different subnets, please ensure that multicast is enabled between the subnets. Defaults to "224.2.2.3". </nowiki>
| hazelcast.properties:66
|-
| <nowiki>com.openexchange.hazelcast.network.join.multicast.port</nowiki>
| <nowiki>54327</nowiki>
| <nowiki>Configures the multicast port used to discover other nodes in the cluster dynamically. Only used if "com.openexchange.hazelcast.network.join" is set to "multicast". Defaults to "54327". </nowiki>
| hazelcast.properties:71
|-
| <nowiki>com.openexchange.hazelcast.merge.firstRunDelay</nowiki>
| <nowiki>120s</nowiki>
| <nowiki>Configures the time until the first check if the cluster needs to merge is scheduled. This takes a timespan parameter with "ms" denoting milliseconds, "s" denoting seconds, "m" denoting minutes. The value is passed to the hazelcast property "hazelcast.merge.first.run.delay.seconds". Defaults to "120s". </nowiki>
| hazelcast.properties:78
|-
| <nowiki>com.openexchange.hazelcast.merge.runDelay</nowiki>
| <nowiki>120s</nowiki>
| <nowiki>Configures the time between each check if the cluster needs to merge. This takes a timespan parameter with "ms" denoting milliseconds, "s" denoting seconds, "m" denoting minutes. The value is passed to the hazelcast property "hazelcast.merge.next.run.delay.seconds". Defaults to "120s". </nowiki>
| hazelcast.properties:84
|-
| <nowiki>com.openexchange.hazelcast.network.interfaces</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>Comma-separated list of interface addresses hazelcast should use. Wildcards (*) and ranges (-) can be used. Leave blank to listen on all interfaces Especially in server environments with multiple network interfaces, it's recommended to specify the IP-address of the network interface to bind to explicitly. Defaults to "127.0.0.1" (local loopback only), needs to be adjusted when building a cluster of multiple backend nodes. </nowiki>
| hazelcast.properties:95
|-
| <nowiki>com.openexchange.hazelcast.network.port</nowiki>
| <nowiki>5701</nowiki>
| <nowiki>The port Hazelcast will listen for incoming connections. Defaults to "5701". </nowiki>
| hazelcast.properties:98
|-
| <nowiki>CONTEXT_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXContextMySQLStorage</nowiki>
| <nowiki></nowiki>
| hosting.properties:1
|-
| <nowiki>CREATE_CONTEXT_USE_UNIT</nowiki>
| <nowiki>context</nowiki>
| <nowiki>what to count when distributing contexts over db engines possible values: context or user </nowiki>
| hosting.properties:11
|-
| <nowiki>CHECK_CONTEXT_LOGIN_MAPPING_REGEXP</nowiki>
| <nowiki>[$%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki>pattern of allowed chars in login mapping names </nowiki>
| hosting.properties:14
|-
| <nowiki>NEW_CONTEXT_DEFAULT_ACCESS_COMBINATION_NAME</nowiki>
| <nowiki>webmail_plus</nowiki>
| <nowiki>Default access combination template name for newly created contexts! See also "ModuleAccessDefinitions" file for details! If the name is NOT defined in "ModuleAccessDefinitions" file , fallback will be used! </nowiki>
| hosting.properties:19
|-
| <nowiki>UTIL_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXUtilMySQLStorage</nowiki>
| <nowiki></nowiki>
| hosting.properties:2
|-
| <nowiki>AVERAGE_CONTEXT_SIZE</nowiki>
| <nowiki>200</nowiki>
| <nowiki>Misc properties average size of a context in MB </nowiki>
| hosting.properties:6
|-
| <nowiki>CONTEXTS_PER_SCHEMA</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>amount of contexts per database schema </nowiki>
| hosting.properties:8
|-
| <nowiki>com.openexchange.imap.storeContainerType</nowiki>
| <nowiki>boundary-aware</nowiki>
| <nowiki>An IMAP connection cache acts a temporary keep-alive cache for already connected resources to an IMAP server's account. Meaning it keeps a resource open/connected for a short amount of time (see "com.openexchange.mail.mailAccessCacheIdleSeconds") and performs a "close elapsed ones" run periodically (see "com.openexchange.mail.mailAccessCacheShrinkerSeconds"). In addition to that behavior there are two modes of operation - bounded and unbounded. For an unbounded cache, set this property to "unbounded". Thus a user is allowed to establish as many connections to his IMAP account as demanded by his active clients (Web UI, EAS, Outlook OXtender, etc.). A bounded cache allows only as many concurrently opened resources as specified through "com.openexchange.imap.maxNumConnections" property. Taking the wording "resource" was chosen by intention, since two types of resource abstractions exist: IMAP store and IMAP protocol (an authenticated login's socket connection). The default setting "boundary-aware" considers an "IMAP store" as limited resources to an IMAP server. The vague thing about IMAP store is that it maintains a connection pool internally by itself. Thus it is possible that there are actually more active socket connections open than specified, because an IMAP store is allowed to open further connections when needed; e.g. when accessing another IMAP folder while INBOX has been opened, too. Practical experience showed that there will be at max.: "com.openexchange.imap.maxNumConnections" + 1 The setting "non-caching" does an exact mapping of resource to an established/authenticated socket connection to the IMAP account. It is named "non-caching" as it does no caching on its own, but delegates it to a custom queuing 'com.sun.mail.imap.IMAPStore' class. Thus an exact limitation of connected socket connections ('com.sun.mail.imap.protocol.IMAPProtocol' instances) is achieved. Specifying a quite small limitation - let's say "1" - arises the possibility that JavaMail gets dead-locked by itself. E.g. an IMAP store attempts to create a second connection. That attempt may get stalled as it waits for itself to free the already acquired connection which never happens. So, please use this exact mapping only if you specify a reasonable limitation. Default is "boundary-aware" </nowiki>
| imap.properties:115
|-
| <nowiki>com.openexchange.imap.maxNumExternalConnections</nowiki>
| <nowiki>imap.gmail.com:2,imap.googlemail.com:2</nowiki>
| <nowiki>Configure the max. number of concurrent connections which are allowed being established to a subscribed/external IMAP account. Notation is a comma-separated list of: <host> + ':' + <max-count>; e.g.: com.openexchange.imap.maxNumExternalConnections=imap.host1.com:4, imap.host2.com:6 For convenience a max-count can be specified which applies to all subscribed/external IMAP accounts; e.g.: com.openexchange.imap.maxNumExternalConnections=4 Zero or less is interpreted as unlimited. If not set, unlimited concurrent connections are allowed. </nowiki>
| imap.properties:124
|-
| <nowiki>com.openexchange.imap.enableTls</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection. </nowiki>
| imap.properties:127
|-
| <nowiki>com.openexchange.imap.notifyRecent</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Notify about recent messages using mail push events. This is a poll-based alternative for any connection-keeping mail push bundle. </nowiki>
| imap.properties:130
|-
| <nowiki>com.openexchange.imap.notifyFrequencySeconds</nowiki>
| <nowiki>300</nowiki>
| <nowiki>The frequency when a check for recent mails is enforced. </nowiki>
| imap.properties:133
|-
| <nowiki>com.openexchange.imap.notifyFullNames</nowiki>
| <nowiki>INBOX</nowiki>
| <nowiki>The full names of the folders to consider. </nowiki>
| imap.properties:136
|-
| <nowiki>com.openexchange.imap.imapSearch</nowiki>
| <nowiki>imap</nowiki>
| <nowiki>Define where to search for emails: - Use value "imap" to let the IMAP Server search. The search is done on IMAP server if a mailbox' size exceeds the mailFetchLimit as defined in mail.properties. - Use value "force-imap" to let the IMAP Server search in every case. - Leave blank or fill in value "application" to search within application. </nowiki>
| imap.properties:14
|-
| <nowiki>com.openexchange.imap.maxMailboxNameLength</nowiki>
| <nowiki>60</nowiki>
| <nowiki>The max. length of a mailbox name Default is 60 characters </nowiki>
| imap.properties:140
|-
| <nowiki>com.openexchange.imap.invalidMailboxNameCharacters</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies a space-separated list of characters that are not allowed to be contained in a mailbox name; e.g. >>com.openexchange.imap.invalidMailboxNameCharacters="; / . | \\"<< Default is empty. </nowiki>
| imap.properties:145
|-
| <nowiki>com.openexchange.imap.allowFolderCaches</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables/disables caching of IMAP folders. Default is true. Note: Only disable IMAP folder cache if you certainly know what you are doing. Disabling that cache may result in noticeable performance decrease. </nowiki>
| imap.properties:151
|-
| <nowiki>com.openexchange.imap.ssl.protocols</nowiki>
| <nowiki>SSLv3 TLSv1</nowiki>
| <nowiki>Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Default value is: SSLv3 TLSv1 </nowiki>
| imap.properties:155
|-
| <nowiki>com.openexchange.imap.ssl.ciphersuites</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the SSL cipher suites that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Check "http://<ox-grizzly-hostname>:<ox-grizzly-port>/stats/diagnostic?param=ciphersuites" to check available cipher suites. Default value is empty (fall-back to current JVM's default SSL cipher suite) </nowiki>
| imap.properties:162
|-
| <nowiki>com.openexchange.imap.umlautFilterThreshold</nowiki>
| <nowiki>50</nowiki>
| <nowiki>Specify the threshold for number of search results returned by IMAP server for which manual umlauts-filtering will be applied. If less than or equal to zero, no manual filtering will be applied. Default value is 50. </nowiki>
| imap.properties:19
|-
| <nowiki>com.openexchange.imap.imapFastFetch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This property determines whether a fast fetch is performed on large mail folders or not. Although the fetch is fast on IMAP side, a lot of data is transfered during reading response which cause a temporary memory peak. If disabled only the necessary fields are used as command arguments, which is slower but needs less memory. NOTE: See property "imapMessageFetchLimit" to know which mail folders are treated as large mail folders </nowiki>
| imap.properties:28
|-
| <nowiki>com.openexchange.imap.imapSupportsACL</nowiki>
| <nowiki>auto</nowiki>
| <nowiki>Define if IMAP server supports ACLs. Possible values: true/false/auto NOTE: Value "auto" means to use server-defined ACL support as indicated through response to IMAP command "CAPABILITY" </nowiki>
| imap.properties:33
|-
| <nowiki>com.openexchange.imap.imapTimeout</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.imap.timeout </nowiki>
| imap.properties:37
|-
| <nowiki>com.openexchange.imap.imapConnectionTimeout</nowiki>
| <nowiki>20000</nowiki>
| <nowiki>Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.imap.connectiontimeout </nowiki>
| imap.properties:41
|-
| <nowiki>com.openexchange.imap.imapTemporaryDown</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define the amount of time in milliseconds an IMAP server is treated as being temporary down. An IMAP server is treated as being temporary down if a socket connect fails. Further requests to the affected IMAP server are going to be denied for the specified amount of time. A value less or equal to zero disables this setting. </nowiki>
| imap.properties:47
|-
| <nowiki>com.openexchange.imap.failedAuthTimeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>The number of milliseconds a failed authentication attempt is cached to faster handle subsequent authentication attempts Default is 10 seconds. </nowiki>
| imap.properties:52
|-
| <nowiki>com.openexchange.imap.imapAuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for IMAP authentication </nowiki>
| imap.properties:55
|-
| <nowiki>com.openexchange.imap.User2ACLImpl</nowiki>
| <nowiki>auto</nowiki>
| <nowiki>Name of the class that implements User2ACL, their alias or "auto" to use auto-detection. Currently known aliases: Cyrus, Courier, Dovecot, and Sun (Sun Java(tm) System Messaging Server) </nowiki>
| imap.properties:59
|-
| <nowiki>com.openexchange.imap.blockSize</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>IMAP operations which shall be applied to a number of messages which exceeds the block size are performed in blocks. Example: A folder containing thousands of messages shall be cleared. To avoid the risk of an IMAP timeout when trying to delete all messages at once, the messages are deleted in block size portions. A block size equal to or less than zero means no block size. </nowiki>
| imap.properties:66
|-
| <nowiki>com.openexchange.imap.spamHandler</nowiki>
| <nowiki>DefaultSpamHandler</nowiki>
| <nowiki>Define the registration name of the appropriate spam handler to use </nowiki>
| imap.properties:69
|-
| <nowiki>com.openexchange.imap.imapSort</nowiki>
| <nowiki>imap</nowiki>
| <nowiki>Define where to sort emails: Value "imap" to let the IMAP Server sort (faster but less reliable). Leave blank or fill in value "application" to sort within application (slower but good quality). The sorting is done on IMAP server if a mailbox' size exceeds the mailFetchLimit as defined in mail.properties. NOTE: This value is going to be set to "application" if IMAP server capabilities do not contain string "SORT" </nowiki>
| imap.properties:7
|-
| <nowiki>com.openexchange.imap.propagateClientIPAddress</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether client's IP address should be propagated by a NOOP command; e.g. "A01 NOOP <CLIENT_IP>" </nowiki>
| imap.properties:72
|-
| <nowiki>com.openexchange.imap.propagateHostNames</nowiki>
| <nowiki></nowiki>
| <nowiki>Configure a comma-separated list of external IMAP server's host names which should receive client's IP address by a NOOP command, too </nowiki>
| imap.properties:75
|-
| <nowiki>com.openexchange.imap.maxNumConnections</nowiki>
| <nowiki>0</nowiki>
| <nowiki>The max. number of connection allowed being established for a user to an IMAP server. Less than or equal to zero means infinite. Please also consider "com.openexchange.imap.storeContainerType". Note: This setting overrides possibles restrictions specified through property "com.openexchange.imap.maxNumExternalConnections" if this property's value is less than the other one. Default is 0 (zero). </nowiki>
| imap.properties:84
|-
| <nowiki>com.openexchange.imap.namespacePerUser</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This option controls whether there it is expected to have a dedicated NAMESPACE per user or not. In case of "true" each mailbox account on associated IMAP server is allowed to have its own NAMESPACE set; might be "" (root) or "INBOX.". Otherwise for "false" every mailbox is assumed to have the same NAMESPACE set.
This influences the way Open-Xchange Server detects & caches NAMESPACE information; either on a per user basis (more IMAP traffic) or globally (only requested once).
It should not be changed/touched unless IMAP server behavior is well know.</nowiki>
| imap.properties
|-
| <nowiki>IMAP_TIMEOUT</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Socket I/O timeout value in milliseconds </nowiki>
| imapauth.properties:11
|-
| <nowiki>IMAP_CONNECTIONTIMEOUT</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Socket connection timeout value in milliseconds </nowiki>
| imapauth.properties:14
|-
| <nowiki>IMAP_SERVER</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>imap server ip or fqdn </nowiki>
| imapauth.properties:2
|-
| <nowiki>USE_FULL_LOGIN_INFO</nowiki>
| <nowiki>true</nowiki>
| <nowiki>############################################# Set to true to auth with "user@domain" instead of just "user" against imap server. If true the "domain" part will be used as the context name of the ox system. so add "domain" as a login mapping to be able to login. If false, the plugin react as only 1 context exists in the ox system, and this context has the mapping "defaultcontext" added. </nowiki>
| imapauth.properties:22
|-
| <nowiki>USE_MULTIPLE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>######## MULTIPLE IMAP SERVERS ############# If set to true the IMAP authentication plugin gets all IMAP server information from the OX database instead of reading configuration from this file. Following information is fetched from DB and will be used to authenticate against the server: - server - port - ssl/tls Moreover the proper login name is detected as configured by property "com.openexchange.mail.loginSource". To use this feature, set the correct values while provisioning an OX user. Useful if you have many IMAP Servers to connect to. ##### INFO: Domain part of the login is used as context name. Example: test@test.org Username of the OX account must be "test" and name of the OX context must be "test.org" </nowiki>
| imapauth.properties:47
|-
| <nowiki>IMAP_PORT</nowiki>
| <nowiki>143</nowiki>
| <nowiki>port on which the imap server is listening </nowiki>
| imapauth.properties:5
|-
| <nowiki>com.openexchange.authentication.imap.imapAuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for IMAP authentication </nowiki>
| imapauth.properties:51
|-
| <nowiki>IMAP_USE_SECURE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>set to true if connecting via imaps:// </nowiki>
| imapauth.properties:8
|-
| <nowiki>com.openexchange.index.allowedModules </nowiki>
| <nowiki></nowiki>
| <nowiki>Specify all modules that may be indexed as a comma-separated list of module identifiers (these are numbers defined in http://oxpedia.org/wiki/index.php?title=HTTP_API#LinkObject). The default value is empty and disables indexing as a whole. This value takes effect on server granularity and can be overwritten for sets of contexts, single contexts and single users. See http://oxpedia.org/wiki/index.php?title=ConfigCascade and /ox-config-path/contextSets/index.yml for more information on this. Possible modules: E-Mail: 19 As of now only E-Mail can be enabled. Enabling other modules may lead to unforseen errors during runtime. </nowiki>
| index.properties:16
|-
| <nowiki>com.openexchange.service.indexing.workerThreads </nowiki>
| <nowiki> 4</nowiki>
| <nowiki>The number of worker threads for the clustered job scheduler instance that executes the indexing jobs. More worker threads allow it to run more indexing jobs at the same time, but will also increase the load of the worker node. It is recommended to start with a number not higher than the nodes number of CPU cores. Increasing the number afterwards always requires a restart of the node. </nowiki>
| indexing-service.properties:6
|-
| <nowiki>translator.get_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.IdListTranslator</nowiki>
| <nowiki></nowiki>
| infostore-querybuilder.properties:1
|-
| <nowiki>get_request.id_field </nowiki>
| <nowiki> uuid</nowiki>
| <nowiki></nowiki>
| infostore-querybuilder.properties:2
|-
| <nowiki>translator.all_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.AllTranslator</nowiki>
| <nowiki></nowiki>
| infostore-querybuilder.properties:4
|-
| <nowiki>com.openexchange.infostore.zipDocumentsCompressionLevel</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Configures the used compression level that is applied to .zip containers when downloading multiple documents at once. Possible values are "-1" for the built-in default level, "0" for no compression, or any number between "1" (best speed) and "9" (best compression). Defaults to "-1". </nowiki>
| infostore.properties:10
|-
| <nowiki>MAX_UPLOAD_SIZE</nowiki>
| <nowiki>10485760</nowiki>
| <nowiki>If the sum of all uploaded files in one request is larger than this value, the upload will be rejected. If this value is not set or 0, the more general MAX_UPLOAD_SIZE configured in server.properties will be used. If that value is also 0 or not set, uploads will be unrestricted. The size is in Bytes. </nowiki>
| infostore.properties:4
|-
| <nowiki>com.openexchange.jolokia.servlet.name </nowiki>
| <nowiki> /monitoring/jolokia</nowiki>
| <nowiki>Under what servlet name jolokia will be published, please bear in mind that this should not be forwarded by apache and kept internal </nowiki>
| jolokia.properties:11
|-
| <nowiki>com.openexchange.jolokia.user </nowiki>
| <nowiki></nowiki>
| <nowiki>User used for authentication with HTTP Basic Authentication. If not set, jolokia won't start </nowiki>
| jolokia.properties:14
|-
| <nowiki>com.openexchange.jolokia.password </nowiki>
| <nowiki></nowiki>
| <nowiki>Password used for authentification with HTTP Basic Authentication. If not set, jolokia won't start </nowiki>
| jolokia.properties:17
|-
| <nowiki>com.openexchange.jolokia.maxDepth </nowiki>
| <nowiki> 0</nowiki>
| <nowiki>Maximum depth when traversing bean properties. If set to 0, depth checking is disabled </nowiki>
| jolokia.properties:20
|-
| <nowiki>com.openexchange.jolokia.maxObjects </nowiki>
| <nowiki> 100000</nowiki>
| <nowiki>Maximum number of objects which are traversed when serializing a single response. Use this as an airbag to avoid boosting your memory and network traffic. Nevertheless, when set to 0 no limit is imposed. </nowiki>
| jolokia.properties:24
|-
| <nowiki>com.openexchange.jolokia.restrict.to.localhost </nowiki>
| <nowiki> true</nowiki>
| <nowiki>This setting will restrict jolokia access to localhost. It is completly ignored when a jolokia-access.xml is present. It is also a second guard and bound to com.openexchange.connector.networkListenerHost inside server.properties As Jolokia uses the http / ajp interface, it is bound to the host for the connector's (ajp, http) network listener which is configured by com.openexchange.connector.networkListenerHost. </nowiki>
| jolokia.properties:30
|-
| <nowiki>com.openexchange.jolokia.start </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Start jolokia </nowiki>
| jolokia.properties:8
|-
| <nowiki>com.openexchange.kerberos.proxyDelimiter</nowiki>
| <nowiki>+</nowiki>
| <nowiki>Define a delimiter to be used to separate proxy authentication from normal user login on the frontend login screen. If defined, a proxy user can login on behalf of a user using the form <PROXYACCOUNT><DELIMITER><USERACCOUNT>. NOTE: Login to the mail server is not supported. The implementation for mail filter implementation based on SIEVE protocol does not support a proxy authentication, so it will raise error messages. </nowiki>
| kerberos.properties:15
|-
| <nowiki>com.openexchange.kerberos.proxyUser</nowiki>
| <nowiki></nowiki>
| <nowiki>Comma separated list of proxy user logins allowed to login as a proxy user for every other user account. </nowiki>
| kerberos.properties:18
|-
| <nowiki>java.security.auth.login.config</nowiki>
| <nowiki>/opt/open-xchange/etc/kerberosLogin.conf</nowiki>
| <nowiki>path to the Java authentication and authorization configuration file </nowiki>
| kerberos.properties:21
|-
| <nowiki>sun.security.krb5.debug</nowiki>
| <nowiki>false</nowiki>
| <nowiki>enable kerberos debugging </nowiki>
| kerberos.properties:24
|-
| <nowiki>java.security.krb5.conf</nowiki>
| <nowiki>/opt/open-xchange/etc/krb5.conf</nowiki>
| <nowiki>path to the krb5.conf configuration file java.security.krb5.conf=/etc/krb5.conf </nowiki>
| kerberos.properties:28
|-
| <nowiki>com.openexchange.kerberos.moduleName</nowiki>
| <nowiki>Open-Xchange</nowiki>
| <nowiki>Name of the module in the authentication and authorization configuration file. Must be an entry in the file named by java.security.auth.login.config. </nowiki>
| kerberos.properties:5
|-
| <nowiki>com.openexchange.kerberos.userModuleName</nowiki>
| <nowiki>Open-Xchange-User-Auth</nowiki>
| <nowiki>Name of the module in the authentication and authorization configuration file used for username and password authentication. Must be an entry in the file named by java.security.auth.login.config </nowiki>
| kerberos.properties:9
|-
| <nowiki>com.openexchange.langdetect.languageModelsDir</nowiki>
| <nowiki>languageModels</nowiki>
| <nowiki>The path to the directory containing the language models </nowiki>
| lang-detect.properties:4
|-
| <nowiki>com.openexchange.langdetect.languageCodesFile</nowiki>
| <nowiki>language-codes.properties</nowiki>
| <nowiki>Maps language to their code </nowiki>
| lang-detect.properties:7
|-
| <nowiki>com.sun.jndi.ldap.connect.timeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Timeouts are useful to get quick responses for login requests. This timeout is used if a new connection is established. </nowiki>
| ldapauth.properties:12
|-
| <nowiki>com.sun.jndi.ldap.read.timeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>This timeout only works since Java 6 SE to time out waiting for a response. </nowiki>
| ldapauth.properties:15
|-
| <nowiki>uidAttribute</nowiki>
| <nowiki>uid</nowiki>
| <nowiki>This attribute is used login. E.g. uid=<login>,baseDN </nowiki>
| ldapauth.properties:18
|-
| <nowiki>baseDN</nowiki>
| <nowiki>ou=Users,ou=OxObjects,dc=open-xchange,dc=com</nowiki>
| <nowiki>This is the base distinguished name where the user are located. </nowiki>
| ldapauth.properties:21
|-
| <nowiki>ldapReturnField</nowiki>
| <nowiki></nowiki>
| <nowiki>If you do not want to pass on the user id, used for authentication, to the groupware but another field entry of the LDAP user object, then you can specify the field here. </nowiki>
| ldapauth.properties:26
|-
| <nowiki>adsBind</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This option activates a special ADS bind. It allows the user to authenticate at the ADS with only the displayName or by using the syntax DOMAIN\Samaccountname. Note that "\" cannot be used in user names when this option is activated. </nowiki>
| ldapauth.properties:32
|-
| <nowiki>subtreeSearch</nowiki>
| <nowiki>false</nowiki>
| <nowiki>set subtreeSearch to true if the user entries are not directly below the baseDN, and e.g. distributed over one or more subtrees. The bindDN to authenticate the user will then determined using a search over the complete tree below baseDN NOTE: When two users exist with the same uidAttribute, authentication will be refused, though. </nowiki>
| ldapauth.properties:40
|-
| <nowiki>searchFilter</nowiki>
| <nowiki>(objectclass=posixAccount)</nowiki>
| <nowiki>specify the filter to limit the search of user entries (used in combination with subtreeSearch=true. the filter will be ANDed with the attributed specified in uidAttribute. Example: (&(objectclass=posixAccount)(uid=foo)) </nowiki>
| ldapauth.properties:47
|-
| <nowiki>java.naming.provider.url</nowiki>
| <nowiki>ldap://localhost:389/dc=example,dc=com</nowiki>
| <nowiki>URL of the LDAP server to connect to for authenticating users. ldaps is supported. </nowiki>
| ldapauth.properties:5
|-
| <nowiki>bindDN</nowiki>
| <nowiki></nowiki>
| <nowiki>if your LDAP server does not allow to do searches without any authentication, specify a dn here to bind in order to search (used in combination with subtreeSearch=true). </nowiki>
| ldapauth.properties:52
|-
| <nowiki>bindDNPassword</nowiki>
| <nowiki></nowiki>
| <nowiki>the password required for the bindDN </nowiki>
| ldapauth.properties:55
|-
| <nowiki>referral</nowiki>
| <nowiki>follow</nowiki>
| <nowiki>This option configures how to handle the chasing of referrals in LDAP (see http://java.sun.com/products/jndi/tutorial/ldap/referral/overview.html). possible values: ignore, follow, throw </nowiki>
| ldapauth.properties:60
|-
| <nowiki>java.naming.security.authentication</nowiki>
| <nowiki>simple</nowiki>
| <nowiki>Defines the authentication security that should be used. </nowiki>
| ldapauth.properties:8
|-
| <nowiki>com.openexchange.licensekey.1</nowiki>
| <nowiki>OX-AS-MK-123456-789</nowiki>
| <nowiki></nowiki>
| licensekeys.properties:1
|-
| <nowiki>modules/themes/light_breeze</nowiki>
| <nowiki>Light Breeze</nowiki>
| <nowiki>The following property defines the light breeze theme of the AJAX GUI. </nowiki>
| light-breeze-theme.properties:4
|-
| <nowiki>com.openexchange.oauth.linkedin</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable LinkedIn OAuth support </nowiki>
| linkedinoauth.properties:2
|-
| <nowiki>com.openexchange.socialplugin.linkedin.apikey</nowiki>
| <nowiki>REPLACE_THIS_WITH_THE_KEY_FROM_YOUR_LINKEDIN_APP</nowiki>
| <nowiki>These keys are either pre-filled or need to be replaced by ones gotten from an application managed at linkedIn for information how to create this application please see http://oxpedia.org/wiki/index.php?title=LinkedIn_Bundles </nowiki>
| linkedinoauth.properties:6
|-
| <nowiki>com.openexchange.socialplugin.linkedin.apisecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_THE_SECRET_FROM_YOUR_LINKEDIN_APP</nowiki>
| <nowiki></nowiki>
| linkedinoauth.properties:7
|-
| <nowiki>com.openexchange.subscribe.socialplugin.linkedin</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| linkedinsubscribe.properties:1
|-
| <nowiki>com.openexchange.subscribe.socialplugin.linkedin.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| linkedinsubscribe.properties:2
|-
| <nowiki>log4j.rootLogger</nowiki>
| <nowiki> ERROR, console</nowiki>
| <nowiki></nowiki>
| log4j.properties:1
|-
| <nowiki>log4j.rootLogger</nowiki>
| <nowiki> ERROR, console</nowiki>
| <nowiki></nowiki>
| log4j.properties:1
|-
| <nowiki>log4j.appender.console</nowiki>
| <nowiki>org.apache.log4j.ConsoleAppender</nowiki>
| <nowiki></nowiki>
| log4j.properties:3
|-
| <nowiki>log4j.appender.console</nowiki>
| <nowiki>org.apache.log4j.ConsoleAppender</nowiki>
| <nowiki></nowiki>
| log4j.properties:3
|-
| <nowiki>log4j.appender.console</nowiki>
| <nowiki>org.apache.log4j.ConsoleAppender</nowiki>
| <nowiki></nowiki>
| log4j.properties:3
|-
| <nowiki>log4j.appender.console.layout</nowiki>
| <nowiki>org.apache.log4j.PatternLayout</nowiki>
| <nowiki></nowiki>
| log4j.properties:4
|-
| <nowiki>log4j.appender.console.layout</nowiki>
| <nowiki>org.apache.log4j.PatternLayout</nowiki>
| <nowiki></nowiki>
| log4j.properties:4
|-
| <nowiki>log4j.appender.console.layout</nowiki>
| <nowiki>org.apache.log4j.PatternLayout</nowiki>
| <nowiki></nowiki>
| log4j.properties:4
|-
| <nowiki>log4j.appender.console.layout.ConversionPattern</nowiki>
| <nowiki> %d{dd.MM.yyyy HH:mm:ss} [%t] %-5p %c{1} - %m%n</nowiki>
| <nowiki></nowiki>
| log4j.properties:5
|-
| <nowiki>log4j.appender.console.layout.ConversionPattern</nowiki>
| <nowiki> %d{dd.MM.yyyy HH:mm:ss} [%t] %-5p %c{1} - %m%n</nowiki>
| <nowiki></nowiki>
| log4j.properties:5
|-
| <nowiki>log4j.appender.console.layout.ConversionPattern</nowiki>
| <nowiki> %d{dd.MM.yyyy HH:mm:ss} [%t] %-5p %c{1} - %m%n</nowiki>
| <nowiki></nowiki>
| log4j.properties:5
|-
| <nowiki>log4j.logger.com.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:7
|-
| <nowiki>log4j.logger.com.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:7
|-
| <nowiki>log4j.logger.de.kippdata</nowiki>
| <nowiki>INFO,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:7
|-
| <nowiki>log4j.logger.org.apache.solr</nowiki>
| <nowiki>WARN,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:8
|-
| <nowiki>log4j.logger.com.openexchange.realtime.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:8
|-
| <nowiki>log4j.logger.com.openexchange.realtime.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:8
|-
| <nowiki>log4j.logger.org.apache.solr.analysis</nowiki>
| <nowiki>ERROR,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:9
|-
| <nowiki>com.openexchange.login.internal.LoginPerformer.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof. </nowiki>
| logging.properties:15
|-
| <nowiki>com.openexchange.sessiond.impl.SessionHandler.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:16
|-
| <nowiki>sun.rmi.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:18
|-
| <nowiki>org.apache.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| logging.properties:19
|-
| <nowiki>.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>possible log levels are ALL INFO DEBUG </nowiki>
| logging.properties:2
|-
| <nowiki>com.sun.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:20
|-
| <nowiki>javax.management.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:21
|-
| <nowiki>com.hazelcast.level</nowiki>
| <nowiki>SEVERE</nowiki>
| <nowiki></nowiki>
| logging.properties:22
|-
| <nowiki>com.openexchange.documentconverter.impl.IManager.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| logging.properties:23
|-
| <nowiki>handlers</nowiki>
| <nowiki>java.util.logging.ConsoleHandler</nowiki>
| <nowiki></nowiki>
| logging.properties:4
|-
| <nowiki>java.util.logging.ConsoleHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| logging.properties:5
|-
| <nowiki>com.openexchange.ajax.login.http-auth.client</nowiki>
| <nowiki>com.openexchange.ox.gui.dhtml</nowiki>
| <nowiki>Every client tells the backend through the client parameter on the login request his identity. This is not possible when using the HTTP authorization header based login. So the client identifier for that request is defined here. It must be the same identifier that the web frontend uses, if you set com.openexchange.cookie.hash to calculate and want the previously configured autologin to work. Identifier for web UI is: com.openexchange.ox.gui.dhtml </nowiki>
| login.properties:14
|-
| <nowiki>com.openexchange.ajax.login.http-auth.version</nowiki>
| <nowiki>HTTP Auth</nowiki>
| <nowiki>The version of the client when using the HTTP Authorization Header based login. This should not be the normal web frontend version because a different version can be used to distinguish logins through HTTP authorization header and normal login request. </nowiki>
| login.properties:18
|-
| <nowiki>com.openexchange.ajax.login.insecure</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether an insecure login is allowed. Meaning if local IP and/or user-agent strings are replaced in associated user session on login redirect or login redeem requests. To create a session from a server for some client you have to pass the clients IP address when creating the session. WARNING! Setting this parameter to true may result in users seeing a different users content if the infrastructure around OX does not work correctly. </nowiki>
| login.properties:30
|-
| <nowiki>com.openexchange.ajax.login.redirect.changeIPAllowed</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This option has only an effect if com.openexchange.ajax.login.insecure is configured to true. This option allows to enable the IP check for /ajax/login?action=redirect requests. This request is mostly used to create a session without using the OX web UI login screen. The previous behavior allowed to change the IP for this request. Configure this option to false to have an IP check during this request. Additionally you can white list IP addresses from that an IP change is still allowed. This is useful if other systems in the infrastructure around OX want to create the session. </nowiki>
| login.properties:37
|-
| <nowiki>com.openexchange.ajax.login.randomToken</nowiki>
| <nowiki>false</nowiki>
| <nowiki>The Random-Token is a one time token with a limited lifetime, which is used to initiate sessions through 3rd party applications or websites. It is a UUID, generated by the backend via default Java UUID implementation. This token is deprecated and disabled by default. Setting this to false will prevent a random token from being written as part of the login response and prevent logins via a random token. </nowiki>
| login.properties:43
|-
| <nowiki>com.openexchange.ajax.login.formatstring.login</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the format for a logged login. Default format string "$login $ip $auth $agent $client $c $u $s" $s - session information $c - context information $u - user information $login - login string $ip - IP $auth - auth ID $agent - User-Agent $client - client identifier (and version) $iface - associated interface e.g. "$u - $c - $s - $agent - $client" Default is empty; meaning default format string. </nowiki>
| login.properties:61
|-
| <nowiki>com.openexchange.ajax.login.formatstring.logout</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the format for a logged logout. Default format string "Logout $c $u $s" $s - session information $c - context information $u - user information e.g. "$u - $c - $s" Default is empty; meaning default format string. </nowiki>
| login.properties:73
|-
| <nowiki>com.openexchange.ajax.login.http-auth.autologin</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures if some user is able to reenter his existing session after closing the browser tab or the complete browser. Setting this to true may be a security risk for clients running on unsafe computers. If this is configured to true, check that the parameter client contains the same identifier the UI sends as client parameter on normal login request. Otherwise the backend will not be able to rediscover the users session after closing the browser tab. This parameter only applies to the HTTP authorization header based login request. </nowiki>
| login.properties:8
|-
| <nowiki>strategy </nowiki>
| <nowiki> SimpleStrategy</nowiki>
| <nowiki>two options here either SimpleStrategy or NetworkTopologyStrategy </nowiki>
| loxandra.properties:13
|-
| <nowiki>node </nowiki>
| <nowiki> 192.168.33.37:9160</nowiki>
| <nowiki>node ip with port eg. node = 127.0.0.1:9160 </nowiki>
| loxandra.properties:3
|-
| <nowiki>keyspace </nowiki>
| <nowiki> OX</nowiki>
| <nowiki>keyspace name </nowiki>
| loxandra.properties:6
|-
| <nowiki>replication_factor </nowiki>
| <nowiki> 3</nowiki>
| <nowiki>replication factor of the keyspace </nowiki>
| loxandra.properties:9
|-
| <nowiki>com.openexchange.push.allowedClients</nowiki>
| <nowiki>"USM-EAS*", "USM-JSON*"</nowiki>
| <nowiki>Specify the comma-separated list of clients which are allowed to receive notifications about new mails. Wild-card notation is allowed. </nowiki>
| mail-push.properties:5
|-
| <nowiki>com.openexchange.mail.watcherTime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>Define exceeding time in milliseconds for mail connections. If use time of an mail connection exceeds this value it is logged. Thus unclosed connections can be detected. </nowiki>
| mail.properties:104
|-
| <nowiki>com.openexchange.mail.watcherShallClose</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define if watcher is allowed to close exceeded mail connections </nowiki>
| mail.properties:107
|-
| <nowiki>com.openexchange.mail.JavaMailProperties</nowiki>
| <nowiki>javamail.properties</nowiki>
| <nowiki>JavaMail Properties </nowiki>
| mail.properties:110
|-
| <nowiki>com.openexchange.mail.phishingHeader</nowiki>
| <nowiki></nowiki>
| <nowiki>A comma-separated list of headers which identifies phishing headers; e.g. X-Phishing1,X-Phishing2,etc. Leave empty for no phishing header. </nowiki>
| mail.properties:115
|-
| <nowiki>com.openexchange.mail.adminMailLoginEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define whether a context admin is allowed to login to mail system or not. Note that a mail account is supposed to exist if set to true; if not an authentication error will occur. </nowiki>
| mail.properties:120
|-
| <nowiki>com.openexchange.mail.addClientIPAddress</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Set whether client's IP address should be added to mail headers on delivery as custom header "X-Originating-IP" </nowiki>
| mail.properties:124
|-
| <nowiki>com.openexchange.mail.rateLimitPrimaryOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Define if the rateLimit and maxToCcBcc settings below will only affect the primary account or all accounts </nowiki>
| mail.properties:128
|-
| <nowiki>com.openexchange.mail.rateLimit</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Define the time (in milliseconds) which must pass by before a new mail can be sent A value of 0 disables the limit. </nowiki>
| mail.properties:132
|-
| <nowiki>com.openexchange.mail.maxToCcBcc</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Define the allowed maximum number of recipients in a mail A value of 0 disables the limit. </nowiki>
| mail.properties:136
|-
| <nowiki>com.openexchange.mail.passwordSource</nowiki>
| <nowiki>session</nowiki>
| <nowiki>Set the password source for primary mail/transport account; meaning which source is taken to determine a user's password to login into mailing system. If 'session' is set, then user's individual system's password is taken. If 'global' is set, then the value specified through property 'com.openexchange.mail.masterPassword' is taken. Currently known values: session and global </nowiki>
| mail.properties:14
|-
| <nowiki>com.openexchange.mail.hidePOP3StorageFolders</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether folders which carry a POP3 account shall not be displayed. This property affects primary account only. </nowiki>
| mail.properties:140
|-
| <nowiki>com.openexchange.mail.deleteDraftOnTransport</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to delete draft messages when sent out Note: Client MUST provide appropriate value in "sendtype" field; see http://oxpedia.org/wiki/index.php?title=HTTP_API#Send_a_mail </nowiki>
| mail.properties:145
|-
| <nowiki>com.openexchange.mail.supportMsisdnAddresses</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define if MSISDN addresses are supported or not. </nowiki>
| mail.properties:148
|-
| <nowiki>com.openexchange.mail.translateDefaultFolders</nowiki>
| <nowiki>true</nowiki>
| <nowiki>If set to 'false', translation of names of the mail default folders is not performed, if naming differs from pre-defined default values. Thus custom set names can be specified for Trash, Drafts, Sent & Spam folder. By default this value is 'true'. Pre-defined names are: "Trash" "Drafts" "Sent objects" "Spam" </nowiki>
| mail.properties:160
|-
| <nowiki>com.openexchange.mail.maxMailSize</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the max. mail size allowed being transported A value of zero or less means infinite. Default is -1 (infinite) </nowiki>
| mail.properties:173
|-
| <nowiki>com.openexchange.mail.hideDetailsForDefaultAccount</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to hide rather technical data from JSON representation of the primary mail account e.g. port, server name, secure flag, etc. Default is false </nowiki>
| mail.properties:178
|-
| <nowiki>com.openexchange.mail.maxForwardCount</nowiki>
| <nowiki>8</nowiki>
| <nowiki>Specifies the max. number of message attachments that are allowed to be forwarded as attachment Default is 8 </nowiki>
| mail.properties:182
|-
| <nowiki>com.openexchange.mail.account.blacklist</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies a black-list for those hosts that are covered by denoted IP range; e.g. "127.0.0.1-127.255.255.255" An empty value means no black-listing is active Default is empty </nowiki>
| mail.properties:187
|-
| <nowiki>com.openexchange.mail.imageHost</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the host/domain from which to load inlined images contained in message content Example "com.openexchange.mail.imageHost=http://my.imagehost.org". In case no protocol/schema is specified, "http" is assumed by default Default is empty; meaning to load from originating host </nowiki>
| mail.properties:193
|-
| <nowiki>com.openexchange.mail.mailServerSource</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Set the mail server source for primary mail account; meaning which source is taken to determine the mail server into which the user wants to login to access mails. Set to 'global' to take the value specified through property "com.openexchange.mail.mailServer". Set to 'user' to take user's individual mail server settings as specified in storage. Currently known values: user and global </nowiki>
| mail.properties:21
|-
| <nowiki>com.openexchange.mail.transportServerSource</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Set the transport server source for primary transport account; meaning which source is taken to determine the transport server into which the user wants to login to transport mails. Set to 'global' to take the value specified through property "com.openexchange.mail.transportServer". Set to 'user' to take user's individual transport server settings as specified in storage. Currently known values: user and global </nowiki>
| mail.properties:28
|-
| <nowiki>com.openexchange.mail.masterPassword</nowiki>
| <nowiki>secret</nowiki>
| <nowiki>The master password for primary mail/transport server. Only takes effect when property "com.openexchange.mail.passwordSource" is set to "global" </nowiki>
| mail.properties:32
|-
| <nowiki>com.openexchange.mail.mailServer</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>Primary mail server: e.g. 192.168.178.32:8143 or imap://192.168.178.32:7143 Only takes effect when property "com.openexchange.mail.mailServerSource" is set to "global" </nowiki>
| mail.properties:36
|-
| <nowiki>com.openexchange.mail.transportServer</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>Primary transport server: e.g. 192.168.178.32:125 or smtp://192.168.178.32:225 Only takes effect when property "com.openexchange.mail.transportServerSource" is set to "global" </nowiki>
| mail.properties:40
|-
| <nowiki>com.openexchange.mail.defaultMailProvider</nowiki>
| <nowiki>imap</nowiki>
| <nowiki>The mail provider fallback if an URL does not contain/define a protocol </nowiki>
| mail.properties:43
|-
| <nowiki>mail.mime.charset</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the default MIME charset used for character encoding. This setting will then be accessible through system property "mail.mime.charset". This parameter takes effect for the complete mail module where no charset is given. </nowiki>
| mail.properties:48
|-
| <nowiki>com.openexchange.mail.mailFetchLimit</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>Define the max. fetch limit; meaning all mails whose count is less than or equal to this value are going to be fetched with all attributes set. Thus these mails can be put into message cache for subsequent list requests. </nowiki>
| mail.properties:53
|-
| <nowiki>com.openexchange.mail.attachmentDisplaySizeLimit</nowiki>
| <nowiki>8192</nowiki>
| <nowiki>maximum size of email text attachments that will be displayed inline ( in bytes) </nowiki>
| mail.properties:57
|-
| <nowiki>com.openexchange.mail.mailAccessCacheShrinkerSeconds</nowiki>
| <nowiki>3</nowiki>
| <nowiki>Define the interval seconds of the mail access cache's shrinker thread </nowiki>
| mail.properties:60
|-
| <nowiki>com.openexchange.mail.mailAccessCacheIdleSeconds</nowiki>
| <nowiki>4</nowiki>
| <nowiki>Define the idle seconds a mail access may reside in mail access cache before it is removed by shrinker thread </nowiki>
| mail.properties:63
|-
| <nowiki>com.openexchange.mail.quoteLineColors</nowiki>
| <nowiki>#a14044,#917722,#599351,#516193,#666666</nowiki>
| <nowiki>Comma-separated hex values of colors for displaying quoted text emails </nowiki>
| mail.properties:66
|-
| <nowiki>com.openexchange.mail.userFlagsEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable user defined flags </nowiki>
| mail.properties:69
|-
| <nowiki>com.openexchange.mail.loginSource</nowiki>
| <nowiki>login</nowiki>
| <nowiki>Set the login source for primary mail/transport account; meaning which source is taken to determine a user's login for mailing system. If 'login' is set, then user's individual mail login as defined in user storage is taken. If 'mail' is set, then user's individual primary email address is taken. If 'name' is set, then user's individual system's user name is taken. Currently known values: login, mail, and name </nowiki>
| mail.properties:7
|-
| <nowiki>com.openexchange.mail.partModifierImpl</nowiki>
| <nowiki>com.openexchange.mail.partmodifier.DummyPartModifier</nowiki>
| <nowiki>Define the implementing class of PartModifier. This class is then be used to manipulate the email before displaying. </nowiki>
| mail.properties:73
|-
| <nowiki>com.openexchange.mail.allowNestedDefaultFolderOnAltNamespace</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This property defines if the default folders of an user (Draft, Sent, Spam & Trash) are going to be placed right below folder "INBOX" even if feature "altNamespace" is enabled. NOTE: This property requires that subfolders are still permitted below initial folder "INBOX" even though "altNamespace" is enabled. </nowiki>
| mail.properties:80
|-
| <nowiki>com.openexchange.mail.ignoreSubscription</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Defines if folder subscription is ignored when listing mail folders If set to 'true', all folders - regardless of their subscription status - are going to be listed </nowiki>
| mail.properties:85
|-
| <nowiki>com.openexchange.mail.supportSubscription</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Define if underlying store should support subscription </nowiki>
| mail.properties:88
|-
| <nowiki>com.openexchange.mail.defaultSeparator</nowiki>
| <nowiki>/</nowiki>
| <nowiki>Define the separator within folder fullnames if not available from mail server </nowiki>
| mail.properties:91
|-
| <nowiki>com.openexchange.mail.watcherEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The watcher checks after watcherFrequency for mail connections used for more than watcherTime milliseconds and logs this mail connection. If watcherShallClose is set to true those connections will be closed. </nowiki>
| mail.properties:96
|-
| <nowiki>com.openexchange.mail.watcherFrequency</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define watcher's frequency in milliseconds </nowiki>
| mail.properties:99
|-
| <nowiki>com.openexchange.mail.enforceSecureConnection</nowiki>
| <nowiki>false</nowiki>
| <nowiki>controls whether external mail accounts may only be subscribed if the associated provider supports accessing it by using a secure connection (either SSL or TLS). If neither SSL nor TLS is supported, account subscription is rejected. </nowiki>
| mail.properties
|-
| <nowiki>SIEVE_CREDSRC</nowiki>
| <nowiki>session</nowiki>
| <nowiki>Specify which sieve credentials should be use. Two options are allowed here: "session" : login name and password are used from the current session "session-full-login" : full login (incl. context part) name and password are used from the current session "imapLogin" : the login name is taken from the field imapLogin of the current user the password is taken from the current session "mail" : use the primary mail address of the user and the password from the session </nowiki>
| mailfilter.properties:13
|-
| <nowiki>SIEVE_SERVER</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>to override the sieve server defaults specify a value for the sieve server here </nowiki>
| mailfilter.properties:16
|-
| <nowiki>SIEVE_PORT</nowiki>
| <nowiki>2000</nowiki>
| <nowiki>Specify the SIEVE port ----------------------------------------------------------- NOTE: 2000 is the deprecated port number for SIEVE (now assigned to some Cisco SCCP protocol by the IANA) 4190 is the new one used with most recent Linux and IMAP implementations. Please check your system's default port defined at /etc/services. ----------------------------------------------------------- </nowiki>
| mailfilter.properties:24
|-
| <nowiki>SCRIPT_NAME</nowiki>
| <nowiki>Open-Xchange</nowiki>
| <nowiki>If you want the script to be generated with another script name change it here. Note that the mail filter bundle will then leave the old script with the old script name behind, and doesn't delete it </nowiki>
| mailfilter.properties:29
|-
| <nowiki>SIEVE_AUTH_ENC</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the charset encoding to use for authentication to sieve server </nowiki>
| mailfilter.properties:32
|-
| <nowiki>NON_RFC_COMPLIANT_TLS_REGEX</nowiki>
| <nowiki>^Cyrus.*v([0-1]\\.[0-9].*|2\\.[0-2].*|2\\.3\\.[0-9]|2\\.3\\.[0-9][^0-9].*)$</nowiki>
| <nowiki>Define the regex which recognizes servers with incorrect sieve TLS implementation </nowiki>
| mailfilter.properties:35
|-
| <nowiki>TLS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether to use TLS if available </nowiki>
| mailfilter.properties:38
|-
| <nowiki>SIEVE_LOGIN_TYPE</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Specify which sieve server should be used. Two options are allowed here: user : use the imap server setting stored for user in the database global : use the sieve server given in this config file for all users </nowiki>
| mailfilter.properties:4
|-
| <nowiki>VACATION_DOMAINS</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify here if vacation messages should only be sent to specific domains If multiple domains are given, they should be separated by "," e.g. VACATION_DOMAINS=testdomain.com,example.com </nowiki>
| mailfilter.properties:43
|-
| <nowiki>com.openexchange.mail.filter.connectionTimeout</nowiki>
| <nowiki>30000</nowiki>
| <nowiki>Specifies when the connection should time out (value in milliseconds) </nowiki>
| mailfilter.properties:46
|-
| <nowiki>com.openexchange.mail.filter.passwordSource</nowiki>
| <nowiki>session</nowiki>
| <nowiki>Set the password source; meaning which source is taken to determine a user's password to login into mail filter system. If 'session' is set, then user's individual system's password is taken. If 'global' is set, then the value specified through property 'com.openexchange.mail.filter.masterPassword' is taken. Currently known values: session and global </nowiki>
| mailfilter.properties:53
|-
| <nowiki>com.openexchange.mail.filter.masterPassword</nowiki>
| <nowiki></nowiki>
| <nowiki>The master password for mail/transport server. Only takes effect when property "com.openexchange.mail.filter.passwordSource" is set to "global" </nowiki>
| mailfilter.properties:57
|-
| <nowiki>com.openexchange.mail.filter.useUTF7FolderEncoding</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This property defines if mailbox names shall be UTF-7 encoded as specified in RFC2060; section 5.1.3. "Mailbox International Naming Convention". Default is "false"; meaning no UTF-7 encoding is performed. Set to "true" for those Cyrus IMAP server versions that do NOT support "sieve_utf8fileinto" property (e.g. lower than v2.3.11) Set to "true" for those Cyrus IMAP server versions that support "sieve_utf8fileinto" property having that property set to "0". Thus moving mails with the 'fileinto' command will properly work for mailbox names that contain non-ascii characters </nowiki>
| mailfilter.properties:65
|-
| <nowiki>com.openexchange.mail.filter.punycode</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable punycode encoding for the username used in authentication against the managesieve server </nowiki>
| mailfilter.properties:68
|-
| <nowiki>com.openexchange.mail.filter.useSIEVEResponseCodes</nowiki>
| <nowiki>false</nowiki>
| <nowiki>interpret SIEVE Response Codes, see https://tools.ietf.org/html/rfc5804#section-1.3 in most cases, this option must be kept to false </nowiki>
| mailfilter.properties:72
|-
| <nowiki>com.openexchange.mail.filter.redirectWhitelist</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify a comma-separated list of domains (wild-card syntax supported) that are allowed for redirect rules </nowiki>
| mailfilter.properties:75
|-
| <nowiki>com.openexchange.mail.filter.preferGSSAPI</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether to prefer GSSAPI authentication mechanism if supported by SIEVE backend Default is false. </nowiki>
| mailfilter.properties:79
|-
| <nowiki>com.openexchange.push.malpoll.concurrentglobal</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the tasks executed by global timer are executed concurrently or by calling timer's thread. Note: This property only has effect if "com.openexchange.push.malpoll.global" is set to "true" </nowiki>
| malpoll.properties:14
|-
| <nowiki>com.openexchange.push.malpoll.folder</nowiki>
| <nowiki>INBOX</nowiki>
| <nowiki>Define the folder to look-up for new mails in each mailbox Default is INBOX folder </nowiki>
| malpoll.properties:18
|-
| <nowiki>com.openexchange.push.malpoll.period</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Define the amount of time in milliseconds when to periodically check for new mails. Default is 300000 (5 minutes). </nowiki>
| malpoll.properties:3
|-
| <nowiki>com.openexchange.push.malpoll.global</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether a global timer is set or a timer per user Or in other words: Do you want a global heartbeat or a heartbeat per per user? Default is true. </nowiki>
| malpoll.properties:8
|-
| <nowiki>JMXBindAddress</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>Define the bind address for JMX agent Use value "*" to let the JMX monitor bind to all interfaces </nowiki>
| management.properties:11
|-
| <nowiki>JMXLogin</nowiki>
| <nowiki></nowiki>
| <nowiki>Define the JMX login for authentication Leaving this property empty means not to use authentication </nowiki>
| management.properties:15
|-
| <nowiki>JMXPassword</nowiki>
| <nowiki></nowiki>
| <nowiki>Define the JMX password in SHA hashed version This property only has effect if previous property "JMXLogin" is set. The following perl command can be used to generate such a password: perl -M'Digest::SHA1 qw(sha1_base64)' -e 'print sha1_base64("YOURSECRET")."=\n";' that requires to install the Digest::SHA1 perl module, of course. </nowiki>
| management.properties:25
|-
| <nowiki>JMXPort</nowiki>
| <nowiki>9999</nowiki>
| <nowiki>Define the port for the RMI Registry. The default is 9999. </nowiki>
| management.properties:3
|-
| <nowiki>JMXServerPort</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Define the JMX RMI Connector Server port. Typically chosen randomly by JVM. The default is -1; meaning that port is randomly determined by JVM </nowiki>
| management.properties:7
|-
| <nowiki>com.openexchange.messaging.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Determines whether messaging is enabled for this server </nowiki>
| messaging.properties:2
|-
| <nowiki>com.openexchange.subscribe.microformats.contacts.http</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:1
|-
| <nowiki>com.openexchange.subscribe.microformats.infostore.http</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:2
|-
| <nowiki>com.openexchange.subscribe.microformats.contacts.http.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:3
|-
| <nowiki>com.openexchange.subscribe.microformats.infostore.http.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:4
|-
| <nowiki>com.openexchange.subscribe.microformats.allowedHosts</nowiki>
| <nowiki></nowiki>
| <nowiki>Optionally specifies the list of accepted host names allowed being subscribed If property is empty, there is no restriction for such subscriptions Otherwise non-matching host names are rejected. </nowiki>
| microformatSubscription.properties:9
|-
| <nowiki>iPhoneTemplate.tmpl </nowiki>
| <nowiki> mobile_configuration</nowiki>
| <nowiki></nowiki>
| mobile.configuration.generator.properties:1
|-
| <nowiki>winMobileTemplate.tmpl </nowiki>
| <nowiki> mobile_configuration</nowiki>
| <nowiki></nowiki>
| mobile.configuration.generator.properties:2
|-
| <nowiki>com.openxchange.mobilenotifier.enabled </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Sets whether Mobilenotifier module is enabled at all </nowiki>
| mobilenotifier.properties:4
|-
| <nowiki>com.openexchange.mobilenotifier.mail.maxContentSize </nowiki>
| <nowiki> 200</nowiki>
| <nowiki>Defines the maximum content size of the mail content that should be displayed </nowiki>
| mobilenotifiermail.properties:4
|-
| <nowiki>com.openexchange.oauth.msliveconnect</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable MS Live OAuth support </nowiki>
| msliveconnectoauth.properties
|-
| <nowiki>com.openexchange.oauth.msliveconnect.apiKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_KEY</nowiki>
| <nowiki></nowiki>
| msliveconnectoauth.properties
|-
| <nowiki>com.openexchange.oauth.msliveconnect.apiSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_SECRET</nowiki>
| <nowiki></nowiki>
| msliveconnectoauth.properties
|-
| <nowiki>notify_participants_on_delete </nowiki>
| <nowiki> true</nowiki>
| <nowiki></nowiki>
| notification.properties:27
|-
| <nowiki>object_link</nowiki>
| <nowiki>http://[hostname]/[uiwebpath]#m=[module]&i=[object]&f=[folder]</nowiki>
| <nowiki></nowiki>
| notification.properties:35
|-
| <nowiki>imipForInternalUsers </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Enables/Disables imip-mails for internal users. </nowiki>
| notification.properties:38
|-
| <nowiki>com.openexchange.notification.fromSource</nowiki>
| <nowiki>defaultSenderAddress</nowiki>
| <nowiki>This property defines which email address of a user is used as from header when this user triggers notification mails. Possible values are: primaryMail or defaultSenderAddress </nowiki>
| notification.properties:42
|-
| <nowiki>com.openexchange.oauth.provider.validator.maxVersion</nowiki>
| <nowiki>1.0</nowiki>
| <nowiki>The maximum valid oauth_version Default value is 1.0. </nowiki>
| oauth-provider.properties:13
|-
| <nowiki>com.openexchange.oauth.provider.validator.v2.maxTimestampAgeMsec</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>The range of valid time stamps, in milliseconds into the past or future. So the total range of valid time stamps is twice this value, rounded to the nearest second. Default value is 5 minutes (300000). </nowiki>
| oauth-provider.properties:18
|-
| <nowiki>com.openexchange.oauth.provider.validator.v2.maxVersion</nowiki>
| <nowiki>2.0</nowiki>
| <nowiki>The maximum valid OAuth v2 version Default value is 2.0. </nowiki>
| oauth-provider.properties:22
|-
| <nowiki>com.openexchange.oauth.provider.secret</nowiki>
| <nowiki>f58c636e089745d4a79679d726aca8b5</nowiki>
| <nowiki>The secret identifier </nowiki>
| oauth-provider.properties:4
|-
| <nowiki>com.openexchange.oauth.provider.validator.maxTimestampAgeMsec</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>The range of valid time stamps, in milliseconds into the past or future. So the total range of valid time stamps is twice this value, rounded to the nearest second. Default value is 5 minutes (300000). </nowiki>
| oauth-provider.properties:9
|-
| <nowiki>com.openexchange.oauth.callback</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Sets whether call-back policy is enabled when performing OAuth authentication If false; oob (out-of-band) is used which requires user interaction to provide the verifier (pin) Default is false </nowiki>
| oauth.properties:6
|-
| <nowiki>RMI_HOSTNAME</nowiki>
| <nowiki>rmi://localhost:1099/</nowiki>
| <nowiki> admin daemon rmi URL </nowiki>
| open-xchange-admin-soap.properties:14
|-
| <nowiki>LOCK_WAIT_TIME</nowiki>
| <nowiki>10</nowiki>
| <nowiki> How long (in seconds) the system should wait for a lock before throwing exceptions </nowiki>
| open-xchange-admin-soap.properties:20
|-
| <nowiki>MAX_RMI_CONNECT_ATTEMPTS</nowiki>
| <nowiki>2</nowiki>
| <nowiki> maximum attempts to reconnect to the admin daemon </nowiki>
| open-xchange-admin-soap.properties:4
|-
| <nowiki>CONNECT_ATTEMPTS_DELAY_TIME</nowiki>
| <nowiki>1</nowiki>
| <nowiki> time in seconds to wait between connect attempts </nowiki>
| open-xchange-admin-soap.properties:9
|-
| <nowiki>modules/com.openexchange.help/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| open-xchange-gui-help-plugin.properties:1
|-
| <nowiki>additionalPackages</nowiki>
| <nowiki>org.eclipse.equinox.event_1.3.0.v20130327-1442.jar</nowiki>
| <nowiki></nowiki>
| osgiTest.properties:1
|-
| <nowiki>additionalPackages</nowiki>
| <nowiki></nowiki>
| <nowiki></nowiki>
| osgiTest.properties:1
|-
| <nowiki>mox/config/mailCount</nowiki>
| <nowiki> 50</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:1
|-
| <nowiki>mox/config/defaultContactFolder</nowiki>
| <nowiki> "private"</nowiki>
| <nowiki>can be one of "none", "private" or "global". "none" : no folder is selected by default, the user will be asked on first start "private" : default private addressbook is selected for the user "global" : global addressbook is selected by default for the user </nowiki>
| oxmobile.properties:12
|-
| <nowiki>mox/config/appointmentDays</nowiki>
| <nowiki> 10</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:2
|-
| <nowiki>mox/config/maxAppointmentBreak</nowiki>
| <nowiki> 50</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:3
|-
| <nowiki>mox/subscribedFolders/contacts</nowiki>
| <nowiki> []</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:4
|-
| <nowiki>mox/subscribedFolders/mail</nowiki>
| <nowiki> []</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:5
|-
| <nowiki>mox/subscribedFolders/calendar</nowiki>
| <nowiki> []</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:6
|-
| <nowiki>mox/defaultContactStoreFolder</nowiki>
| <nowiki> -1</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:7
|-
| <nowiki>modules/com.openexchange.custom.parallels/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property enables the Parallels GUI-Plugins </nowiki>
| parallels-ui.properties:2
|-
| <nowiki>ui/parallels/sender_address_hiding_activated</nowiki>
| <nowiki>true</nowiki>
| <nowiki>disable/enable default sender address hiding for POA setups </nowiki>
| parallels-ui.properties:5
|-
| <nowiki>ui/parallels/use_parallels_antispam_features</nowiki>
| <nowiki>true</nowiki>
| <nowiki>should the parallels antispam features be used </nowiki>
| parallels-ui.properties:8
|-
| <nowiki>com.openexchange.custom.parallels.branding.suffix</nowiki>
| <nowiki></nowiki>
| <nowiki>The following defines the options for the branding stuff set via "loginmapping" attributes within a context in OX. Example: If want to brand a context, set a login mapping with a string like this: BRANDING||<YOUR_POA_BRANDED_HOST> com.openexchange.custom.parallels.branding.suffix=BRANDING|| Leave empty if not, or the log will fill up with warnings </nowiki>
| parallels.properties:16
|-
| <nowiki>com.openexchange.custom.parallels.branding.fallbackhost</nowiki>
| <nowiki></nowiki>
| <nowiki> Fallback host which should be used if now branding-host was specified for a context Info: If you need trailing slash, add it here. For compatibility reasons it will not be appended by the server to support also jumping to server scripts IMPORTANT INFO: the notification.properties attribute: "object_link" MUST be set to include the [hostname] placeholder like: https://[hostname]#m=[module]&i=[object]&f=[folder] If this is not set, the systems hostname is used. </nowiki>
| parallels.properties:29
|-
| <nowiki>com.openexchange.custom.parallels.antispam.xmlrpc.port</nowiki>
| <nowiki>3100</nowiki>
| <nowiki> This port will be used to communicate with the "POA XML-RPC Service" to retrieve correct spamd hostname and user so that OX can train spamd via socket communication THIS property below must only contain URL to OX GUI like webmail.system.com/ox6 </nowiki>
| parallels.properties:38
|-
| <nowiki>com.openexchange.custom.parallels.openapi.interface_url</nowiki>
| <nowiki>http://<coreserver>:<port>/</nowiki>
| <nowiki> # OpenAPI properties for managing Black&White Lists via OX GUI This property defines the URL to the HTTP OpenAPI interface of POA </nowiki>
| parallels.properties:44
|-
| <nowiki>com.openexchange.custom.parallels.openapi.auth_enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki> This property defines if OpenAPI calls should be made with http basic auth </nowiki>
| parallels.properties:48
|-
| <nowiki>com.openexchange.custom.parallels.sso_info_servlet</nowiki>
| <nowiki>/ajax/parallels/info</nowiki>
| <nowiki>Properties for the Parallels Plugin The property defines the mount point of the parallels info servlet used to retrieve correct hostname for direktlinks and sessiontimeouts/logout page </nowiki>
| parallels.properties:5
|-
| <nowiki>com.openexchange.custom.parallels.openapi.auth_id</nowiki>
| <nowiki>openapi_user_id</nowiki>
| <nowiki> This property defines OpenAPI http basic auth credentials auth id </nowiki>
| parallels.properties:52
|-
| <nowiki>com.openexchange.custom.parallels.openapi.auth_password</nowiki>
| <nowiki>openapi_password</nowiki>
| <nowiki> This property defines OpenAPI http basic auth credentials auth password </nowiki>
| parallels.properties:56
|-
| <nowiki>com.openexchange.custom.parallels.openapi_servlet</nowiki>
| <nowiki>/ajax/parallels/openapi</nowiki>
| <nowiki> The property defines the mount point of the OX OpenAPI servlet implementation. Typically, no need to change it. </nowiki>
| parallels.properties:61
|-
| <nowiki>com.openexchange.participant.autoSearch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>When searching for participants and the participants selection dialog is opened this option defines if initially all users, groups and resources are displayed or not. If this option is true every opening of the dialog triggers a search request on the server. </nowiki>
| participant.properties:13
|-
| <nowiki>com.openexchange.participant.MaximumNumberParticipants</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Defines the maximum number of participants that can be selected for an appointment or a task. This should prevent slow free busy queries and slow server and GUI responses if in large contexts large number of participants are selected. 0 means no limit. </nowiki>
| participant.properties:19
|-
| <nowiki>com.openexchange.participant.ShowWithoutEmail</nowiki>
| <nowiki>true</nowiki>
| <nowiki>When searching for external participants in contact folders this option defines if contacts without email address are shown. </nowiki>
| participant.properties:7
|-
| <nowiki>com.openexchange.passwordchange.regexp</nowiki>
| <nowiki>[^a-z0-9]</nowiki>
| <nowiki> Configures a regular expression pattern to use when calculating the strength if indicating "com.openexchange.passwordchange.showStrength" is "true", i.e. any character not matching the pattern increases the displayed password strength. Defaults to "[^a-z0-9]". </nowiki>
| passwordchange.properties:11
|-
| <nowiki>com.openexchange.passwordchange.special</nowiki>
| <nowiki>$, _, %</nowiki>
| <nowiki>Defines a string that is shown as an example of special characters that increase a passwords' strength. This should be a subset of characters matched by the pattern defined at "com.openexchange.passwordchange.regexp".
Defaults to "$, _, or %". </nowiki>
| passwordchange.properties:14
|-
| <nowiki>com.openexchange.passwordchange.showStrength</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether to show a graphical indicator reflecting the strength of the current password or not. The strength is evaluated based on matching performed against the pattern defined via "com.openexchange.passwordchange.regexp" during typing. Possible values are "true" to show the strength, or "false", otherwise. Defaults to "false". </nowiki>
| passwordchange.properties:2
|-
| <nowiki>com.openexchange.passwordchange.minLength</nowiki>
| <nowiki>4</nowiki>
| <nowiki>Specifies the minimum required length of a password entered by the user.
Passwords shorter than the configured length are not accepted. Defaults to "4". </nowiki>
| passwordchange.properties:5
|-
| <nowiki>com.openexchange.passwordchange.maxLength</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specifies the minimum required length of a password entered by the user.
Passwords shorter than the configured length are not accepted. A value of "0"
disables the check and allows an unlimited length. Defaults to "0".The maximum length of an entered password. 0 for unlimited. </nowiki>
| passwordchange.properties:8
|-
| <nowiki>com.openexchange.passwordchange.allowedPattern</nowiki>
| <nowiki></nowiki>
| <nowiki>Optionally configures a pattern to match the entered password against, i.e.
only passwords matching this pattern will be accepted. Please note that the
pattern is used to perform a 'positive' test against the entire entered
password, and only matching strings are accepted, so use appropriate
quantifiers as needed. For example, if the backslash character '\' should
not be permitted in passwords, a pattern could look like "[^\\]*", or, if
only ASCII characters should be allowed, the pattern "[\x00-\x7F]*" could
be used (each without the quotation marks). By default, no pattern is
configured, i.e. all character sequences are allowed.</nowiki>
| passwordchange.properties
|-
| <nowiki>com.openexchange.passwordchange.allowedPatternHint</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures a string that is shown to users in an error message after trying
to save a password not fulfilling the pattern defined in
"com.openexchange.passwordchange.allowedPattern". This text should explain
which characters are allowed according to the pattern, and is inserted for
"[...]" in the following error message: "The entered password is illegal
and can't be saved. Allowed characters are: [...]". Required if
"com.openexchange.passwordchange.allowedPattern" is defined.</nowiki>
| passwordchange.properties
|-
| <nowiki>com.openexchange.capability.alone</nowiki>
| <nowiki>false</nowiki>
| <nowiki>The property "alone" signals that the user is the only user in associated context/tenant. It disables certain collaborative features and that would therefore be useless in such a context/tenant. Default is false </nowiki>
| permissions.properties:14
|-
| <nowiki>com.openexchange.capability.filestore</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Signal if file store is available or not Default is true </nowiki>
| permissions.properties:9
|-
| <nowiki>com.openexchange.pop3.pop3TemporaryDown</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define the amount of time in milliseconds a POP3 server is treated as being temporary down. A POP3 server is treated as being temporary down if a socket connect fails. Further requests to the affected POP3 server are going to be denied for the specified amount of time. A value less or equal to zero disables this setting. </nowiki>
| pop3.properties:13
|-
| <nowiki>com.openexchange.pop3.pop3AuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for POP3 authentication </nowiki>
| pop3.properties:16
|-
| <nowiki>com.openexchange.pop3.spamHandler</nowiki>
| <nowiki>DefaultSpamHandler</nowiki>
| <nowiki>Define the registration name of the appropriate spam handler to use </nowiki>
| pop3.properties:19
|-
| <nowiki>com.openexchange.pop3.pop3ConnectionIdleTime</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Define the amount of time in milliseconds an established POP3 connection is kept open although being idle. Since some POP3 servers limit the time period in which connections may be opened/closed, this property allows to keep the connection open to avoid an error on a subsequent login. This property overwrites default connection idle time specified through property "com.openexchange.mail.mailAccessCacheIdleSeconds". </nowiki>
| pop3.properties:27
|-
| <nowiki>com.openexchange.pop3.pop3Timeout</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.pop3.timeout </nowiki>
| pop3.properties:3
|-
| <nowiki>com.openexchange.pop3.pop3BlockSize</nowiki>
| <nowiki>100</nowiki>
| <nowiki>Specify the number of messages (positive integer!) which are allowed to be processed at once. Default is 100. Zero or negative value is defaulted to 100. </nowiki>
| pop3.properties:32
|-
| <nowiki>com.openexchange.pop3.allowPing</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether ping operation is allowed for POP3 account Many POP3 account limit number of allowed login attempts in a certain time interval Default is false </nowiki>
| pop3.properties:37
|-
| <nowiki>com.openexchange.pop3.logDeniedPing</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether denied ping operation shall be indicated as a warning to client Only effective if "com.openexchange.pop3.allowPing" is set to false. Default is true </nowiki>
| pop3.properties:42
|-
| <nowiki>com.openexchange.pop3.ssl.protocols</nowiki>
| <nowiki>SSLv3 TLSv1</nowiki>
| <nowiki>Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Default value is: SSLv3 TLSv1 </nowiki>
| pop3.properties:46
|-
| <nowiki>com.openexchange.pop3.ssl.ciphersuites</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the SSL cipher suites that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Check "http://<ox-grizzly-hostname>:<ox-grizzly-port>/stats/diagnostic?param=ciphersuites" to check available cipher suites. Default value is empty (fall-back to current JVM's default SSL cipher suite) </nowiki>
| pop3.properties:53
|-
| <nowiki>com.openexchange.pop3.pop3ConnectionTimeout</nowiki>
| <nowiki>20000</nowiki>
| <nowiki>Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.pop3.connectiontimeout </nowiki>
| pop3.properties:7
|-
| <nowiki>com.openexchange.preview.cache.quota</nowiki>
| <nowiki>10485760</nowiki>
| <nowiki>Specify the total quota for preview cache for each context This value is used if no individual context quota is defined. A value of zero or less means no quota Default is 10485760 (10MB) </nowiki>
| preview.properties:11
|-
| <nowiki>com.openexchange.preview.cache.quotaPerDocument</nowiki>
| <nowiki>524288</nowiki>
| <nowiki>Specify the quota per document for preview cache for each context This value is used if no individual quota per document is defined. A value of zero or less means no quota Default is 524288 (512KB) </nowiki>
| preview.properties:17
|-
| <nowiki>com.openexchange.preview.cache.type</nowiki>
| <nowiki>FS</nowiki>
| <nowiki>Specifies what type of storage is used for caching previews Either file store ("FS") or database ("DB"). Default is "FS" (file store) </nowiki>
| preview.properties:22
|-
| <nowiki>com.openexchange.preview.cache.quotaAware</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies if storing previews in file store affects user's file store quota or not Only applies if "com.openexchange.preview.cache.type" is set to "FS" Default is false. </nowiki>
| preview.properties:27
|-
| <nowiki>com.openexchange.preview.cache.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The switch to enable/disable the preview cache Default is true (enabled) </nowiki>
| preview.properties:5
|-
| <nowiki>com.openexchange.http.probe.alias</nowiki>
| <nowiki>/healthProbe</nowiki>
| <nowiki>The alias name in the URI namespace at which the probe is registered Default value: /healthProbe </nowiki>
| probe.properties:9
|-
| <nowiki>com.openexchange.publish.microformats.usesWhitelisting</nowiki>
| <nowiki>true</nowiki>
| <nowiki>if set to true, the contents of a microformatted publication will be processed through a whitelisting filter that removes elements that are considered potentially unsafe. We recommend you use this in case you do not have publications on a different subdomain. </nowiki>
| publications.properties:5
|-
| <nowiki>contacts_hcard_censored.tmpl </nowiki>
| <nowiki> contacts, publish, default</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:1
|-
| <nowiki>contacts_hcard_uncensored.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:2
|-
| <nowiki>contacts_oxmf_censored.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:3
|-
| <nowiki>contacts_oxmf_uncensored.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:4
|-
| <nowiki>contacts.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:5
|-
| <nowiki>infostore.tmpl </nowiki>
| <nowiki> infostore, publish, default</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:7
|-
| <nowiki>infostore_gallery.tmpl </nowiki>
| <nowiki> infostore, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:8
|-
| <nowiki>com.openexchange.push.ms.maxDelayDuration</nowiki>
| <nowiki>600000</nowiki>
| <nowiki>The maximum time in milliseconds a push object may be delayed before finally pushing it to the clients Default value: 600000 </nowiki>
| push-ms.properties:10
|-
| <nowiki>com.openexchange.push.ms.delayDuration</nowiki>
| <nowiki>120000</nowiki>
| <nowiki>Time in milliseconds after which a queued object object is pushed to clients unless it got delayed again due to modifications of the push object within the delayDuration or modifications within the folder of the push object. Default value: 120000 </nowiki>
| push-ms.properties:5
|-
| <nowiki>com.openexchange.push.udp.remoteHost</nowiki>
| <nowiki></nowiki>
| <nowiki>list of open-xchange servers that should be connected when multicast is disabled </nowiki>
| push-udp.properties:10
|-
| <nowiki>com.openexchange.push.udp.registerTimeout</nowiki>
| <nowiki>3600000</nowiki>
| <nowiki>time in milliseconds a client registration is kept </nowiki>
| push-udp.properties:13
|-
| <nowiki>com.openexchange.push.udp.registerPort</nowiki>
| <nowiki>44335</nowiki>
| <nowiki>Port where the clients send the push registration request to. </nowiki>
| push-udp.properties:16
|-
| <nowiki>com.openexchange.push.udp.registerDistributionEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>only one of registerDistribution or eventDistribution can be enabled at the same time. if set to true, registrations are distributed to all ox servers </nowiki>
| push-udp.properties:21
|-
| <nowiki>com.openexchange.push.udp.eventDistributionEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>if set to true, events will be distributed to all Open-Xchange servers </nowiki>
| push-udp.properties:23
|-
| <nowiki>com.openexchange.push.udp.outputQueueDelay</nowiki>
| <nowiki>120000</nowiki>
| <nowiki>time in milliseconds after which queued "push" packages are sent to clients </nowiki>
| push-udp.properties:26
|-
| <nowiki>com.openexchange.push.udp.hostname</nowiki>
| <nowiki></nowiki>
| <nowiki>if empty, then the output of the java function getHostName will be used. This name is used for internal communication. </nowiki>
| push-udp.properties:30
|-
| <nowiki>com.openexchange.push.udp.senderAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>address used as the sender address when UDP packages are sent to the clients (should be the IP address of the load balancer in front of the Open-Xchange server farm </nowiki>
| push-udp.properties:35
|-
| <nowiki>com.openexchange.push.udp.multicastEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>true/false Send register information per multicast </nowiki>
| push-udp.properties:38
|-
| <nowiki>com.openexchange.push.udp.multicastAddress</nowiki>
| <nowiki>224.0.0.1</nowiki>
| <nowiki>IP multicast address </nowiki>
| push-udp.properties:41
|-
| <nowiki>com.openexchange.push.udp.multicastPort</nowiki>
| <nowiki>9982</nowiki>
| <nowiki>Multicast port </nowiki>
| push-udp.properties:44
|-
| <nowiki>com.openexchange.push.udp.pushEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>defines if server push port gets opened or not </nowiki>
| push-udp.properties:6
|-
| <nowiki>com.openexchange.push.imapidle.pushmode</nowiki>
| <nowiki>always</nowiki>
| <nowiki>when to fire push events? possible values: newmail,always default: always Explanation: newmail means to only send a push event in case of at least one new mail has arrived. NOTE: Using dovecot this does only work when only ONE concurrent session of the same user is active. always send a push event for every changes to the users mailbox. </nowiki>
| push_imapidle.properties:18
|-
| <nowiki>com.openexchange.push.imapidle.folder</nowiki>
| <nowiki>INBOX</nowiki>
| <nowiki>Define the folder to look-up for new mails in each mailbox Default is INBOX folder </nowiki>
| push_imapidle.properties:3
|-
| <nowiki>com.openexchange.push.imapidle.delay</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Waiting time in milliseconds before a reconnect is performed</nowiki>
| push_imapidle.properties
|-
| <nowiki>com.openexchange.push.imapidle.clusterLock</nowiki>
| <nowiki>hz</nowiki>
| <nowiki>Specifies what system to use to manage a cluster-lock
Possible values:
- "db" for database-based locking
- "hz" for Hazelcast-based locking (default)
- "none" for no cluster lock mechanism</nowiki>
| push_imapidle.properties
|-
| <nowiki>com.openexchange.push.mail.notify.udp_listen_multicast</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define if the listener should receive multicast messages </nowiki>
| push_mailnotify.properties:2
|-
| <nowiki>com.openexchange.push.mail.notify.use_ox_login</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to use the ox login name to check for a valid push event. The default is to only check the users aliases. If mailboxname@example.com is not contained in the list of aliases, set this to true. Warning: This won't work in multidomain setups where the same login might exist in different contexts! </nowiki>
| push_mailnotify.properties:23
|-
| <nowiki>com.openexchange.push.mail.notify.use_full_email_address</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to use the full email address from aliases or just use the localpart. When using a multidomain setup where the imap login is an email address, this should be set to true. If not, login might not be unique because foo@example.com and foo@example.net might be different users. Note: Do NOT set com.openexchange.push.mail.notify.imap_login_delimiter in this case! </nowiki>
| push_mailnotify.properties:32
|-
| <nowiki>com.openexchange.push.mail.notify.udp_listen_host</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>Define the hostname or interface/multicast group where the udp server should listen </nowiki>
| push_mailnotify.properties:5
|-
| <nowiki>com.openexchange.push.mail.notify.udp_listen_port</nowiki>
| <nowiki>23420</nowiki>
| <nowiki>Define the port where the udp server should listen </nowiki>
| push_mailnotify.properties:8
|-
| <nowiki>com.openexchange.push.mail.notify.delay_millis</nowiki>
| <nowiki>5000 </nowiki>
| <nowiki>specifies the delay time frame in which incoming UDP events are collected and send out as one push event to the OX cluster. Default is 5000 milliseconds </nowiki>
| push_mailnotify.properties
|-
| <nowiki>com.openexchange.quartz.startLocalScheduler </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Wether the local quartz scheduler instance should be started. If false, this node is unable to perform local jobs. </nowiki>
| quartz.properties:3
|-
| <nowiki>com.openexchange.quartz.localThreads </nowiki>
| <nowiki> 5</nowiki>
| <nowiki>Number of worker threads for the local scheduler instance. </nowiki>
| quartz.properties:6
|-
| <nowiki>com.openexchange.quota.contact</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of contacts that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation. Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad), but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any contact in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.infostore</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of documents that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad),
but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any document in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.attachment</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of attachments bound to PIM objects that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad),
but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any attachment in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.calendar</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of appointments that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad), but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any appointment in affected context. Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.task</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of tasks that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad), but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any task in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.realtime.isTraceAllUsersEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable tracing for all users. Default value: false </nowiki>
| realtime.properties:18
|-
| <nowiki>com.openexchange.realtime.usersToTrace</nowiki>
| <nowiki></nowiki>
| <nowiki>Enable tracing only for a set of users by using the userID@contextID notation e.g.: 1@1, 2@1, 3@1 Default value: empty set </nowiki>
| realtime.properties:22
|-
| <nowiki>com.openexchange.documentconverter.errorDir</nowiki>
| <nowiki>n/a</nowiki>
| <nowiki>A temporary directory, containing files that could not be converted due to an error condition or due to a timeout</nowiki>
| realtime.properties
|-
| <nowiki>errorMessage</nowiki>
| <nowiki>Error!!!</nowiki>
| <nowiki>The displayd error Message. </nowiki>
| recaptcha.properties:11
|-
| <nowiki>publicKey</nowiki>
| <nowiki></nowiki>
| <nowiki>The API Key to use the recaptcha Service This is hosted by Google, so you need an Google Account to receive API Keys Go to: http://www.google.com/recaptcha to generate keys. Use the global-key option to avoid domain restrictions. </nowiki>
| recaptcha.properties:7
|-
| <nowiki>privateKey</nowiki>
| <nowiki></nowiki>
| <nowiki></nowiki>
| recaptcha.properties:8
|-
| <nowiki>com.openexchange.report.client.proxy.useproxy</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This defines if a proxy server should be used to establish the http connection to the Open-Xchange report server, and if which server and proxy details to use. </nowiki>
| reportclient.properties:3
|-
| <nowiki>com.openexchange.report.client.proxy.address</nowiki>
| <nowiki>proxy.example.com</nowiki>
| <nowiki></nowiki>
| reportclient.properties:4
|-
| <nowiki>com.openexchange.report.client.proxy.port</nowiki>
| <nowiki>8080</nowiki>
| <nowiki></nowiki>
| reportclient.properties:5
|-
| <nowiki>com.openexchange.report.client.proxy.authrequired</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| reportclient.properties:6
|-
| <nowiki>com.openexchange.report.client.proxy.username</nowiki>
| <nowiki>USER</nowiki>
| <nowiki></nowiki>
| reportclient.properties:7
|-
| <nowiki>com.openexchange.report.client.proxy.password</nowiki>
| <nowiki>PASSWORD</nowiki>
| <nowiki></nowiki>
| reportclient.properties:8
|-
| <nowiki>com.openexchange.requestwatcher.isEnabled</nowiki>
| <nowiki> true</nowiki>
| <nowiki>Enable/disable the requestwatcher. Default value: true (enabled). </nowiki>
| requestwatcher.properties:13
|-
| <nowiki>com.openexchange.requestwatcher.frequency</nowiki>
| <nowiki> 30000</nowiki>
| <nowiki>Define the requestwatcher's frequency in milliseconds. Default value: 30000. </nowiki>
| requestwatcher.properties:17
|-
| <nowiki>com.openexchange.requestwatcher.maxRequestAge</nowiki>
| <nowiki> 60000</nowiki>
| <nowiki>Define the maximum allowed age of requests in milliseconds. Default value: 60000. </nowiki>
| requestwatcher.properties:21
|-
| <nowiki>com.openexchange.requestwatcher.restartPermission</nowiki>
| <nowiki> false</nowiki>
| <nowiki>Permission to stop & re-init system (works only for the ajp connector) </nowiki>
| requestwatcher.properties:24
|-
| <nowiki>RESELLER_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.reseller.storage.mysqlStorage.OXResellerMySQLStorage</nowiki>
| <nowiki></nowiki>
| reseller.properties:1
|-
| <nowiki>com.openexchange.rmi.host </nowiki>
| <nowiki> localhost</nowiki>
| <nowiki>Set this to 0 to bind on all interfaces </nowiki>
| rmi.properties:2
|-
| <nowiki>com.openexchange.rmi.port </nowiki>
| <nowiki> 1099</nowiki>
| <nowiki></nowiki>
| rmi.properties:4
|-
| <nowiki>com.openexchange.messaging.rss</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the RSS Messaging Service is available or not </nowiki>
| rssmessaging.properties:2
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtClientMapping.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtClientMapping.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtClientMapping.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtClientMapping-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtClientMapping.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtIDMapping.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtIDMapping.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtIDMapping.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtIDMapping-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtIDMapping.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtResourceDirectory.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtResourceDirectory.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtResourceDirectory.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtResourceDirectory-2</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtResourceDirectory.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>86400</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. </nowiki>
| rtResourceDirectory.properties:31
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtStanzaStorage.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtStanzaStorage.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtStanzaStorage.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtStanzaStorage-0</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtStanzaStorage.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>3600</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. </nowiki>
| rtStanzaStorage.properties:31
|-
| <nowiki>com.openexchange.secret.secretSource</nowiki>
| <nowiki>"<password>"</nowiki>
| <nowiki>Specifies the source for secret (used to decrypt/encrypt user passwords) <password>: Denotes the session's password (also the fall-back to previous handling) <user-id>: Denotes the user identifier <context-id>: Denotes the context identifier <random>: Denotes the value specified in property 'com.openexchange.secret.secretRandom' <list>: Step-wise trial-and-error with tokens specified in file 'secrets' Literals are surrounded by single-quotes E.g. com.openexchange.secret.secretSource="<user-id> + '@' + <context-id>" </nowiki>
| secret.properties:11
|-
| <nowiki>com.openexchange.secret.secretRandom</nowiki>
| <nowiki>eb495148-a9f8-441e-8a28-dcb9eecd60f9</nowiki>
| <nowiki>The random secret token </nowiki>
| secret.properties:14
|-
| <nowiki>com.openexchange.cookie.hash</nowiki>
| <nowiki>calculate</nowiki>
| <nowiki>Whether the hash value for the cookie name should be calculated or remembered from the session for each request. Possible values are: calculate (default) - Calculate hash from client login parameter and HTTP header User-Agent (may be modified through c.o.cookie.hash.fields) remember - remember once calculated hash in session and use it for the whole session life time (less secure) </nowiki>
| server.properties:101
|-
| <nowiki>com.openexchange.cookie.hash.salt</nowiki>
| <nowiki>replaceMe1234567890</nowiki>
| <nowiki>Cookie hash salt to avoid a potential brute force attack to cookie hashes. This value should be replaced by any random String with at least 16 Characters. </nowiki>
| server.properties:105
|-
| <nowiki>com.openexchange.forceHTTPS</nowiki>
| <nowiki>false</nowiki>
| <nowiki>If an HTTPS connection is detected the cookie is automatically marked as secure. This tells the browser only to send the cookie over encrypted connections. If HTTPS is terminated in front by some load balancer only HTTP is detected. Then this parameter can force to set the secure flag for cookies. Additionally all links generated inside the groupware to point at itself will use the https:// protocol prefix when this is set. Use this flag to indicate that HTTPS termination happens elsewhere. </nowiki>
| server.properties:111
|-
| <nowiki>com.openexchange.servlet.maxActiveSessions</nowiki>
| <nowiki>250000</nowiki>
| <nowiki>The maximum number of active sessions that will be created by this Manager, or -1 for no limit. Default is 250.000 HTTP sessions </nowiki>
| server.properties:115
|-
| <nowiki>UPLOAD_DIRECTORY</nowiki>
| <nowiki>/var/spool/open-xchange/uploads</nowiki>
| <nowiki>Upload Parameter. All uploads that are done by a client are temporarily saved in that directory. </nowiki>
| server.properties:12
|-
| <nowiki>com.openexchange.servlet.maxInactiveInterval</nowiki>
| <nowiki>1800</nowiki>
| <nowiki>The initial maximum time interval, in seconds, between client requests before a HTTP session is invalidated. This only applies to the HTTP session controlled by special JSESSIONID cookie, and does therefore not influence life-time of Groupware session. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 1800 seconds is used. </nowiki>
| server.properties:121
|-
| <nowiki>com.openexchange.servlet.maxBodySize</nowiki>
| <nowiki>104857600</nowiki>
| <nowiki>Specify the maximum body size allowed being transferred via PUT or POST method A request exceeding that limit will be responded with a 500 error and that request is discarded Equal or less than zero means no restriction concerning body size By default limit is set to 100MB (104857600 bytes). </nowiki>
| server.properties:127
|-
| <nowiki>com.openexchange.servlet.echoHeaderName</nowiki>
| <nowiki>X-Echo-Header</nowiki>
| <nowiki>Specify the name of the echo header whose value is echoed for each request providing that header </nowiki>
| server.properties:130
|-
| <nowiki>com.openexchange.servlet.contentSecurityPolicy</nowiki>
| <nowiki>""</nowiki>
| <nowiki>The value of Content-Security-Policy header Please refer to An Introduction to Content Security Policy (http://www.html5rocks.com/en/tutorials/security/content-security-policy/) Default value is empty; meaning no Content-Security-Policy header </nowiki>
| server.properties:135
|-
| <nowiki>com.openexchange.servlet.maxRateTimeWindow</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Specify the rate limit' time window in which to track incoming HTTP requests Default value is 300000 (5 minutes). </nowiki>
| server.properties:139
|-
| <nowiki>com.openexchange.servlet.maxRate</nowiki>
| <nowiki>500</nowiki>
| <nowiki>Specify the rate limit that applies to incoming HTTP requests A client that exceeds that limit will receive a "429 Too Many Requests" HTTP error code That rate limit acts like a sliding window time frame; meaning that it considers only requests that fit into time windows specified through "com.openexchange.servlet.maxRateTimeWindow" from current time stamp: window-end := $now window-start := $window-end - $maxRateTimeWindow Default value is 500 requests per $maxRateTimeWindow (default: 5 minutes). </nowiki>
| server.properties:148
|-
| <nowiki>com.openexchange.servlet.maxRateLenientModules</nowiki>
| <nowiki>rt, system</nowiki>
| <nowiki>Specify those AJAX-accessible modules which are excluded from the rate limit checks Default value: rt, system </nowiki>
| server.properties:152
|-
| <nowiki>com.openexchange.servlet.maxRateLenientClients</nowiki>
| <nowiki>"Open-Xchange .NET HTTP Client*", "Open-Xchange USM HTTP Client*", "Jakarta Commons-HttpClient*"</nowiki>
| <nowiki>Specify (wildcard notation supported) those User-Agents which are excluded from the rate limit checks Default value: "Open-Xchange .NET HTTP Client*", "Open-Xchange USM HTTP Client*", "Jakarta Commons-HttpClient*" </nowiki>
| server.properties:156
|-
| <nowiki>com.openexchange.servlet.maxRateKeyPartProviders</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify how to associate a rate limit with a HTTP request By default a rate limit is associated with that tuple of { remote-address, user-agent } This does not apply to all scenarios. Therefore it is possible to specify more parts in a comma-separated list that build up the key. Possible values are: - "http-session" := The identifier of the request-associated HTTP session aka JSESSIONID cookie - "cookie-" + <cookie-name> := Specifies the (ignore-case) name of the arbitrary cookie whose value is considered. If missing it is ignored. - "header-" + <header-name> := Specifies the (ignore-case) name of the arbitrary header whose value is considered. If missing it is ignored. - "parameter-" + <parameter-name> := Specifies the (ignore-case) name of the arbitrary parameter whose value is considered. If missing it is ignored. E.g. com.openexchange.servlet.maxRateKeyPartProviders=cookie-My-Secret-Cookie, parameter-request_num Default is empty; meaning only remote-address and user-agent are considered </nowiki>
| server.properties:170
|-
| <nowiki>com.openexchange.log.suppressedCategories</nowiki>
| <nowiki>USER_INPUT</nowiki>
| <nowiki>Specifies a comma-separated list of those error categories that shall not be logged Default value is: USER_INPUT </nowiki>
| server.properties:174
|-
| <nowiki>com.openexchange.log.maxMessageLength</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies max. message length to log. Messages that exceed that limit are split. A value of less than 1 means unlimited. Default is -1 (unlimited) </nowiki>
| server.properties:179
|-
| <nowiki>com.openexchange.json.maxSize</nowiki>
| <nowiki>2500</nowiki>
| <nowiki>Specify the max. number of allowed attributes for a JSON object </nowiki>
| server.properties:182
|-
| <nowiki>com.openexchange.webdav.disabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Setting this to true means that the WebDav XML servlets for attachments, calendar, contacts and tasks will be disabled. On requests to these servlets a service-not-available (503) response will be sent. See "webdav-disabled-message.txt" to customize the detailed error message that will be sent. </nowiki>
| server.properties:187
|-
| <nowiki>com.openexchange.ajax.response.includeStackTraceOnError</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether the JSON response object should provide the stack trace of the associated exception </nowiki>
| server.properties:190
|-
| <nowiki>com.openexchange.connector.networkListenerHost</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>The host for the connector's (ajp, http) network listener. Set to "*" if you want to listen on all available interfaces. Default value: 127.0.0.1, bind to localhost only. </nowiki>
| server.properties:195
|-
| <nowiki>com.openexchange.connector.networkListenerPort</nowiki>
| <nowiki>8009</nowiki>
| <nowiki>The default port for the connector's (ajp, http) network listener. Default value: 8009. </nowiki>
| server.properties:199
|-
| <nowiki>MAX_UPLOAD_SIZE</nowiki>
| <nowiki>104857600</nowiki>
| <nowiki>If the sum of all uploaded files in one request is greater than this value, the upload will be rejected. This value can be overridden on a per-module basis by setting the MAX_UPLOAD_SIZE parameter in the modules config file (attachment.properties or infostore.properties). Or it can be overriden on a per-user basis by setting the upload_quota in the mail configuration of this user If this value is set to 0 and not overridden by the module config or user config uploads will be unrestricted. The size is in bytes. </nowiki>
| server.properties:20
|-
| <nowiki>com.openexchange.connector.maxRequestParameters</nowiki>
| <nowiki>30</nowiki>
| <nowiki>Specify the max. number of allowed request parameters for the connector (ajp, http) Default value: 30 </nowiki>
| server.properties:203
|-
| <nowiki>com.openexchange.server.backendRoute</nowiki>
| <nowiki>OX0</nowiki>
| <nowiki>To enable proper load balancing and request routing from {client1, client2 .. .} --> balancer --> {backend1, backend2 ...} we have to append a backend route to the JSESSIONID cookies separated by a '.'. It's important that this backend route is unique for every single backend behind the load balancer. The string has to be a sequence of characters excluding semi-colon, comma and white space so the JSESSIONID cookie stays in accordance with the cookie specification after we append the backendroute to it. Default value: OX0 </nowiki>
| server.properties:213
|-
| <nowiki>com.openexchange.server.considerXForwards</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Decides if we should consider X-Forward-Headers that reach the backend. Those can be spoofed by clients so we have to make sure to consider the headers only if the proxy/proxies reliably override those headers for incoming requests. Default value: true </nowiki>
| server.properties:219
|-
| <nowiki>com.openexchange.server.forHeader</nowiki>
| <nowiki>X-Forwarded-For</nowiki>
| <nowiki>The name of the protocolHeader used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. This is needed for grizzly based setups that make use of http proxying. If the header isn't found the first proxy in front of grizzly will be used as originating IP/remote address. Default value: X-Forwarded-For </nowiki>
| server.properties:227
|-
| <nowiki>com.openexchange.server.knownProxies </nowiki>
| <nowiki> </nowiki>
| <nowiki>A list of know proxies in front of our httpserver/balancer as comma separated IPs e.g: 192.168.1.50, 192.168.1.51 </nowiki>
| server.properties:230
|-
| <nowiki>com.openexchange.html.css.parse.timeout</nowiki>
| <nowiki>4</nowiki>
| <nowiki>Specify the amount of seconds to wait for a CSS content being parsed This property influences parsing of HTML messages. If CSS could not be parsed in time, CSS is stripped from message's content. Default value is 4 </nowiki>
| server.properties:235
|-
| <nowiki>MAX_UPLOAD_IDLE_TIME_MILLIS</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>The max. idle time in milliseconds for an uploaded file temporary stored in upload directory </nowiki>
| server.properties:24
|-
| <nowiki>com.openexchange.log.suppressedCategories</nowiki>
| <nowiki>USER_INPUT</nowiki>
| <nowiki>Specify the OXException categories (comma separted) to be suppressed when logging. The Exception itself will still be logged as configured, but the StackTraces are omitted. Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING Default is USER_INPUT. </nowiki>
| server.properties:241
|-
| <nowiki>com.openexchange.rest.services.basic-auth.login</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the user name used for HTTP basic auth by internal REST servlet Both settings need to be set in order to have basic auth enabled - "com.openexchange.rest.services.basic-auth.login" and "com.openexchange.rest.services.basic-auth.password" Default is empty. Please change! </nowiki>
| server.properties:248
|-
| <nowiki>com.openexchange.rest.services.basic-auth.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the password used for HTTP basic auth by internal REST servlet Both settings need to be set in order to have basic auth enabled - "com.openexchange.rest.services.basic-auth.login" and "com.openexchange.rest.services.basic-auth.password" Default is empty. Please change! </nowiki>
| server.properties:255
|-
| <nowiki>MAX_BODY_SIZE</nowiki>
| <nowiki>0</nowiki>
| <nowiki>The max. HTTP body size Zero or less means infinite. /!\ Deprecated: Use "com.openexchange.servlet.maxBodySize" instead /!\ </nowiki>
| server.properties:29
|-
| <nowiki>com.openexchange.defaultMaxConcurrentAJAXRequests</nowiki>
| <nowiki>100</nowiki>
| <nowiki>The default max. number of allowed concurrent requests per user This property only has effect if no individual value has been specified for active user A value less than or equal to zero means infinite </nowiki>
| server.properties:34
|-
| <nowiki>DefaultEncoding</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>DEFAULT ENCODING FOR INCOMING HTTP REQUESTS This value MUST be equal to web server's default encoding </nowiki>
| server.properties:38
|-
| <nowiki>com.openexchange.MinimumSearchCharacters</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Minimum number of characters a search pattern must contain. 0 means no minimum. This should prevent slow searches for contacts or big responses in large contexts. </nowiki>
| server.properties:43
|-
| <nowiki>PUBLISH_REVOKE</nowiki>
| <nowiki></nowiki>
| <nowiki>e-mail address of a person that can be called if data has been published and the actual owner of the data objects to the publication. If removed or left empty, the e-maill address of the context admin is used. </nowiki>
| server.properties:48
|-
| <nowiki>com.openexchange.IPCheck</nowiki>
| <nowiki>true</nowiki>
| <nowiki>On session validation of every request the client IP address is compared with the client IP address used for the login request. If this configuration parameter is set to "true" and the client IP addresses do not match the request will be denied and the denied request is logged with level info. Setting this parameter to "false" will only log the different client IP addresses with debug level. WARNING! This should be only set to "false" if you know what you are doing and if all requests are secure - requests are always encrypted by using HTTPS. </nowiki>
| server.properties:56
|-
| <nowiki>com.openexchange.IPMaskV4</nowiki>
| <nowiki></nowiki>
| <nowiki>Subnet mask for accepting IP-ranges. Using CIDR-Notation for v4 and v6 or dotted decimal only for v4. Examples: com.openexchange.IPMaskV4=255.255.255.0 com.openexchange.IPMaskV4=/24 com.openexchange.IPMaskV6=/60 </nowiki>
| server.properties:64
|-
| <nowiki>com.openexchange.IPMaskV6</nowiki>
| <nowiki></nowiki>
| <nowiki></nowiki>
| server.properties:65
|-
| <nowiki>com.openexchange.IPCheckWhitelist</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify a comma-separated list of client patterns that do bypass IP check E.g. com.openexchange.IPCheckWhitelist="Mobile App*", "Foo*" </nowiki>
| server.properties:69
|-
| <nowiki>com.openexchange.UIWebPath</nowiki>
| <nowiki>/ox6/index.html</nowiki>
| <nowiki>Configures the path on the web server where the UI is located. This path is used to generate links directly into the UI. The default conforms to the path where the UI is installed by the standard packages on the web server. This path is used for the [uiwebpath]. For the Open-Xchange 6 frontend the path needs to be configured to "/ox6/index.html" which is still the default. For the App Suite frontend the path needs to be configured to "/appsuite/". </nowiki>
| server.properties:75
|-
| <nowiki>com.openexchange.dispatcher.prefix</nowiki>
| <nowiki>/ajax/</nowiki>
| <nowiki>Specify the prefix for Central Dispatcher framework (the Open-Xchange AJAX interface) </nowiki>
| server.properties:78
|-
| <nowiki>PrefetchEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable or disable SearchIterator prefetch. If prefetch is enabled the underlying ResultSet data is completely stored and all related resources are released immediately when creating a SearchIterator. Possible values: TRUE / FALSE </nowiki>
| server.properties:8
|-
| <nowiki>com.openexchange.cookie.ttl</nowiki>
| <nowiki>1W</nowiki>
| <nowiki>The time-to-live for session, secret and JSESSIONID cookie. Note: Time-to-live is only relevant for session and secret cookie, if autologin is enabled as well. Autologin is configured in sessiond.properties by "com.openexchange.sessiond.autologin" property. Can contain units of measurement: D (=days) W(=weeks) H(=hours). Special identifier "web-browser" to let the Cookie(s) be deleted when the Web browser exits </nowiki>
| server.properties:87
|-
| <nowiki>com.openexchange.cookie.httpOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the "; HttpOnly" should be appended to server cookies exits </nowiki>
| server.properties:90
|-
| <nowiki>com.openexchange.servlet.maxRateLenientRemoteAddresses</nowiki>
| <nowiki></nowiki>
| <nowiki>That property allows to specify (wildcard notation supported) those remote addresses/IPs which are excluded from the rate limit checks. Default value is empty. </nowiki>
| server.properties
|-
| <nowiki>com.openexchange.preview.thumbnail.blockingWorker</nowiki>
| <nowiki>false</nowiki>
| <nowiki> The backend either delivers a thumbnail when it's available from cache or fails fast while initiating the thumbnail creation/caching in the background. The advantage is that clients aren't blocked and can simply retry later when the thumbnail can be delivered from cache.
If there is no cache configured for the user/context:
We either have to generate the thumbnail on the fly which has the potential to block the whole client by occupying the max number of allowed connections to the domain or simply fail fast which leaves the client responsive but without thumbnails
Default value is "false" to keep the client responsive. </nowiki>
| server.properties
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| sessionId2tokenHz.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| sessionId2tokenHz.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| sessionId2tokenHz.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>sessionId2token-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| sessionId2tokenHz.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>300</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. This value should be set equal to value of property "com.openexchange.tokenlogin.maxIdleTime" in file "tokenlogin.properties". Defaults to 300 (5 minutes). </nowiki>
| sessionId2tokenHz.properties:33
|-
| <nowiki>com.openexchange.sessiond.maxSessionPerClient</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specify the number of sessions allowed per client (Web UI, EAS, WebDAV, ...) and user. A value equal to or less than zero means unlimited </nowiki>
| sessiond.properties:13
|-
| <nowiki>com.openexchange.sessiond.sessionDefaultLifeTime</nowiki>
| <nowiki>3600000</nowiki>
| <nowiki>Life time (in milliseconds) of a session in the short term session containers. After this time the session is put into the long life time container and all temporary session data is removed. This only applies if com.openexchange.sessiond.autologin is enabled. Short term session containers are rotated every 6 minutes. Therefore this value should be a multiple of 6 minutes. Default is 3600000 </nowiki>
| sessiond.properties:20
|-
| <nowiki>com.openexchange.sessiond.sessionLongLifeTime</nowiki>
| <nowiki>1W</nowiki>
| <nowiki>This amount of time a session can live without any interaction, if com.openexchange.sessiond.autologin is enabled. First the session lives in the short term session container, see configuration option com.openexchange.sessiond.sessionDefaultLifeTime. Then the session is moved into the long term session container. The session can be restored from here, but it won't have any temporary session data anymore. Restoring temporary session data may cause some slower functionality and maybe temporary errors on image, proxy data or the like. The overall time a session can live is defined by this option. The life time in the long term session container is the time configured here subtracted by the time in the short term session container. Can contain units of measurement: D(=days) W(=weeks) H(=hours) M(=minutes). Long term session containers are rotated every hour. Therefore this value should be a multiple of 1 hour. </nowiki>
| sessiond.properties:30
|-
| <nowiki>com.openexchange.sessiond.randomTokenTimeout</nowiki>
| <nowiki>30000</nowiki>
| <nowiki>The random token to access a newly created session is valid for this configured time. Can contain units of measurement: D(=days) W(=weeks) H(=hours) M(=minutes). </nowiki>
| sessiond.properties:34
|-
| <nowiki>com.openexchange.sessiond.autologin</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether autologin is allowed or not </nowiki>
| sessiond.properties:37
|-
| <nowiki>com.openexchange.sessiond.encryptionKey</nowiki>
| <nowiki>auw948cz,spdfgibcsp9e8ri+<#qawcghgifzign7c6gnrns9oysoeivn</nowiki>
| <nowiki>Key to encrypt passwords during transmission during session migration. Change this, and make sure it's the same in the entire cluster </nowiki>
| sessiond.properties:44
|-
| <nowiki>com.openexchange.sessiond.asyncPutToSessionStorage</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specify if sessions shall be put asynchronously to session storage Default is true </nowiki>
| sessiond.properties:48
|-
| <nowiki>com.openexchange.sessiond.maxSession</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Maximum number of concurrent sessions, 0 stands for unlimited </nowiki>
| sessiond.properties:6
|-
| <nowiki>com.openexchange.sessiond.maxSessionPerUser</nowiki>
| <nowiki>100</nowiki>
| <nowiki>Maximum number of concurrent sessions per user, a value less than or equal to zero means unlimited </nowiki>
| sessiond.properties:9
|-
| <nowiki>com.openexchange.sessiond.remoteParameterNames</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the colon-separated names of such parameters that are supposed to be taken over from session to stored session representation. The parameter names MUST NOT contain the ':' colon character that serves a delimiter. E.g. com.openexchange.sessiond.remoteParameterNames=remoteParameter1:remoteParameter2:...:remoteParameterN
# By default this setting is empty.Maximum number of concurrent sessions per user, a value less than or equal to zero means unlimited </nowiki>
| sessiond.properties
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| sessions.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| sessions.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| sessions.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>sessions-6</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| sessions.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>640000</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. To avoid unnecessary eviction, the value should be higher than the configured 'com.openexchange.sessiond.sessionLongLifeTime' in 'sessiond.properties'. Defaults to 640000 (a bit more than a week). </nowiki>
| sessions.properties:33
|-
| <nowiki>com.openexchange.sessionstorage.hazelcast.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enabled/disable Hazelcast-based session storage </nowiki>
| sessionstorage-hazelcast.properties:4
|-
| <nowiki>com.openexchange.mail.smal.blacklist </nowiki>
| <nowiki> *</nowiki>
| <nowiki>Specify host names of mail backends that shall be excluded from index access. If set to *, only the primary mail account is allowed to be indexed. Leave empty to allow indexing for all external mail accounts. Example: gmail.com,googlemail.com </nowiki>
| smal.properties:8
|-
| <nowiki>com.openexchange.smtp.smtpAuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for SMTP authentication Default is UTF-8 </nowiki>
| smtp.properties:11
|-
| <nowiki>com.openexchange.smtp.smtpAuthentication</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable SMTP Authentication Default is true </nowiki>
| smtp.properties:15
|-
| <nowiki>com.openexchange.smtp.setSMTPEnvelopeFrom</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Defines if SMTP header ENVELOPE-FROM should be explicitly set to user's primary email address or not Default is false </nowiki>
| smtp.properties:20
|-
| <nowiki>com.openexchange.smtp.smtpTimeout</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.smtp.timeout Default is 50000 </nowiki>
| smtp.properties:25
|-
| <nowiki>com.openexchange.smtp.smtpConnectionTimeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.smtp.connectiontimeout Default is 10000 </nowiki>
| smtp.properties:30
|-
| <nowiki>com.openexchange.smtp.logTransport</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies whether a transported message shall be logged providing "Message-Id" header, login, and SMTP server information Default is false </nowiki>
| smtp.properties:34
|-
| <nowiki>com.openexchange.smtp.ssl.protocols</nowiki>
| <nowiki>SSLv3 TLSv1</nowiki>
| <nowiki>Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Default value is: SSLv3 TLSv1 </nowiki>
| smtp.properties:38
|-
| <nowiki>com.openexchange.smtp.ssl.ciphersuites</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the SSL cipher suites that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Check "http://<ox-grizzly-hostname>:<ox-grizzly-port>/stats/diagnostic?param=ciphersuites" to check available cipher suites. Default value is empty (fall-back to current JVM's default SSL cipher suite) </nowiki>
| smtp.properties:45
|-
| <nowiki>com.openexchange.smtp.smtpLocalhost</nowiki>
| <nowiki>null</nowiki>
| <nowiki>The localhost name that is going to be used on SMTP's HELO or EHLO command. The default is set to InetAddress.getLocalHost().getHostName() but if either JDK or name service are not configured properly, this routine fails and the HELO or EHLO command is send without a name which leads to an error: "501 HELO requires domain address" The value "null" falls back to InetAddress.getLocalHost().getHostName() which works in most cases. Default is "null" </nowiki>
| smtp.properties:7
|-
| <nowiki>com.openexchange.nosql.cassandra.snappyjava.nativelibs </nowiki>
| <nowiki> @oxsnappydir@/lib</nowiki>
| <nowiki>Path for native libs </nowiki>
| snappy.properties:2
|-
| <nowiki>com.openexchange.soap.cxf.entityExpansionLimit</nowiki>
| <nowiki>128000</nowiki>
| <nowiki>Java platform limits the number of entity expansions that are allowed for a single XML document. Default is 128000, which is considered to be a pretty large number for any real life application. However, if any application does need to have a higher limit, this property (which maps to 'entityExpansionLimit' system property) can be increased to the desired size. Setting it to 0 (zero) means unlimited. Default value is 128000 </nowiki>
| soap-cxf.properties:18
|-
| <nowiki>com.openexchange.soap.cxf.baseAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the base address for published end points; e.g. "http://www.myserver.com/myservices" Default is empty; meaning to use running machine's address </nowiki>
| soap-cxf.properties:5
|-
| <nowiki>com.openexchange.soap.cxf.hideServiceListPage</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether to hice service list page Default is false </nowiki>
| soap-cxf.properties:9
|-
|<nowiki>com.openexchange.soap.cxf.disableAddressUpdates</nowiki>
| <nowiki>true</nowiki>
| <nowiki>prevents the URL manipulation Default is true </nowiki>
| soap-cxf.properties:25
|-
| <nowiki>com.openexchange.solr.solrHome </nowiki>
| <nowiki> /opt/open-xchange/solr</nowiki>
| <nowiki>This is the path to the home directory of the embedded Solr server. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:10
|-
| <nowiki>com.openexchange.solr.libDir </nowiki>
| <nowiki> /opt/open-xchange/solr/lib</nowiki>
| <nowiki>This is the path to the library directory of the embedded Solr server. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:14
|-
| <nowiki>com.openexchange.solr.configDir </nowiki>
| <nowiki> /opt/open-xchange/solr/conf</nowiki>
| <nowiki>This is the path to the configuration directory of the embedded Solr server. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:18
|-
| <nowiki>com.openexchange.solr.schemaMail </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/schema-mail.xml</nowiki>
| <nowiki>This is the path to the schema file for the mail index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:22
|-
| <nowiki>com.openexchange.solr.configMail </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/solrconfig-mail.xml</nowiki>
| <nowiki>This is the path to the configuration file for the mail index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:26
|-
| <nowiki>com.openexchange.solr.schemaInfostore </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/schema-infostore.xml</nowiki>
| <nowiki>This is the path to the schema file for the infostore index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:30
|-
| <nowiki>com.openexchange.solr.configInfostore </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/solrconfig-infostore.xml</nowiki>
| <nowiki>This is the path to the configuration file for the infostore index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:34
|-
| <nowiki>com.openexchange.solr.schemaAttachments </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/schema-attachments.xml</nowiki>
| <nowiki>This is the path to the schema file for the attachment index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:38
|-
| <nowiki>com.openexchange.solr.configAttachments </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/solrconfig-attachments.xml</nowiki>
| <nowiki>This is the path to the configuration file for the attachment index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:42
|-
| <nowiki>com.openexchange.solr.isSolrNode </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Indicates whether this OX node is a Solr node or not. Being a Solr node means that this node will be used to perform Solr searches and jobs like indexing mailboxes etc. If set to false, all index search actions will be delegated to a Solr node. </nowiki>
| solr.properties:6
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.port</nowiki>
| <nowiki>783</nowiki>
| <nowiki>If the mail should be send to spamd specify the port of the spamassassin daemon here </nowiki>
| spamassassin.properties:10
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.timeout</nowiki>
| <nowiki>10</nowiki>
| <nowiki>If the mail should be send to spamd specify the timeout after which the try to connect is aborted here </nowiki>
| spamassassin.properties:14
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.retries</nowiki>
| <nowiki>1</nowiki>
| <nowiki>If the mail should be send to spamd specify the connect retries here. </nowiki>
| spamassassin.properties:17
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.spamd</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Choose if a mail should be send to spamd afterwards </nowiki>
| spamassassin.properties:2
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.retrysleep</nowiki>
| <nowiki>1</nowiki>
| <nowiki>If the mail should be send to spamd specify the connect retries sleep here. This is how log should be waited between the different tries. </nowiki>
| spamassassin.properties:21
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.unsubscribeSpamFolders</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Indicates whether the confirmed-spam/confirmed-ham folders shall automatically be unsubscribed during login. Default is true. </nowiki>
| spamassassin.properties:25
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.hostname</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>If the mail should be send to spamd specify the hostname of the spamassassin daemon here </nowiki>
| spamassassin.properties:6
|-
| <nowiki>modules/com.openexchange.spamhandler.spamexperts/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property enables the Spamexperts Iframe GUI-Plugins </nowiki>
| spamexperts-ui.properties:9
|-
| <nowiki>com.openexchange.custom.spamexperts.panel_servlet</nowiki>
| <nowiki>/ajax/spamexperts/panel</nowiki>
| <nowiki> The next property defines the mount point of the panel servlet </nowiki>
| spamexperts.properties:10
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.api_interface_url</nowiki>
| <nowiki>http://demo1.spambrand.com/api/authticket/create/username/</nowiki>
| <nowiki> URL of spamexperts Interface to generate new sessions </nowiki>
| spamexperts.properties:15
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.admin_user</nowiki>
| <nowiki>admin</nowiki>
| <nowiki> This property defines the username which should be used as basic auth </nowiki>
| spamexperts.properties:21
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.admin_password</nowiki>
| <nowiki>demo</nowiki>
| <nowiki> This property defines the password which should be used as basic auth </nowiki>
| spamexperts.properties:27
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.api_auth_attribute</nowiki>
| <nowiki>mail</nowiki>
| <nowiki> Which user attribute should be used for authentication against panel API Possible values: - imaplogin -> Users IMAP login - mail -> Users mail address - login -> String which user entered at login mask - username -> Users "username" attribute. </nowiki>
| spamexperts.properties:37
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.web_ui_url</nowiki>
| <nowiki>http://demo1.spambrand.com/?authticket=</nowiki>
| <nowiki> Defines the URL where the panel is available </nowiki>
| spamexperts.properties:43
|-
| <nowiki>com.openexchange.custom.spamexperts.imapurl</nowiki>
| <nowiki></nowiki>
| <nowiki> the imap url to the spamexperts imap server Example: imap://myserver.example.com </nowiki>
| spamexperts.properties:55
|-
| <nowiki>com.openexchange.custom.spamexperts.imapuser</nowiki>
| <nowiki></nowiki>
| <nowiki> username to authenticate against the imap server </nowiki>
| spamexperts.properties:60
|-
| <nowiki>com.openexchange.custom.spamexperts.imappassword</nowiki>
| <nowiki></nowiki>
| <nowiki> password to authenticate against the imap server </nowiki>
| spamexperts.properties:65
|-
| <nowiki>com.openexchange.custom.spamexperts.trainspamfolder</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki> Foldername of folder to place spam mails in order to train the system </nowiki>
| spamexperts.properties:70
|-
| <nowiki>com.openexchange.custom.spamexperts.trainhamfolder</nowiki>
| <nowiki>Not Spam</nowiki>
| <nowiki> Foldername of folder to place ham mails in order to train the system </nowiki>
| spamexperts.properties:75
|-
| <nowiki>com.openexchange.spamhandler.cloudmark.targetHamEmailAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>Defines the eMail address to which the selected eMails will be bounced, if they are marked as Ham. If no address is specified the bounce will be skipped, but moving the selected mails back to the Inbox will still be processed (if configured). Privacy note: This will send private mails of users to that address when marked as Ham </nowiki>
| spamhandler_cloudmark.properties:10
|-
| <nowiki>com.openexchange.spamhandler.cloudmark.targetSpamFolder</nowiki>
| <nowiki>2</nowiki>
| <nowiki>Defines to which folder the selected mails should be moved to after they have been bounced to the target eMail address. If no option is configured the selected mails will be moved to the users trash folder. Possible options are: 0 = Do not move the message at all 1 = User's trash folder (Default) 2 = User's SPAM folder 3 = Subscribed confirmed-spam folder (experimental) </nowiki>
| spamhandler_cloudmark.properties:20
|-
| <nowiki>com.openexchange.spamhandler.cloudmark.targetSpamEmailAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>Defines the eMail address to which the selected eMails will be bounced. If no address is specified the bounce will be skipped, but moving the selected mails to the target folder will still be processed (if configured) </nowiki>
| spamhandler_cloudmark.properties:4
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/open-xchange-db_6</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/open-xchange-db_6</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/ox_test</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/ox_test</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://devel-master.netline.de/openexchangeHEAD_14</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>com.openexchange.subscribe.autorun</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Defines whether subscriptions should be run automatically on login, if a given interval has elapsed The intervals default to one day, but can be configured individually by subscription type in the subscription source specific configuration files </nowiki>
| subscribe.properties:4
|-
| <nowiki>serviceUsageInspection</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enabled/disable service usage inspection. If enabled, all services obtained and managed by ServiceHolder class will be tracked to ensure all services are put back (via unget) within a certain amount of time. The time range can be defined through property 'serviceUsageTimeout'. </nowiki>
| system.properties:10
|-
| <nowiki>serviceUsageTimeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>The service usage timeout in milliseconds. This property only has effect if property 'serviceUsageInspection' is set to 'true'. </nowiki>
| system.properties:14
|-
| <nowiki>MimeTypeFileName</nowiki>
| <nowiki>mime.types</nowiki>
| <nowiki>Name of the MIME type file </nowiki>
| system.properties:17
|-
| <nowiki>UserConfigurationStorage</nowiki>
| <nowiki>Caching</nowiki>
| <nowiki>Name of the class implementing the UserConfigurationStorage. Currently known aliases: Caching, DB </nowiki>
| system.properties:21
|-
| <nowiki>Cache</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Switch for enabling caching in the groupware. Normally this should be set to true or the database will get a lot more load. </nowiki>
| system.properties:25
|-
| <nowiki>CalendarSQL</nowiki>
| <nowiki>com.openexchange.groupware.calendar.CalendarMySQL</nowiki>
| <nowiki></nowiki>
| system.properties:29
|-
| <nowiki>SERVER_NAME</nowiki>
| <nowiki>local</nowiki>
| <nowiki>Server name registered by registerserver in the configuration database can be read with listservers </nowiki>
| system.properties:33
|-
| <nowiki>com.openexchange.config.cascade.scopes</nowiki>
| <nowiki>user, context, contextSets, server</nowiki>
| <nowiki>The scopes to use in the config cascade, and their precedence </nowiki>
| system.properties:36
|-
| <nowiki>com.openexchange.caching.configfile</nowiki>
| <nowiki>cache.ccf</nowiki>
| <nowiki>Location of default cache configuration file </nowiki>
| system.properties:4
|-
| <nowiki>com.openexchange.threadpool.testinjector.freqmillis</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Frequency millis </nowiki>
| testinjector.properties:10
|-
| <nowiki>com.openexchange.threadpool.testinjector.factor</nowiki>
| <nowiki>100</nowiki>
| <nowiki>Increase factor </nowiki>
| testinjector.properties:13
|-
| <nowiki>com.openexchange.threadpool.testinjector.sleepmillis</nowiki>
| <nowiki>2500</nowiki>
| <nowiki>Time to waste per task </nowiki>
| testinjector.properties:16
|-
| <nowiki>com.openexchange.threadpool.testinjector.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enabled </nowiki>
| testinjector.properties:4
|-
| <nowiki>com.openexchange.threadpool.testinjector.rampup</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>Ramp-up count </nowiki>
| testinjector.properties:7
|-
| <nowiki>com.openexchange.threadpool.maximumPoolSize</nowiki>
| <nowiki>2147483647</nowiki>
| <nowiki>The maximum number of threads to allow in the pool. Default is max. integer value of 2^31 - 1 which is considered as unlimited max. number of threads. </nowiki>
| threadpool.properties:11
|-
| <nowiki>com.openexchange.threadpool.keepAliveTime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>When the number of threads is greater than the core, this is the maximum time (in milliseconds) that excess idle threads will wait for new tasks before terminating. Default is 60000msec </nowiki>
| threadpool.properties:17
|-
| <nowiki>com.openexchange.threadpool.workQueue</nowiki>
| <nowiki>synchronous</nowiki>
| <nowiki>The queue type to use for holding tasks before they are executed. This queue will hold only the tasks submitted by the execute method. Supported values: synchronous and linked A synchronous queue is an appropriate choice when "com.openexchange.threadpool.maximumPoolSize" is unlimited and possible rejection of tasks is allowed. A synchronous queue has no capacity, it rather acts as a direct hand-off of tasks to an already waiting worker thread and will deny the task if there is no further worker thread to process the task. A linked queue is an appropriate choice when "com.openexchange.threadpool.maximumPoolSize" is limited and rejection of tasks is prohibited. A linked queue has a (fixed) capacity to store submitted tasks which have to wait for a worker thread to become ready. </nowiki>
| threadpool.properties:29
|-
| <nowiki>com.openexchange.threadpool.corePoolSize</nowiki>
| <nowiki>3</nowiki>
| <nowiki>The number of threads to keep in the pool, even if they are idle. If unsure follow this rule: Number of CPUs + 1 </nowiki>
| threadpool.properties:3
|-
| <nowiki>com.openexchange.threadpool.workQueueSize</nowiki>
| <nowiki>0</nowiki>
| <nowiki>The size of the work queue. Zero means unlimited size. Note: If this property is set to a value greater than zero, property "com.openexchange.threadpool.workQueue" is implicitly set to "linked" to accomplish a fixed-size work queue. </nowiki>
| threadpool.properties:34
|-
| <nowiki>com.openexchange.threadpool.blocking</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable blocking behavior. A blocking behavior means that caller is blocked until space becomes available in working queue. This is useful for installation with limited capacities concerning max. number of threads and a bounded blocking work queue. </nowiki>
| threadpool.properties:38
|-
| <nowiki>com.openexchange.threadpool.refusedExecutionBehavior</nowiki>
| <nowiki>abort</nowiki>
| <nowiki>The default behavior to obey when execution is blocked because the thread bounds and queue capacities are reached. Supported values: abort, caller-runs, discard abort: Aborts execution by throwing an appropriate exception to the caller caller-runs: The caller is considered to run the task if thread pool is unable to do so discard: The task is silently discarded. No exception is thrown. </nowiki>
| threadpool.properties:46
|-
| <nowiki>com.openexchange.threadpool.prestartAllCoreThreads</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Starts all core threads, causing them to idly wait for work. This overrides the default policy of starting core threads only when new tasks are executed. </nowiki>
| threadpool.properties:7
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| token2sessionIdHz.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| token2sessionIdHz.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| token2sessionIdHz.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>token2sessionId-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| token2sessionIdHz.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>300</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. This value should be set equal to value of property "com.openexchange.tokenlogin.maxIdleTime" in file "tokenlogin.properties". Defaults to 300 (5 minutes). </nowiki>
| token2sessionIdHz.properties:33
|-
| <nowiki>com.openexchange.tokenlogin</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable or disable token-login </nowiki>
| tokenlogin.properties:4
|-
| <nowiki>com.openexchange.tokenlogin.maxIdleTime</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Specify the maximum time (in milliseconds) a token may be idle before it is evicted Default is 300000 (5 minutes) </nowiki>
| tokenlogin.properties:8
|-
| <nowiki>com.openexchange.mail.transport.enablePublishOnExceededQuota</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable to publish email attachments if quota is exceeded rather than throwing an appropriate error. ------- /!\ Please be aware that this option requires infostore module to be enabled! /!\ ------- </nowiki>
| transport.properties:15
|-
| <nowiki>com.openexchange.mail.transport.publishingPublicInfostoreFolder</nowiki>
| <nowiki>i18n-defined</nowiki>
| <nowiki>Specify the name of the publishing infostore folder which is created below public infostore folder. The denoted folder is created if absent only if "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled The special identifier "i18n-defined" indicates to use translation of text "E-Mail attachments". </nowiki>
| transport.properties:20
|-
| <nowiki>com.openexchange.mail.transport.publishPrimaryAccountOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether all accounts or only primary account are affected if property "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled. </nowiki>
| transport.properties:24
|-
| <nowiki>com.openexchange.mail.transport.sendAttachmentToExternalRecipients</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether external recipients shall receive file attachments instead of publication links although quota is exceeded if property "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled. </nowiki>
| transport.properties:28
|-
| <nowiki>com.openexchange.mail.transport.provideLinksInAttachment</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This options enables that publication links are provided in a separate "text/html" file attachment named "links.html, instead of inserting them to top of mail text. This avoids modification of original mail text. If set to "false", the publication links are inserted to top of mail text. </nowiki>
| transport.properties:33
|-
| <nowiki>com.openexchange.mail.transport.publishedDocumentTimeToLive</nowiki>
| <nowiki>604800000</nowiki>
| <nowiki>Define the time-to-live in milliseconds for published email attachments </nowiki>
| transport.properties:36
|-
| <nowiki>com.openexchange.mail.transport.referencedPartLimit</nowiki>
| <nowiki>1048576</nowiki>
| <nowiki>Define the limit in bytes for keeping an internal copy of a referenced MIME message's part when sending a mail. If a part exceeds this limit a temporary file is created holding part's copy </nowiki>
| transport.properties:4
|-
| <nowiki>com.openexchange.mail.transport.externalRecipientsLocale</nowiki>
| <nowiki>user-defined</nowiki>
| <nowiki>Set the identifier of the locale to use when composing text sent to external recipients; e.g "en", or "de" The special identifier "user-defined" indicates to use that locale from the user who sends the email. </nowiki>
| transport.properties:40
|-
| <nowiki>com.openexchange.mail.transport.removeMimeVersionInSubParts</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether to strictly obey suggestion in RFC 2045 The MIME-Version header field is required at the top level of a message, but is _not_ required for each body part of a multipart entity. If set to "true", each message is processed to not contain a MIME-Version header in sub-parts Default is "false" </nowiki>
| transport.properties:46
|-
| <nowiki>com.openexchange.mail.defaultTransportProvider</nowiki>
| <nowiki>smtp</nowiki>
| <nowiki>The transport provider fallback if an URL does not contain/define a protocol </nowiki>
| transport.properties:7
|-
| <nowiki>com.openexchange.twitter.http.proxyPort</nowiki>
| <nowiki></nowiki>
| <nowiki>The HTTP proxy port </nowiki>
| twitter.properties:10
|-
| <nowiki>com.openexchange.twitter.http.connectionTimeout</nowiki>
| <nowiki>20000</nowiki>
| <nowiki>Connection time out </nowiki>
| twitter.properties:13
|-
| <nowiki>com.openexchange.twitter.http.readTimeout</nowiki>
| <nowiki>120000</nowiki>
| <nowiki>Read time out </nowiki>
| twitter.properties:16
|-
| <nowiki>com.openexchange.twitter.http.retryCount</nowiki>
| <nowiki>3</nowiki>
| <nowiki>Retry count </nowiki>
| twitter.properties:19
|-
| <nowiki>com.openexchange.twitter.http.retryIntervalSecs</nowiki>
| <nowiki>10</nowiki>
| <nowiki>Retry interval seconds </nowiki>
| twitter.properties:22
|-
| <nowiki>com.openexchange.twitter.consumerKey</nowiki>
| <nowiki>kZX3V4AmAWwC53yA5RjHbQ</nowiki>
| <nowiki>The consumer key </nowiki>
| twitter.properties:28
|-
| <nowiki>com.openexchange.twitter.consumerSecret</nowiki>
| <nowiki>HvY7pVFFQSGPVu9LCoBMUhvMpS00qdtqBob99jucc</nowiki>
| <nowiki>The consumer secret </nowiki>
| twitter.properties:31
|-
| <nowiki>com.openexchange.twitter.clientVersion</nowiki>
| <nowiki>2.2.3</nowiki>
| <nowiki>The client version string </nowiki>
| twitter.properties:4
|-
| <nowiki>com.openexchange.twitter.http.proxyHost</nowiki>
| <nowiki></nowiki>
| <nowiki>The HTTP proxy host </nowiki>
| twitter.properties:7
|-
| <nowiki>com.openexchange.messaging.twitter</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the twitter messaging service is available </nowiki>
| twittermessaging.properties:2
|-
| <nowiki>com.openexchange.oauth.twitter</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable Twitter OAuth bundle </nowiki>
| twitteroauth.properties:4
|-
| <nowiki>ui/global/toolbar/mode/value</nowiki>
| <nowiki>tabbased</nowiki>
| <nowiki>UI: Toolbar type Possible values: tabbased|simple </nowiki>
| ui.properties:11
|-
| <nowiki>ui/global/toolbar/mode/configurable</nowiki>
| <nowiki>true</nowiki>
| <nowiki>All user to configure the latter Possible values: true|false </nowiki>
| ui.properties:15
|-
| <nowiki>ui/mail/showContactImage/value </nowiki>
| <nowiki> true</nowiki>
| <nowiki>UI: Show contact images in email view Possible values: true|false </nowiki>
| ui.properties:19
|-
| <nowiki>ui/mail/showContactImage/configurable </nowiki>
| <nowiki> true</nowiki>
| <nowiki>All user to configure the latter Possible values: true|false Please configure the ui.yml accordingly. </nowiki>
| ui.properties:24
|-
| <nowiki>ui/mail/replyTo/configurable </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Allow user to configure a reply-to address Possible values: true|false </nowiki>
| ui.properties:28
|-
| <nowiki>ui/global/windows/mode/value</nowiki>
| <nowiki>embedded</nowiki>
| <nowiki>UI: Window manager Possible values: embedded and popups </nowiki>
| ui.properties:3
|-
| <nowiki>ui/portal/autoRefresh </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Auto refresh portal page Possible values: true|false Whenever the user accesses the portal, all visible widgets get refreshed (mail, calendar, contacts etc.). Default is false. </nowiki>
| ui.properties:34
|-
| <nowiki>ui/portal/customUWA </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Allow custom UWA widgets Possible values: true|false Disables add, remove, edit in UI. Default is true. </nowiki>
| ui.properties:39
|-
| <nowiki>ui/global/expert/mode/configurable </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Allow disabling of expert mode Possible values: true|false value does not affect user setting. reserved for future use. </nowiki>
| ui.properties:44
|-
| <nowiki>ui/global/expert/mode/value </nowiki>
| <nowiki> false</nowiki>
| <nowiki></nowiki>
| ui.properties:45
|-
| <nowiki>ui/global/windows/mode/configurable</nowiki>
| <nowiki>true</nowiki>
| <nowiki>All user to configure the latter Possible values: true|false </nowiki>
| ui.properties:7
|-
| <nowiki>com.openexchange.outlook.updater.allowEditUrl</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Set this to false if users should not be able to change the URL that points to update.xml.
In that case the updater is delivered with an according installation parameter that forbids editing the URL. </nowiki>
| updater.properties
|-
| <nowiki>modules/com.openexchange.upsell.multiple.gui/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| upsell-multiple-gui.properties:1
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.oxuser.template_subject</nowiki>
| <nowiki>/opt/open-xchange/etc/groupware/upsell_mail_subject_ox_enduser.tmpl</nowiki>
| <nowiki> Subject to use for emails which are sent to the ox enduser. If you need i18n support, create template with suffix "_<LANGUAGE_CODE>" Example: upsell_mail_subject_ox_enduser.tmpl_de_DE For placeholders, see above. </nowiki>
| upsell.properties:102
|-
| <nowiki>com.openexchange.upsell.multiple.servlet</nowiki>
| <nowiki>/ajax/upsell/multiple</nowiki>
| <nowiki> The next property defines the mount point of the servlet </nowiki>
| upsell.properties:109
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.host</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki> FOR TESTING, DEMO ONLY. DO NOT TOUCH IF YOU DONT KNOW WHAT THESE OPTIONS MEAN! OX API RMI Host, IF not localhost, make sure the OX accepts remote RMI connections! See AdminDaemon.properties for enabling remote connections. </nowiki>
| upsell.properties:117
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.masteradmin</nowiki>
| <nowiki>oxadminmaster</nowiki>
| <nowiki> OX API RMI Masteradmin </nowiki>
| upsell.properties:122
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.masteradmin.pass</nowiki>
| <nowiki>secret</nowiki>
| <nowiki> OX API RMI Masteradmin Password </nowiki>
| upsell.properties:127
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.downgrade.accessname</nowiki>
| <nowiki>pim</nowiki>
| <nowiki> Which access-combination-name should be used for downgrading the context </nowiki>
| upsell.properties:132
|-
| <nowiki>com.openexchange.upsell.multiple.method.external.shop_api_url</nowiki>
| <nowiki>http://shop.host.com/api/generateshopurl</nowiki>
| <nowiki>DISABLED AT THE MOMENT! URL of the external Interface to generate "upsell URL" for customers shop or control center URL will be used in a POST request with following parameters of the logged in ox user: src = "ox_upsell" user = <ox_username> userid = <ox_user_id> pwd = <ox_user_password> cid = <ox_user_cid> mail = <ox_user_mail> login = <ox_user_full_login_from_login_mask> imaplogin = <ox_user_imap_login> clicked_feat = <clicked_feature_at_gui> upsell_plan = <clicked_upsell_plan> </nowiki>
| upsell.properties:151
|-
| <nowiki>com.openexchange.upsell.multiple.method</nowiki>
| <nowiki>static</nowiki>
| <nowiki> Define which Upsell method should be used Possible values: a) direct b) static, c) email direct = Redirect within IFRAME immediately to com.openexchange.upsell.multiple.method.static.shop_redir_url value after clicking one of the upsell triggers static = Redirect AFTER clicking a button within the shipped OX Upsell pages email = Send email to specific address AFTER clicking a button within the shipped OX Upsell pages </nowiki>
| upsell.properties:33
|-
| <nowiki>com.openexchange.upsell.multiple.method.static.shop_redir_url</nowiki>
| <nowiki>http://shop.host.tld/?shop=true&src=ox&user=_USER_&userid=_USERID_&mail=_MAIL_&login=_LOGIN_&imaplogin=_IMAPLOGIN_&clicked_feat=_CLICKED_FEATURE_&lang=_LANG_&cid=_CID_</nowiki>
| <nowiki>b) Defines the static URL to redirect with all parameters we can pass , see below for all possible parameters </nowiki>
| upsell.properties:39
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.address</nowiki>
| <nowiki>upsell@shop.host.tld</nowiki>
| <nowiki>c) Defines the email address where upsell will send all infos to for processing this request </nowiki>
| upsell.properties:45
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.template</nowiki>
| <nowiki>/opt/open-xchange/etc/groupware/upsell_mail_body.tmpl</nowiki>
| <nowiki> Email template to load, if not found, hardcoded text will be used. Following placeholders will be replaced by ox users data: "_USER_" "_USERID_" "_MAIL_" "_LOGIN_" "_IMAPLOGIN" "_CLICKED_FEATURE_" "_UPSELL_PLAN_" - Not in use. "_CID_" "_LANG_" "_PURCHASE_TYPE_" - Only used if email or static method is used due to the OX upsell layout/buttons "_INVITE_" - User checked "invite my friends" checkbox in upsell box </nowiki>
| upsell.properties:63
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.subject</nowiki>
| <nowiki>OX upsell in context _CID_ for user _USERID_ (_USER_) with email _MAIL_ was requested by clicking _CLICKED_FEATURE_</nowiki>
| <nowiki> Mail subject to use when sending upsell request mails. See available placeholders in option above </nowiki>
| upsell.properties:68
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.oxuser.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki> Send info email to ox enduser to inform about upsell? </nowiki>
| upsell.properties:74
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.oxuser.template</nowiki>
| <nowiki>/opt/open-xchange/etc/groupware/upsell_mail_body_ox_enduser.tmpl</nowiki>
| <nowiki>Following placeholders can be replaced by ox users data: "_USER_" "_USERID_" "_MAIL_" "_LOGIN_" "_IMAPLOGIN" "_CLICKED_FEATURE_" "_UPSELL_PLAN_" - Not in use. "_CID_" "_LANG_" "_PURCHASE_TYPE_" - Only used if email or static method is used due to the OX upsell layout/buttons </nowiki>
| upsell.properties:94
|-
| <nowiki>com.openexchange.user.contactCollectOnMailAccess</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define the default behavior whether to collect contacts on mail access Note: Appropriate user access permission still needs to be granted in order to take effect </nowiki>
| user.properties:11
|-
| <nowiki>com.openexchange.user.contactCollectOnMailTransport</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define the default behavior whether to collect contacts on mail transport Note: Appropriate user access permission still needs to be granted in order to take effect </nowiki>
| user.properties:15
|-
| <nowiki>com.openexchange.user.maxClientCount</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specify the max. allowed number of client identifiers stored/tracked per user A value equal to or less than zero means unlimited Default is -1 </nowiki>
| user.properties:20
|-
| <nowiki>com.openexchange.user.beta</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specify whether beta features are enabled/disabled per default. The value is remembered for every user in its attributes. </nowiki>
| user.properties:4
|-
| <nowiki>com.openexchange.folder.tree</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Defines the default folder tree that should be used if a user has not selected one. </nowiki>
| user.properties:7
|-
| <nowiki>com.openexchange.oauth.xing.apiSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_SECRET</nowiki>
| <nowiki>The API secret </nowiki>
| xingoauth.properties:10
|-
| <nowiki>com.openexchange.oauth.xing.consumerKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_CONSUMER_KEY</nowiki>
| <nowiki>The consumer key (for upsell) </nowiki>
| xingoauth.properties:13
|-
| <nowiki>com.openexchange.oauth.xing.consumerSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_CONSUMER_SECRET</nowiki>
| <nowiki>The consumer secret (for upsell) </nowiki>
| xingoauth.properties:16
|-
| <nowiki>com.openexchange.oauth.xing</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable </nowiki>
| xingoauth.properties:4
|-
| <nowiki>com.openexchange.oauth.xing.apiKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_KEY</nowiki>
| <nowiki>The API key </nowiki>
| xingoauth.properties:7
|-
| <nowiki>com.openexchange.subscribe.socialplugin.xing</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable XING subscribe service </nowiki>
| xingsubscribe.properties:4
|-
| <nowiki>com.openexchange.oauth.yahoo</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable Yahoo OAuth support </nowiki>
| yahoooauth.properties:2
|-
| <nowiki>com.openexchange.oauth.yahoo.apiKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_VALUE_OBTAINED_FROM_YAHOO</nowiki>
| <nowiki></nowiki>
| yahoooauth.properties:4
|-
| <nowiki>com.openexchange.oauth.yahoo.apiSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_VALUE_OBTAINED_FROM_YAHOO</nowiki>
| <nowiki></nowiki>
| yahoooauth.properties:5
|-
| <nowiki>com.openexchange.subscribe.socialplugin.yahoo</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| yahoosubscribe.properties:1
|-
| <nowiki>com.openexchange.subscribe.socialplugin.yahoo.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| yahoosubscribe.properties:2
|}
[[Category:OX6]] [[Category:AppSuite]] [[Category:Administrator]] [[Category:Configuration]] [[Category:Generated]]

AppSuite:Configuration properties 7.6.1

2017-06-13T10:14:03Z

Ioannis.chouklis:

{{Version|7.6.1}}
This is an overview of all configuration parameters for the AppSuite backend. By default, this list is sorted by the .properties files they appear in.
Yet for most parameters, it does not really matter in which file are found. This does not apply to some core configuration files which are explicitly loaded by name. For these, you cannot re-define the value in another file:

<code>AdminUser.properties, filestorage.properties, Group.properties, mailfilter.properties, ModuleAccessDefinitions.properties, recaptcha.properties, recaptcha_options.properties, Resource.properties, RMI.properties, Sql.properties</code>

{|width="100%" style="table-layout: fixed" class='wikitable sortable properties-table' border='1'
! scope="col" width="30%" class="key" | Key
! scope="col" width="20%" class="value"| Default value
! scope="col" width="35%" class="comment"| Comment
! scope="col" width="15%" class="location"| File
|-
| <nowiki>USER_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXUserMySQLStorage</nowiki>
| <nowiki></nowiki>
| AdminDaemon.properties:11
|-
| <nowiki>GROUP_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXGroupMySQLStorage</nowiki>
| <nowiki></nowiki>
| AdminDaemon.properties:12
|-
| <nowiki>RESOURCE_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXResourceMySQLStorage</nowiki>
| <nowiki></nowiki>
| AdminDaemon.properties:13
|-
| <nowiki>CONCURRENT_JOBS</nowiki>
| <nowiki>2</nowiki>
| <nowiki>how many jobs should be executed concurrently </nowiki>
| AdminDaemon.properties:16
|-
| <nowiki>MASTER_AUTHENTICATION_DISABLED</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Disabling authentication for system calls like context/server etc. creation! ONLY USE THIS SWITCH IF YOU EXACTLY KNOW WHAT YOU DO!!! </nowiki>
| AdminDaemon.properties:3
|-
| <nowiki>CONTEXT_AUTHENTICATION_DISABLED</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Disabling authentication for context calls like user/group etc. creation! This also disables authentication for calls which a "normal" user can make like change his own data or get his own data! ONLY USE THIS SWITCH IF YOU EXACTLY KNOW WHAT YOU DO!!! </nowiki>
| AdminDaemon.properties:9
|-
| <nowiki>CHECK_USER_UID_REGEXP</nowiki>
| <nowiki>[$@%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:10
|-
| <nowiki>SENT_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Elementy wys\u0142ane</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:102
|-
| <nowiki>TRASH_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Kosz</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:103
|-
| <nowiki>DRAFTS_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Szkice</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:104
|-
| <nowiki>SPAM_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:105
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Potwierdzony spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:106
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_PL_PL</nowiki>
| <nowiki>Potwierdzony nie-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:107
|-
| <nowiki>SENT_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta inviata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:111
|-
| <nowiki>TRASH_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Cestino</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:112
|-
| <nowiki>DRAFTS_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Bozze</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:113
|-
| <nowiki>SPAM_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta Indesiderata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:114
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta indesiderata accertata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:115
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_IT_IT</nowiki>
| <nowiki>Posta attendibile accertata</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:116
|-
| <nowiki>SENT_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5df2\u53d1\u9001\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:120
|-
| <nowiki>TRASH_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5783\u573e\u7b52</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:121
|-
| <nowiki>DRAFTS_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u8349\u7a3f</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:122
|-
| <nowiki>SPAM_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5783\u573e\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:123
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5df2\u786e\u8ba4\u7684\u5783\u573e\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:124
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_ZH_CN</nowiki>
| <nowiki>\u5df2\u786e\u8ba4\u7684\u6b63\u5e38\u90ae\u4ef6</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:125
|-
| <nowiki>SENT_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Odeslan\u00e9 polo\u017eky</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:129
|-
| <nowiki>AUTO_TO_LOWERCASE_UID</nowiki>
| <nowiki>false</nowiki>
| <nowiki>this will lowercase the uid </nowiki>
| AdminUser.properties:13
|-
| <nowiki>TRASH_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Ko\u0161</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:130
|-
| <nowiki>DRAFTS_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Koncepty</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:131
|-
| <nowiki>SPAM_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:132
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Potvrzen\u00fd spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:133
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_CS_CZ</nowiki>
| <nowiki>Potvrzen\u00e1 norm\u00e1ln\u00ed po\u0161ta</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:134
|-
| <nowiki>SENT_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Elk\u00fcld\u00f6tt elemek</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:138
|-
| <nowiki>TRASH_MAILFOLDER_HU_HU</nowiki>
| <nowiki>T\u00f6r\u00f6lt elemek</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:139
|-
| <nowiki>DRAFTS_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Piszkozatok</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:140
|-
| <nowiki>SPAM_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Lev\u00e9lszem\u00e9t</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:141
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Elfogadott k\u00e9retlen</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:142
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_HU_HU</nowiki>
| <nowiki>Elfogadott \u00e1l-k\u00e9retlen</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:143
|-
| <nowiki>SENT_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Odoslan\u00e9 polo\u017eky</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:147
|-
| <nowiki>TRASH_MAILFOLDER_SK_SK</nowiki>
| <nowiki>K\u00f4\u0161</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:148
|-
| <nowiki>DRAFTS_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Rozp\u00edsan\u00e9</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:149
|-
| <nowiki>SPAM_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:150
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Potvrden\u00fd spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:151
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_SK_SK</nowiki>
| <nowiki>Potvrden\u00e9 ako nie spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:152
|-
| <nowiki>SENT_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Nos\u016Bt\u012Bt\u0101s vien\u012Bbas</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:156
|-
| <nowiki>TRASH_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Atkritumi</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:157
|-
| <nowiki>DRAFTS_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Melnraksti</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:158
|-
| <nowiki>SPAM_MAILFOLDER_LV_LV</nowiki>
| <nowiki>M\u0113stules</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:159
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Apstiprin\u0101ta "m\u0113stule"</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:160
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_LV_LV</nowiki>
| <nowiki>Apstiprin\u0101ts "ham"</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:161
|-
| <nowiki>USERNAME_CHANGEABLE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>WARNING: Changing the username might have impact on external systems like imap server that allows acls to be set. Imap ACLS usually use symbolic names so when changing the user name without changing the ACL breaks the ACL. open-xchange-admin will NOT change those ACLS, so DO NOT CHANGE THIS SETTING ON OX Express </nowiki>
| AdminUser.properties:20
|-
| <nowiki>PRIMARY_MAIL_UNCHANGEABLE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Here you can set whether the primary mail address can be changed or not. If set to false, it is possible to change the primary mail address. Only change, if you know what you are doing (Outlook might not work anymore under certain circumstances) Default is: false </nowiki>
| AdminUser.properties:27
|-
| <nowiki>DEFAULT_PASSWORD_MECHANISM</nowiki>
| <nowiki>SHA</nowiki>
| <nowiki>specify the default password mechanism to use possible values: CRYPT / SHA / BCRYPT </nowiki>
| AdminUser.properties:3
|-
| <nowiki>SENT_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Gesendete Objekte</nowiki>
| <nowiki>default mail folder fallback if not sent by rmi client: </nowiki>
| AdminUser.properties:30
|-
| <nowiki>TRASH_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Papierkorb</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:31
|-
| <nowiki>DRAFTS_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Entw\u00fcrfe</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:32
|-
| <nowiki>SPAM_MAILFOLDER_DE_DE</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:33
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_DE_DE</nowiki>
| <nowiki>confirmed-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:34
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_DE_DE</nowiki>
| <nowiki>confirmed-ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:35
|-
| <nowiki>SENT_MAILFOLDER_EN_GB</nowiki>
| <nowiki>SentMail</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:39
|-
| <nowiki>TRASH_MAILFOLDER_EN_GB</nowiki>
| <nowiki>Trash</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:40
|-
| <nowiki>DRAFTS_MAILFOLDER_EN_GB</nowiki>
| <nowiki>Drafts</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:41
|-
| <nowiki>SPAM_MAILFOLDER_EN_GB</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:42
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_EN_GB</nowiki>
| <nowiki>confirmed-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:43
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_EN_GB</nowiki>
| <nowiki>confirmed-ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:44
|-
| <nowiki>SENT_MAILFOLDER_EN_US</nowiki>
| <nowiki>Sent Items</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:48
|-
| <nowiki>TRASH_MAILFOLDER_EN_US</nowiki>
| <nowiki>Trash</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:49
|-
| <nowiki>DRAFTS_MAILFOLDER_EN_US</nowiki>
| <nowiki>Drafts</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:50
|-
| <nowiki>SPAM_MAILFOLDER_EN_US</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:51
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_EN_US</nowiki>
| <nowiki>confirmed-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:52
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_EN_US</nowiki>
| <nowiki>confirmed-ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:53
|-
| <nowiki>SENT_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Objets envoy\u00e9s</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:57
|-
| <nowiki>TRASH_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Corbeille</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:58
|-
| <nowiki>DRAFTS_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Brouillons</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:59
|-
| <nowiki>UID_NUMBER_START</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>set to > 0 to use the uidnumber feature </nowiki>
| AdminUser.properties:6
|-
| <nowiki>SPAM_MAILFOLDER_FR_FR</nowiki>
| <nowiki>Pourriel</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:60
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_FR_FR</nowiki>
| <nowiki>pourriel-confirme</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:61
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_FR_FR</nowiki>
| <nowiki>non-pourriel-confirme</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:62
|-
| <nowiki>SENT_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Verzonden items</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:66
|-
| <nowiki>TRASH_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Prullenbak</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:67
|-
| <nowiki>DRAFTS_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Concepten</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:68
|-
| <nowiki>SPAM_MAILFOLDER_NL_NL</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:69
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_NL_NL</nowiki>
| <nowiki>bevestigde spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:70
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_NL_NL</nowiki>
| <nowiki>bevestigde ham</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:71
|-
| <nowiki>SENT_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Skickat</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:75
|-
| <nowiki>TRASH_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Papperskorgen</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:76
|-
| <nowiki>DRAFTS_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Utkast</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:77
|-
| <nowiki>SPAM_MAILFOLDER_SV_SV</nowiki>
| <nowiki>Skr\u00E4ppost</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:78
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_SV_SV</nowiki>
| <nowiki>bekr\u00E4ftad-skr\u00E4ppost</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:79
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_SV_SV</nowiki>
| <nowiki>felaktigt-bekr\u00E4ftad-spam</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:80
|-
| <nowiki>SENT_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Elementos enviados</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:84
|-
| <nowiki>TRASH_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Papelera</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:85
|-
| <nowiki>DRAFTS_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Borradores</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:86
|-
| <nowiki>SPAM_MAILFOLDER_ES_ES</nowiki>
| <nowiki>Correo no deseado</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:87
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_ES_ES</nowiki>
| <nowiki>correo basura confirmado</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:88
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_ES_ES</nowiki>
| <nowiki>correo leg\u00EDtimo confirmado</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:89
|-
| <nowiki>CHECK_USER_UID_FOR_NOT_ALLOWED_CHARS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>this will check the user name using the check below </nowiki>
| AdminUser.properties:9
|-
| <nowiki>SENT_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u9001\u4FE1\u6E08\u30A2\u30A4\u30C6\u30E0</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:93
|-
| <nowiki>TRASH_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u524A\u9664\u6E08\u307F\u30A2\u30A4\u30C6\u30E0</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:94
|-
| <nowiki>DRAFTS_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u4E0B\u66F8\u304D</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:95
|-
| <nowiki>SPAM_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u8FF7\u60D1\u30E1\u30FC\u30EB</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:96
|-
| <nowiki>CONFIRMED_SPAM_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u8FF7\u60D1\u30E1\u30FC\u30EB\uFF08\u78BA\u8A8D\u6E08\uFF09</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:97
|-
| <nowiki>CONFIRMED_HAM_MAILFOLDER_JA_JP</nowiki>
| <nowiki>\u4E00\u822C\u30E1\u30FC\u30EB\uFF08\u78BA\u8A8D\u6E08\uFF09</nowiki>
| <nowiki></nowiki>
| AdminUser.properties:98
|-
| <nowiki>verbosity</nowiki>
| <nowiki>1</nowiki>
| <nowiki>verbosity: The level of messages for status/debug (messages go to standard output). The setting here is for your own local catalogs. The verbosity of Forrest's core catalogs is controlled via main/webapp/WEB-INF/cocoon.xconf The following messages are provided ... 0 = none 1 = ? (... not sure yet) 2 = 1+, Loading catalog, Resolved public, Resolved system 3 = 2+, Catalog does not exist, resolvePublic, resolveSystem 10 = 3+, List all catalog entries when loading a catalog (Cocoon also logs the "Resolved public" messages.) </nowiki>
| CatalogManager.properties:41
|-
| <nowiki>catalogs</nowiki>
| <nowiki>../resources/schema/catalog.xcat</nowiki>
| <nowiki>catalogs ... list of additional catalogs to load (Note that Apache Forrest will automatically load its own default catalog from main/webapp/resources/schema/catalog.xcat) Use either full pathnames or relative pathnames. pathname separator is always semi-colon (;) regardless of operating system directory separator is always slash (/) regardless of operating system </nowiki>
| CatalogManager.properties:49
|-
| <nowiki>relative-catalogs</nowiki>
| <nowiki>no</nowiki>
| <nowiki>relative-catalogs If false, relative catalog URIs are made absolute with respect to the base URI of the CatalogManager.properties file. This setting only applies to catalog URIs obtained from the catalogs property in the CatalogManager.properties file Example: relative-catalogs=[yes|no] </nowiki>
| CatalogManager.properties:57
|-
| <nowiki>GID_NUMBER_START</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>set to higher than 0 to enable gid number feature </nowiki>
| Group.properties:2
|-
| <nowiki>CHECK_GROUP_UID_FOR_NOT_ALLOWED_CHARS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>this will check the group name using the check below </nowiki>
| Group.properties:5
|-
| <nowiki>CHECK_GROUP_UID_REGEXP</nowiki>
| <nowiki>[ $@%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki></nowiki>
| Group.properties:6
|-
| <nowiki>AUTO_TO_LOWERCASE_UID</nowiki>
| <nowiki>false</nowiki>
| <nowiki>this will lowercase the uid </nowiki>
| Group.properties:9
|-
| <nowiki>webmail_plus</nowiki>
| <nowiki>contacts,webmail</nowiki>
| <nowiki>this are the deprecated definitions of module access combinations. please use the newly defined sets. </nowiki>
| ModuleAccessDefinitions.properties:40
|-
| <nowiki>pim_plus</nowiki>
| <nowiki>contacts,webmail,calendar,tasks</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:41
|-
| <nowiki>groupware_plus</nowiki>
| <nowiki>contacts,webmail,calendar,delegatetask,tasks,editpublicfolders,infostore,publicfoldereditable,readcreatesharedfolders</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:42
|-
| <nowiki>premium</nowiki>
| <nowiki>contacts,webmail,calendar,delegatetask,tasks,editpublicfolders,infostore,publicfoldereditable,readcreatesharedfolders,ical,vcard,webdav</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:43
|-
| <nowiki>groupware</nowiki>
| <nowiki>calendar,contacts,delegatetask,editpublicfolders,ical,infostore,publicfoldereditable,readcreatesharedfolders,tasks,vcard,webdav,webmail,editresource,editgroup,editpassword,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki>PLEASE Update accordingly when UPDATING "all" level! Includes all modules except mobility, </nowiki>
| ModuleAccessDefinitions.properties:47
|-
| <nowiki>webmail</nowiki>
| <nowiki>webmail,contacts,globaladdressbookdisabled,collectemailaddresses,editpassword</nowiki>
| <nowiki> </nowiki>
| ModuleAccessDefinitions.properties:50
|-
| <nowiki>pim</nowiki>
| <nowiki>webmail,calendar,contacts,tasks,globaladdressbookdisabled,collectemailaddresses,multiplemailaccounts,subscription,publication,editpassword</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:51
|-
| <nowiki>pim_infostore</nowiki>
| <nowiki>webmail,calendar,contacts,tasks,infostore,webdav,globaladdressbookdisabled,collectemailaddresses,multiplemailaccounts,subscription,publication,editpassword</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:52
|-
| <nowiki>pim_mobility</nowiki>
| <nowiki>webmail,calendar,contacts,tasks,syncml,usm,activesync,globaladdressbookdisabled,collectemailaddresses,multiplemailaccounts,subscription,publication,editpassword</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:53
|-
| <nowiki>groupware_standard</nowiki>
| <nowiki>webmail,calendar,contacts,infostore,tasks,webdav,ical,vcard,readcreatesharedfolders,delegatetask,editpublicfolders,editgroup,editresource,editpassword,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki>Groupware Standard always gets new features except mobility and OXtender. </nowiki>
| ModuleAccessDefinitions.properties:55
|-
| <nowiki>groupware_premium</nowiki>
| <nowiki>webmail,calendar,contacts,infostore,tasks,webdav,ical,vcard,syncml,usm,olox20,activesync,readcreatesharedfolders,delegatetask,editpublicfolders,editgroup,editresource,editpassword,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki></nowiki>
| ModuleAccessDefinitions.properties:56
|-
| <nowiki>all</nowiki>
| <nowiki>webmail,calendar,contacts,infostore,tasks,webdav,ical,vcard,syncml,usm,olox20,activesync,readcreatesharedfolders,delegatetask,editpublicfolders,editgroup,editresource,editpassword,publicfoldereditable,collectemailaddresses,multiplemailaccounts,subscription,publication</nowiki>
| <nowiki>By default 'all' is the same as 'groupware_premium', except the right 'publicfoldereditable'. As this right only applies to context administrators, 'all' is internally equivalent to 'groupware_premium' for normal users. </nowiki>
| ModuleAccessDefinitions.properties:59
|-
| <nowiki>CHECK_RES_UID_FOR_NOT_ALLOWED_CHARS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>this will check the resource name using the check below </nowiki>
| Resource.properties:2
|-
| <nowiki>CHECK_RES_UID_REGEXP</nowiki>
| <nowiki>[ $@%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki></nowiki>
| Resource.properties:3
|-
| <nowiki>AUTO_TO_LOWERCASE_UID</nowiki>
| <nowiki>false</nowiki>
| <nowiki>this will lowercase the uid </nowiki>
| Resource.properties:6
|-
| <nowiki>SERVLET_POOL_SIZE</nowiki>
| <nowiki> 1</nowiki>
| <nowiki>initial number of instances held in memory for each available single threaded servlet (single threaded servlets are deprecated and are not used by the open-xchange server) </nowiki>
| ajp.properties:13
|-
| <nowiki>AJP_SERVER_THREAD_SIZE</nowiki>
| <nowiki> 1</nowiki>
| <nowiki>Number of AJP server threads which create a client socket on an incoming request. This is the number of threads processing new opened AJP sockets. AJP sockets are kept alive by default therefore only one thread is recommended </nowiki>
| ajp.properties:18
|-
| <nowiki>AJP_LISTENER_POOL_SIZE</nowiki>
| <nowiki> 1</nowiki>
| <nowiki>AJP listener pool size number of initially created AJP listeners for processing incoming AJP requests This pool does grow dynamically but does not go below. </nowiki>
| ajp.properties:23
|-
| <nowiki>AJP_LISTENER_READ_TIMEOUT</nowiki>
| <nowiki> 60000</nowiki>
| <nowiki>The amount of time in milliseconds a listener is going to wait (or block) while waiting to read the initial bytes from web server from input stream 0 stands for unlimited and should not be changed because if the server does close connections here the sticky sessions would break. </nowiki>
| ajp.properties:29
|-
| <nowiki>AJP_KEEP_ALIVE_TIME</nowiki>
| <nowiki> 20000</nowiki>
| <nowiki>DEFINE THE AJP KEEP-ALIVE TIME. IF An INCOMIN REQUEST'S PROCESSING TIME EXCEEDS THIS VALUE, A KEEP-ALIVE IS FLUSHED TO WEB SERVER TO AVOID POSSIBLE TIMEOUTS ON SOCKET CONNECTION. A VALUE OF ZERO OR LESS DISABLES KEEP-ALIVE HEART BEAT </nowiki>
| ajp.properties:34
|-
| <nowiki>AJP_SERVLET_CONFIG_DIR</nowiki>
| <nowiki> null</nowiki>
| <nowiki>DEFINE THE DIRECTORY PATH THAT CARRIES SERVLETS' CONFIGURATION PROPERTIES. THE PROPERTIES DEFINED FOR A SERVLET CONSIST OF THREE PARTS: 1. THE GLOBAL PROPERTIES DIRECTLY LOCATED IN DIRECTORY PATH SPECIFIED BY THIS PROPERTY. THESE PROPERTIES APPLY TO ALL SERVLET INSTANCES 2. THE PATH-SPECIFIC PROPERTIES DEFINED IN A SUBDIRECTORY EQUAL TO SERVLET'S PATH 3. THE CLASS-SPECIFIC PROPERTIES DEFINED IN A FILE WHOSE NAMING IS EQUAL TO SERVLET CLASS' CANONICAL NAME WITH THE COMMON ".properties" PROPERTY FILE EXTENSION IF THIS VALUE IS LEFT TO "null" THIS PROPERTY FALLS BACK TO DEFAULT PATH: "/opt/open-xchange/etc/servletConfig" </nowiki>
| ajp.properties:47
|-
| <nowiki>AJP_LOG_FORWARD_REQUEST</nowiki>
| <nowiki> FALSE</nowiki>
| <nowiki>Logs corresponding AJP forward request if an unexpected empty body request is detected </nowiki>
| ajp.properties:51
|-
| <nowiki>AJP_BACKLOG</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specify the backlog for opened AJP server socket Default is zero; meaning using JVM's default backlog setting </nowiki>
| ajp.properties:8
|-
| <nowiki>basedir</nowiki>
| <nowiki>build</nowiki>
| <nowiki>base directory for the build scripts </nowiki>
| ant.properties:4
|-
| <nowiki>io.ox/core//theme</nowiki>
| <nowiki>default</nowiki>
| <nowiki></nowiki>
| appsuite.properties:1
|-
| <nowiki>io.ox/core/settingOptions//themes/default</nowiki>
| <nowiki>Default Theme</nowiki>
| <nowiki></nowiki>
| appsuite.properties:3
|-
| <nowiki>translator.get_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.IdListTranslator</nowiki>
| <nowiki>Translator configuration </nowiki>
| attachment-querybuilder.properties:12
|-
| <nowiki>get_request.id_field </nowiki>
| <nowiki> uuid</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:13
|-
| <nowiki>translator.all_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.AllTranslator</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:15
|-
| <nowiki>translator.custom </nowiki>
| <nowiki> com.openexchange.index.solr.internal.attachments.translators.CustomTranslator</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:17
|-
| <nowiki>field.param6 </nowiki>
| <nowiki> id</nowiki>
| <nowiki>Field configuration </nowiki>
| attachment-querybuilder.properties:2
|-
| <nowiki>handler.simple </nowiki>
| <nowiki> simpleSearch</nowiki>
| <nowiki>Handler configuration </nowiki>
| attachment-querybuilder.properties:5
|-
| <nowiki>handler.custom </nowiki>
| <nowiki> customSearch</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:6
|-
| <nowiki>handler.get_request </nowiki>
| <nowiki> getSearch</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:7
|-
| <nowiki>handler.all_request </nowiki>
| <nowiki> allSearch</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:8
|-
| <nowiki>handler.persons_and_topics </nowiki>
| <nowiki> personsAndTopics</nowiki>
| <nowiki></nowiki>
| attachment-querybuilder.properties:9
|-
| <nowiki>MAX_UPLOAD_SIZE</nowiki>
| <nowiki>10485760</nowiki>
| <nowiki>If the sum of all uploaded files (for contacts, appointments or tasks) in one request is larger than this value, the upload will be rejected. If this value is not set or 0, the more general MAX_UPLOAD_SIZE configured in server.properties will be used. If that value is also 0 or not set, uploads will be unrestricted. The size is in Bytes. </nowiki>
| attachment.properties:5
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| audit.properties:1
|-
| <nowiki>com.openexchange.audit.logging.FileAccessLogging.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Set to true to enable logging of file accesses and downloads </nowiki>
| audit.properties:10
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.pattern</nowiki>
| <nowiki>/var/log/open-xchange/audit.log</nowiki>
| <nowiki></nowiki>
| audit.properties:2
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| audit.properties:3
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.limit</nowiki>
| <nowiki>2097152</nowiki>
| <nowiki></nowiki>
| audit.properties:4
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.count</nowiki>
| <nowiki>99</nowiki>
| <nowiki></nowiki>
| audit.properties:5
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.formatter</nowiki>
| <nowiki>java.util.logging.SimpleFormatter</nowiki>
| <nowiki></nowiki>
| audit.properties:6
|-
| <nowiki>com.openexchange.audit.logging.AuditFileHandler.append</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| audit.properties:7
|-
| <nowiki>LDAP_HOST</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki></nowiki>
| authplugin.properties:1
|-
| <nowiki>LDAP_BASE</nowiki>
| <nowiki>dc=example,dc=org</nowiki>
| <nowiki></nowiki>
| authplugin.properties:2
|-
| <nowiki>LDAP_PORT</nowiki>
| <nowiki>389</nowiki>
| <nowiki></nowiki>
| authplugin.properties:3
|-
| <nowiki>LDAP_SEARCH</nowiki>
| <nowiki>(&(objectClass=oxdbObject)(uid=@USER@))</nowiki>
| <nowiki>search query to get the users ldap dn ,@USER@ will be replaced by the username </nowiki>
| authplugin.properties:5
|-
| <nowiki>LDAP_ATTRIBUTE</nowiki>
| <nowiki>mailPrimaryAddress</nowiki>
| <nowiki>which attribute should be parsed for the email adress (context=domainpart) </nowiki>
| authplugin.properties:7
|-
| <nowiki>USE_POOL</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| authplugin.properties:8
|-
| <nowiki>AUTOCID_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.autocontextid.storage.mysqlStorage.OXAutoCIDMySQLStorage</nowiki>
| <nowiki></nowiki>
| autocid.properties:1
|-
| <nowiki>com.openexchange.mail.autoconfig.path</nowiki>
| <nowiki>/opt/open-xchange/ispdb</nowiki>
| <nowiki>Path to the local configuration files for mail domains. See https://developer.mozilla.org/en/Thunderbird/Autoconfiguration </nowiki>
| autoconfig.properties:3
|-
| <nowiki>com.openexchange.mail.autoconfig.ispdb</nowiki>
| <nowiki>https://live.mozillamessaging.com/autoconfig/v1.1/</nowiki>
| <nowiki>The ISPDB is a central database, currently hosted by Mozilla Messaging, but free to use for any client. It contains settings for the world's largest ISPs. We hope that the database will soon have enough information to autoconfigure approximately 50% of our user's email accounts. </nowiki>
| autoconfig.properties:8
|-
| <nowiki>modules/com.openexchange.blackwhitelist/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property enables the Black-/Whitelist GUI-Plugin </nowiki>
| blackwhitelist_gui.properties:11
|-
| <nowiki>jcs.region.[REGIONNAME]</nowiki>
| <nowiki>LTCP</nowiki>
| <nowiki>It's important that cache entries don't get invalidated, since the cache may not be deterministic for LDAP contacts. Therefore, the properties 'MaxMemoryIdleTimeSeconds', 'MaxLifeSeconds' and 'IdleTime' should be set to '-1', while 'MaxObjects' should be configured large enough to hold all contacts from the directory. </nowiki>
| cache.properties:13
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes</nowiki>
| <nowiki>org.apache.jcs.engine.CompositeCacheAttributes</nowiki>
| <nowiki></nowiki>
| cache.properties:14
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MaxObjects</nowiki>
| <nowiki>1000000</nowiki>
| <nowiki></nowiki>
| cache.properties:15
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MemoryCacheName</nowiki>
| <nowiki>org.apache.jcs.engine.memory.lru.LRUMemoryCache</nowiki>
| <nowiki></nowiki>
| cache.properties:16
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.UseMemoryShrinker</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:17
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MaxMemoryIdleTimeSeconds</nowiki>
| <nowiki>-1</nowiki>
| <nowiki></nowiki>
| cache.properties:18
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.ShrinkerIntervalSeconds</nowiki>
| <nowiki>60</nowiki>
| <nowiki></nowiki>
| cache.properties:19
|-
| <nowiki>jcs.region.[REGIONNAME].cacheattributes.MaxSpoolPerRun</nowiki>
| <nowiki>500</nowiki>
| <nowiki></nowiki>
| cache.properties:20
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes</nowiki>
| <nowiki>org.apache.jcs.engine.ElementAttributes</nowiki>
| <nowiki></nowiki>
| cache.properties:21
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsEternal</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:22
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.MaxLifeSeconds</nowiki>
| <nowiki>-1</nowiki>
| <nowiki></nowiki>
| cache.properties:23
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IdleTime</nowiki>
| <nowiki>-1</nowiki>
| <nowiki></nowiki>
| cache.properties:24
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsSpool</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:25
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsRemote</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:26
|-
| <nowiki>jcs.region.[REGIONNAME].elementattributes.IsLateral</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| cache.properties:27
|-
| <nowiki>com.openexchange.caching.jcs.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specify whether JCS-based caching should be enabled Default is "true" </nowiki>
| cache.properties:5
|-
| <nowiki>com.openexchange.caching.jcs.eventInvalidation</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures how remote cache invalidation is done. Set to 'true' for cache events via the cache event messaging service, or to 'false' to stick with the JCS-internal lateral auxiliary cache configuration. Defaults to 'true'. </nowiki>
| cache.properties:9
|-
| <nowiki>com.openexchange.caldav.interval.start</nowiki>
| <nowiki>one_month</nowiki>
| <nowiki>Appointments and tasks are available via the CalDAV interface if they fall into a configurable timeframe. This value specifies the start time of this interval, i.e. how far past appointments should be considered. More formal, this value defines the negative offset relative to the current date representing the minimum end time of appointments to be synchronized. Possible values are "one_month" (default), "one_year" and "six_months". </nowiki>
| caldav.properties:13
|-
| <nowiki>com.openexchange.caldav.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether CalDAV is enabled or not </nowiki>
| caldav.properties:2
|-
| <nowiki>com.openexchange.caldav.interval.end</nowiki>
| <nowiki>one_year</nowiki>
| <nowiki>Appointments and tasks are available via the CalDAV interface if they fall into a configurable timeframe. This value specifies the end time of this interval, i.e. how far future appointments should be considered. More formal, this value defines the positive offset relative to the current date representing the maximum start time of appointments to be synchronized. Possible values are "one_year" (default) and "two_years". </nowiki>
| caldav.properties:21
|-
| <nowiki>com.openexchange.caldav.url</nowiki>
| <nowiki>https://[hostname]/caldav/[folderId]</nowiki>
| <nowiki>Tells users where to find a caldav folder. This can be displayed in frontends. You can use the variables [hostname] and [folderId] If you chose to deploy caldav as a virtual host (say 'dav.open-xchange.com') use https://dav.open-xchange.com/caldav/[folderId] as the value If you are using user-agent sniffing use https://[hostname]/caldav/[folderId] </nowiki>
| caldav.properties:29
|-
| <nowiki>com.openexchange.caldav.tree</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Configures the ID of the folder tree used by the CalDAV interface </nowiki>
| caldav.properties:5
|-
| <nowiki>cp_dayview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:1
|-
| <nowiki>cp_monthview_list.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:2
|-
| <nowiki>cp_monthview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:3
|-
| <nowiki>cp_weekview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:4
|-
| <nowiki>cp_workweekview_table.tmpl </nowiki>
| <nowiki> calendar, printing</nowiki>
| <nowiki></nowiki>
| calendar.printing.properties:5
|-
| <nowiki>com.openexchange.carddav.tree</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Configures the ID of the folder tree used by the CardDAV interface </nowiki>
| carddav.properties:11
|-
| <nowiki>com.openexchange.carddav.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether CardDAV is enabled or not </nowiki>
| carddav.properties:2
|-
| <nowiki>com.openexchange.carddav.exposedCollections</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Controls which collections are exposed via the CardDAV interface. Possible values are '0', '1' and '2'. A value of '1' makes each visible folder available as a resource collection, while '2' only exposes an aggregated collection containing all contact resources from all visible folders. The default value '0' exposes either an aggregated collection or individual collections for each folder, depending on the client's user-agent that is matched against the pattern in 'userAgentForAggregatedCollection'. </nowiki>
| carddav.properties:20
|-
| <nowiki>com.openexchange.carddav.userAgentForAggregatedCollection</nowiki>
| <nowiki>.*CFNetwork.*Darwin.*|.*AddressBook.*CardDAVPlugin.*Mac_OS_X.*|.*Mac OS X.*AddressBook.*</nowiki>
| <nowiki>Regular expression to match against the client's user-agent to decide whether the aggregated collection is exposed or not. The default pattern matches all known varieties of the Mac OS Addressbook client, that doesn't support multiple collections. Only used if 'exposedCollections' is set to '0'. The pattern is used case insensitive. </nowiki>
| carddav.properties:27
|-
| <nowiki>com.openexchange.carddav.reducedAggregatedCollection</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies if all visible folders are used to create the aggregated collection, or if a reduced set of folders only containing the global addressbook and the personal contacts folders should be used. This setting only influences the aggregated collection that is used for clients that don't support multiple collections. Possible values are 'true' and 'false. </nowiki>
| carddav.properties:34
|-
| <nowiki>com.openexchange.carddav.ignoreFolders</nowiki>
| <nowiki></nowiki>
| <nowiki>A comma-separated list of folder IDs to exclude from the synchronization. Use this to disable syncing of very large folders (e.g. the global address list in large contexts, which always has ID 6). By default, no folders are excluded. </nowiki>
| carddav.properties:8
|-
| <nowiki>com.openexchange.passwordchange.script.shellscript</nowiki>
| <nowiki>/bin/changepwd.sh</nowiki>
| <nowiki>Script which updates the users passwd Must be executable (+x) and correct interpreter set (#!/bin/bash) Following values are passed by the servlet to the script: 1. --cid - Context ID 2. --username - Username of the logged in user 3. --userid - User ID of the logged in user 4. --oldpassword - Old user password 5. --newpassword - New user password see http://oxpedia.org/wiki/index.php?title=ChangePasswordExternal for some examples If script does not exit with status code 0 , an io-error is shown in the GUI. the following exit codes will display a defined error: 1: Cannot change password < %s >, see logfiles for details. 2: New password is too short 3: New password is too weak 4: Cannot find user 5: LDAP error </nowiki>
| change_pwd_script.properties:25
|-
| <nowiki>com.openexchange.database.replicationMonitor</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property allows to disable the replication monitor. This option is only useful if you have a MySQL master and slave setup. If the application code releases a connection to the MySQL master, a writing operation on the database is assumed. To be able to monitor the replication to the slave, a counter is increased after releasing the connection. Reading this counter from the slave indicates, the write operation is not replicated yet and instead of a slave connection a master connection is then used to read data. This prevents data reading inconsistencies. Unfortunately will this produce additional IO load on MySQL master and slave. This mechanism can be disabled with the following property. This saves IO load but it may cause data inconsistencies. Especially newly created objects can disappear in the following refresh requests. </nowiki>
| configdb.properties:102
|-
| <nowiki>com.openexchange.database.checkWriteCons</nowiki>
| <nowiki>false</nowiki>
| <nowiki>If com.openexchange.database.checkWriteCons is set to true, a warning will be logged every time when a writable connection is used to perform only SELECT queries. Default is 'false' to avoid flooding of log files. </nowiki>
| configdb.properties:106
|-
| <nowiki>readProperty.1</nowiki>
| <nowiki>user=openexchange</nowiki>
| <nowiki>username for the database user </nowiki>
| configdb.properties:11
|-
| <nowiki>readProperty.2</nowiki>
| <nowiki>password=secret</nowiki>
| <nowiki>password for the database user </nowiki>
| configdb.properties:13
|-
| <nowiki>readProperty.3</nowiki>
| <nowiki>useUnicode=true</nowiki>
| <nowiki>The driver properties should be kept at their defaults. </nowiki>
| configdb.properties:15
|-
| <nowiki>readProperty.4</nowiki>
| <nowiki>characterEncoding=UTF-8</nowiki>
| <nowiki></nowiki>
| configdb.properties:16
|-
| <nowiki>readProperty.5</nowiki>
| <nowiki>autoReconnect=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:17
|-
| <nowiki>readProperty.6</nowiki>
| <nowiki>useServerPrepStmts=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:18
|-
| <nowiki>readProperty.7</nowiki>
| <nowiki>useTimezone=true</nowiki>
| <nowiki></nowiki>
| configdb.properties:19
|-
| <nowiki>readProperty.8</nowiki>
| <nowiki>serverTimezone=UTC</nowiki>
| <nowiki></nowiki>
| configdb.properties:20
|-
| <nowiki>readProperty.9</nowiki>
| <nowiki>connectTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:21
|-
| <nowiki>readProperty.10</nowiki>
| <nowiki>socketTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:22
|-
| <nowiki>writeDriverClass</nowiki>
| <nowiki>com.mysql.jdbc.Driver</nowiki>
| <nowiki>the write connection must point to the database master </nowiki>
| configdb.properties:25
|-
| <nowiki>writeUrl</nowiki>
| <nowiki>jdbc:mysql://localhost/configdb</nowiki>
| <nowiki>writeURL holds the database host and the used schema name </nowiki>
| configdb.properties:27
|-
| <nowiki>writeProperty.1</nowiki>
| <nowiki>user=openexchange</nowiki>
| <nowiki>username for the database user </nowiki>
| configdb.properties:29
|-
| <nowiki>writeProperty.2</nowiki>
| <nowiki>password=secret</nowiki>
| <nowiki>password for the database user </nowiki>
| configdb.properties:31
|-
| <nowiki>writeProperty.3</nowiki>
| <nowiki>useUnicode=true</nowiki>
| <nowiki>The driver properties should be kept at their defaults </nowiki>
| configdb.properties:33
|-
| <nowiki>writeProperty.4</nowiki>
| <nowiki>characterEncoding=UTF-8</nowiki>
| <nowiki></nowiki>
| configdb.properties:34
|-
| <nowiki>writeProperty.5</nowiki>
| <nowiki>autoReconnect=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:35
|-
| <nowiki>writeProperty.6</nowiki>
| <nowiki>useServerPrepStmts=false</nowiki>
| <nowiki></nowiki>
| configdb.properties:36
|-
| <nowiki>writeProperty.7</nowiki>
| <nowiki>useTimezone=true</nowiki>
| <nowiki></nowiki>
| configdb.properties:37
|-
| <nowiki>writeProperty.8</nowiki>
| <nowiki>serverTimezone=UTC</nowiki>
| <nowiki></nowiki>
| configdb.properties:38
|-
| <nowiki>writeProperty.9</nowiki>
| <nowiki>connectTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:39
|-
| <nowiki>writeProperty.10</nowiki>
| <nowiki>socketTimeout=15000</nowiki>
| <nowiki></nowiki>
| configdb.properties:40
|-
| <nowiki>cleanerInterval</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Timeinterval of cleaner thread in milliseconds. This thread removes idle timed out database connections and removes not used database connection pools. after each cleanerInterval. </nowiki>
| configdb.properties:45
|-
| <nowiki>maxIdle</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Number of maximum idle connections. More connections aren't pooled and closed. -1 stands for unlimited. </nowiki>
| configdb.properties:54
|-
| <nowiki>maxIdleTime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>Maximum time in milliseconds a connection can be idle. If this time is exceeded, the connection gets closed. </nowiki>
| configdb.properties:58
|-
| <nowiki>maxActive</nowiki>
| <nowiki>100</nowiki>
| <nowiki>If exhaustedAction is set to BLOCK, not more than maxActive connections will be opened to the mysql database. This value is overwritten for OX databases from configdb. </nowiki>
| configdb.properties:63
|-
| <nowiki>maxWait</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>If exhaustedAction is set to BLOCK, a thread will not wait for more than maxWait milliseconds. </nowiki>
| configdb.properties:67
|-
| <nowiki>readDriverClass</nowiki>
| <nowiki>com.mysql.jdbc.Driver</nowiki>
| <nowiki>the read connection must point to the database slave </nowiki>
| configdb.properties:7
|-
| <nowiki>maxLifeTime</nowiki>
| <nowiki>600000</nowiki>
| <nowiki>Maximum time in milliseconds a connection will be used. After this time the connection get closed. </nowiki>
| configdb.properties:71
|-
| <nowiki>exhaustedAction</nowiki>
| <nowiki>BLOCK</nowiki>
| <nowiki>BLOCK: If maxActive number of connections is reached threads have to wait for a connection. FAIL: If maxActive number of connections is reached an exception is thrown. GROW: Open more connections even if maxActive is already reached. This value is overwritten for OX databases from configdb. </nowiki>
| configdb.properties:77
|-
| <nowiki>testOnActivate</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Validate connections if they are activated. This is not necessary because the activation already includes a check if the connection isn't closed. </nowiki>
| configdb.properties:81
|-
| <nowiki>testOnDeactivate</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Check if connections can be reused after they are returned to the pool. </nowiki>
| configdb.properties:84
|-
| <nowiki>testOnIdle</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Not useful for connections. </nowiki>
| configdb.properties:87
|-
| <nowiki>readUrl</nowiki>
| <nowiki>jdbc:mysql://localhost/configdb</nowiki>
| <nowiki>readURL holds the database host and the used schema name </nowiki>
| configdb.properties:9
|-
| <nowiki>testThreads</nowiki>
| <nowiki>false</nowiki>
| <nowiki>if testThreads is set to true, more information is logged to the Open-Xchange log files about database connections. If this option is enabled the performance may degrade dramatically. The JVM has to generate then a lot of method call stack dumps. </nowiki>
| configdb.properties:93
|-
| <nowiki>URL</nowiki>
| <nowiki>http://localhost/?cid=%c&login=%u&pass=%p</nowiki>
| <nowiki>URL to the config interface. %c is replaced with context login information. %u is replaced with user login information. %p is replaced with user password. </nowiki>
| configjump.properties:5
|-
| <nowiki>validate_contact_email</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Check the entered email address from a new contact for correctness (syntactic check user@domain.tld) </nowiki>
| contact.properties:12
|-
| <nowiki>max_image_size</nowiki>
| <nowiki>4194304</nowiki>
| <nowiki>The maximum size in bytes for the upload of contact images. Remember: If you decrease the size after some images where uploaded already, you might trigger errors, for example when trying to modify the contact without adding an image of the correct size. </nowiki>
| contact.properties:16
|-
| <nowiki>com.openexchange.contact.mailAddressAutoSearch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Determines if a search is triggered if the dialog for searching for emailable contacts is opened. This dialog is used for selecting recipients for an email and for creating distribution lists. </nowiki>
| contact.properties:21
|-
| <nowiki>com.openexchange.contact.singleFolderSearch</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Searching for contacts can be done in a single folder or globally across all folders. Searching across all folders can cause high server and database load because first all visible folders must be determined and if a user has object read permissions in that folders. Software internal default is true to prevent high load if the property is not defined. Default here is false because it is easier for the user to find contacts. </nowiki>
| contact.properties:27
|-
| <nowiki>com.openexchange.contacts.characterSearch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables/Disables the start letter based quick select of contacts </nowiki>
| contact.properties:30
|-
| <nowiki>com.openexchange.contacts.allFoldersForAutoComplete</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The auto complete search for email addresses may be triggered easily and quite often if a new email is written and a part of a recipients address is written. This can lead to high load on the database system if a context has a lot of users and a lot of contacts. Therefore the scope if this search can be configured. Set this parameter to true and the auto complete search looks in every readable contact folder for contacts with emails addresses matching the already typed letters. If this parameter is configured to false, only three folders are considered for the search: the users private default contact folder, his contact folder for collected contacts and the global address book if that is enabled for the user. </nowiki>
| contact.properties:38
|-
| <nowiki>com.openexchange.contact.scaleVCardImages</nowiki>
| <nowiki>200x200</nowiki>
| <nowiki>Configures the maximum image dimension to use when serializing contacts to vCards in the format [max_width]x[max_height]. Larger images will be resized dynamically to fit the specified rectangular area. If left empty, images are not resized at all and serialized as-is. </nowiki>
| contact.properties:44
|-
| <nowiki>contact_first_letter_field</nowiki>
| <nowiki>field02</nowiki>
| <nowiki>First Letter Field, the field you sort in when you hit one of the start letters field02 Last name field03 First name </nowiki>
| contact.properties:8
|-
| <nowiki>com.openexchange.contactcollector.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether enabled or disabled regardless of bundle start-up Enabled by default (provided that bundle is installed and properly started) </nowiki>
| contactcollector.properties:5
|-
| <nowiki>com.openexchange.contactcollector.folder.deleteDenied</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether deletion of contact collector folder will be denied </nowiki>
| contactcollector.properties:8
|-
| <nowiki>CONTEXT_RESTORE_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.contextrestore.storage.mysqlStorage.OXContextRestoreMySQLStorage</nowiki>
| <nowiki>Define the storage implementation here </nowiki>
| contextrestore.properties:2
|-
| <nowiki>modules/themes/default</nowiki>
| <nowiki>Cool Water (Default)</nowiki>
| <nowiki>The following property defines the default theme of the AJAX GUI. </nowiki>
| cool-water-theme.properties:4
|-
| <nowiki>com.openexchange.subscribe.crawler.google.calendar</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:10
|-
| <nowiki>com.openexchange.subscribe.crawler.t-online.de</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:11
|-
| <nowiki>com.openexchange.subscribe.crawler.gmx.de</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:12
|-
| <nowiki>com.openexchange.subscribe.crawler.msn.de</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:13
|-
| <nowiki>com.openexchange.subscribe.crawler.suncontacts</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:14
|-
| <nowiki>com.openexchange.subscribe.crawler.suncalendar</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:15
|-
| <nowiki>com.openexchange.subscribe.crawler.suntasks</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| crawler.properties:16
|-
| <nowiki>com.openexchange.subscribe.crawler.yahoocom</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:17
|-
| <nowiki>com.openexchange.subscribe.crawler.googlemail.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki>As an enhancement to the subscription module, we allow to configure that subscriptions should run automatically on login if a certain time interval between the last refresh run has elapsed (defaults to 1 day). </nowiki>
| crawler.properties:21
|-
| <nowiki>com.openexchange.subscribe.crawler.webde.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:23
|-
| <nowiki>com.openexchange.subscribe.crawler.google.calendar.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:24
|-
| <nowiki>com.openexchange.subscribe.crawler.gmx.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:25
|-
| <nowiki>com.openexchange.subscribe.crawler.t-online.de.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:26
|-
| <nowiki>com.openexchange.subscribe.crawler.gmx.de.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:27
|-
| <nowiki>com.openexchange.subscribe.crawler.msn.de.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:28
|-
| <nowiki>com.openexchange.subscribe.crawler.suncontacts.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:29
|-
| <nowiki>com.openexchange.subscribe.crawler.suncalendar.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:30
|-
| <nowiki>com.openexchange.subscribe.crawler.suntasks.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| crawler.properties:31
|-
| <nowiki>com.openexchange.subscribe.crawler.path</nowiki>
| <nowiki>crawlers</nowiki>
| <nowiki>Points to the directory containing the workflow definitions of crawlers </nowiki>
| crawler.properties:4
|-
| <nowiki>com.openexchange.subscribe.crawler.googlemail</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable / Disable individual crawlers (true / false) </nowiki>
| crawler.properties:7
|-
| <nowiki>com.openexchange.subscribe.crawler.web.de</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| crawler.properties:9
|-
| <nowiki>com.openexchange.groupware.dataRetrieval.lifetime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>Lifetime of a token in milliseconds. If this value is not set or negative the token only expires at the end of the session. </nowiki>
| dataRetrieval.properties:6
|-
| <nowiki>com.openexchange.groupware.dataRetrieval.onetime</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the token expires after the first access or not. Defaults to true. </nowiki>
| dataRetrieval.properties:9
|-
| <nowiki>com.openexchange.dataretention.sourceID</nowiki>
| <nowiki>OX_mail_01</nowiki>
| <nowiki>The string identifying the data source; e.g. "OX_mail_01" </nowiki>
| dataretention.properties:11
|-
| <nowiki>com.openexchange.dataretention.location</nowiki>
| <nowiki>DE/Olpe</nowiki>
| <nowiki>The location of the system generating the retention data </nowiki>
| dataretention.properties:14
|-
| <nowiki>com.openexchange.dataretention.timeZone</nowiki>
| <nowiki>GMT</nowiki>
| <nowiki>The time zone of the location </nowiki>
| dataretention.properties:17
|-
| <nowiki>com.openexchange.dataretention.dir</nowiki>
| <nowiki>/var/log/open-xchange</nowiki>
| <nowiki>The directory where the CSV file is held </nowiki>
| dataretention.properties:2
|-
| <nowiki>com.openexchange.dataretention.rotateLength</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specifies the max. output resource's length (in bytes) before it gets rotated. This option is only useful for implementations which output data to a file or to any limited resource. This value should have a reasonable size since multiple write accesses may occur at same time. Therefore small sizes (<= 200KB) cannot be guaranteed being obeyed. Moreover it is only an approximate limit which can vary about 8KB. A value less than or equal to zero means no rotation. </nowiki>
| dataretention.properties:26
|-
| <nowiki>com.openexchange.dataretention.versionNumber</nowiki>
| <nowiki>1</nowiki>
| <nowiki>The format version appended to each record type; e.g "H1" meaning "Header version 1". </nowiki>
| dataretention.properties:5
|-
| <nowiki>com.openexchange.dataretention.clientID</nowiki>
| <nowiki>Open-Xchange</nowiki>
| <nowiki>The string identifying the tenant; e.g "Open-Xchange". </nowiki>
| dataretention.properties:8
|-
| <nowiki>com.openexchange.spamhandler.defaultspamhandler.createConfirmedHam</nowiki>
| <nowiki>true</nowiki>
| <nowiki># Indicates whether to create the confirmed-ham folder during check for default mail folders # during login if spam is enabled for logged-in user. # Default is true. </nowiki>
| defaultspamhandler.properties:11
|-
| <nowiki>com.openexchange.spamhandler.defaultspamhandler.unsubscribeSpamFolders</nowiki>
| <nowiki>true</nowiki>
| <nowiki># Indicates whether the confirmed-spam/confirmed-ham folders shall automatically be unsubscribed during login. # Default is true. </nowiki>
| defaultspamhandler.properties:15
|-
| <nowiki>com.openexchange.spamhandler.defaultspamhandler.createConfirmedSpam</nowiki>
| <nowiki>true</nowiki>
| <nowiki># Indicates whether to create the confirmed-spam folder during check for default mail folders # during login if spam is enabled for logged-in user. # Default is true. </nowiki>
| defaultspamhandler.properties:6
|-
| <nowiki>com.openexchange.capability.drive</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables the "drive" module capability globally. The capability can also be set more fine-grained via config cascade. Per default it is only enabled for users that have the "infostore" permission set. This is configured in /opt/open-xchange/etc/contextSets/drive.yml. </nowiki>
| drive.properties:10
|-
| <nowiki>com.openexchange.drive.directLinkHelp</nowiki>
| <nowiki>[protocol]://[hostname]/[uiwebpath]/help-drive/l10n/[locale]/index.html</nowiki>
| <nowiki>Configures the pattern for a direct link to the online help. This serves as target for the "Help" section in the client applications. Text in brackets is replaced dynamically during link generation in the backend, however, it's still possible to overwrite them here with a static value, or even define an arbitrary URL here. [protocol] is replaced automatically with the protocol used by the client (typically "http" or "https"). [hostname] should be replaced with the server's canonical host name (if not, the server tries to determine the hostname on it's own), [uiwebpath] is replaced with the value of "com.openexchange.UIWebPath" as defined in "server.properties", while [dispatcherPrefix] is replaced with the value of "com.openexchange.dispatcher.prefix" ("server.properties", too). [contextid], [userid] and [login] are replaced to reflect the values of the current user. Defaults to "[protocol]://[hostname]/[uiwebpath]/help/[locale]/index.html". </nowiki>
| drive.properties:110
|-
| <nowiki>com.openexchange.drive.events.apn.ios.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables push event notifications to clients using the Apple Push Notification service (APNS) for iOS devices. This requires a valid configuration for the APNS certificate and keys, see either options below, or install the restricted components packages for drive. Defaults to "false". </nowiki>
| drive.properties:120
|-
| <nowiki>com.openexchange.drive.events.apn.ios.keystore</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the path to the local keystore file (PKCS #12) containing the APNS certificate and keys for the iOS application, e.g. "/opt/open-xchange/etc/drive-apns.p12". Required if "com.openexchange.drive.events.apn.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:127
|-
| <nowiki>com.openexchange.drive.events.apn.ios.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the password used when creating the referenced keystore containing the certificate of the iOS application. Note that blank or null passwords are in violation of the PKCS #12 specifications. Required if "com.openexchange.drive.events.apn.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:134
|-
| <nowiki>com.openexchange.drive.events.apn.ios.production</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Indicates which APNS service is used when sending push notifications to iOS devices. A value of "true" will use the production service, a value of "false" the sandbox service. Defaults to "true". </nowiki>
| drive.properties:139
|-
| <nowiki>com.openexchange.drive.events.apn.ios.feedbackQueryInterval</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Configures the interval between queries to the APN feedback service for the subscribed iOS devices. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). Leaving this parameter empty disables the feedback queries on this node. Since each received feedback is processed cluster-wide, only one node in the cluster should be enabled here. </nowiki>
| drive.properties:147
|-
| <nowiki>com.openexchange.drive.shortProductName</nowiki>
| <nowiki>OX Drive</nowiki>
| <nowiki>Short product name as used in the version comment string inserted for drive uploads, e.g. "Uploaded with OX Drive (Ottos Laptop)". Defaults to "OX Drive". </nowiki>
| drive.properties:15
|-
| <nowiki>com.openexchange.drive.events.apn.macos.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables push event notifications to clients using the Apple Push Notification service (APNS) for Mac OS devices. This requires a valid configuration for the APNS certificate and keys, see either options below, or install the restricted components packages for drive. Defaults to "false". </nowiki>
| drive.properties:154
|-
| <nowiki>com.openexchange.drive.events.apn.macos.keystore</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the path to the local keystore file (PKCS #12) containing the APNS certificate and keys for the Mac OS application, e.g. "/opt/open-xchange/etc/drive-apns.p12". Required if "com.openexchange.drive.events.apn.macos.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:161
|-
| <nowiki>com.openexchange.drive.events.apn.macos.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the password used when creating the referenced keystore containing the certificate of the Mac OS application. Note that blank or null passwords are in violation of the PKCS #12 specifications. Required if "com.openexchange.drive.events.apn.macos.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:168
|-
| <nowiki>com.openexchange.drive.events.apn.macos.production</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Indicates which APNS service is used when sending push notifications to Mac OS devices. A value of "true" will use the production service, a value of "false" the sandbox service. Defaults to "true". </nowiki>
| drive.properties:173
|-
| <nowiki>com.openexchange.drive.events.apn.macos.feedbackQueryInterval</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Configures the interval between queries to the APN feedback service for the subscribed Mac OS devices. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). Leaving this parameter empty disables the feedback queries on this node. Since each received feedback is processed cluster-wide, only one node in the cluster should be enabled here. </nowiki>
| drive.properties:181
|-
| <nowiki>com.openexchange.drive.events.gcm.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables push event notifications to clients using the Google Cloud Messaging (GCM) service. This requires a valid configuration for the GCM API key, see options below. Defaults to "false". </nowiki>
| drive.properties:186
|-
| <nowiki>com.openexchange.drive.events.gcm.key</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the API key of the server application. Required if "com.openexchange.drive.events.gcm.enabled" is "true" and the package containing the restricted drive components is not installed. </nowiki>
| drive.properties:191
|-
| <nowiki>com.openexchange.drive.events.blockingLongPolling.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether blocking long polling for pushing synchronization events to clients may be used as fallback when no other long polling handlers are available due to missing support of the HTTP service. Handling long polling in a blocking manner consumes a server thread, and should therefore only be enabled for testing purposes. Defaults to "false". </nowiki>
| drive.properties:198
|-
| <nowiki>com.openexchange.drive.useTempFolder</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specifies whether the synchronization logic will make use of a folder named ".drive" below the root synchronization folder or not. If enabled, this folder is used to store temporary uploads and removed files, which usually leads to a better user experience since previously synchronized files can be restored from there for example. If not, removed files are not kept, and uploads are performed directly in the target folder. Defaults to "true". </nowiki>
| drive.properties:27
|-
| <nowiki>com.openexchange.drive.cleaner.interval</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Configures the interval between runs of the cleaner process for the temporary ".drive" folder. A cleaner run is only initiated if the synchronization is idle, i.e. the last synchronization resulted in no actions to be performed, and the last run was before the configured interval. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). </nowiki>
| drive.properties:35
|-
| <nowiki>com.openexchange.drive.cleaner.maxAge</nowiki>
| <nowiki>1D</nowiki>
| <nowiki>Defines the maximum age of files and directories to be kept inside the temporary ".drive" folder. Files or directories that were last modified before the configured age are deleted during the next run of the cleaner process. The value can be defined using units of measurement: "D" (=days), "W" (=weeks) and "H" (=hours). Defaults to "1D" (one day). </nowiki>
| drive.properties:42
|-
| <nowiki>com.openexchange.drive.maxBandwidth</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Allows to limit the maximum used bandwidth for all downloads. If configured, downloads via the drive module handled by this backend node will not exceed the configured bandwidth. The available bandwidth is defined as the number of allowed bytes per second, where the byte value can be specified with one of the units "B" (bytes), "kB" (kilobyte), "MB" (Megabyte) or "GB" (Gigabyte), e.g. "10 MB". Must fit into the "Integer" range, i.e. the configured number of bytes has to be be smaller than 2^31. Defaults to "-1" (no limitations). </nowiki>
| drive.properties:55
|-
| <nowiki>com.openexchange.drive.maxBandwidthPerClient</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Allows to limit the maximum used bandwidth for client downloads within the same session. If configured, downloads originating in the same session via the drive module handled by this backend node will not exceed the configured bandwidth. The available bandwidth is defined as the number of allowed bytes per second, where the byte value can be specified with one of the units "B" (bytes), "kB" (kilobyte), "MB" (Megabyte) or "GB" (Gigabyte), e.g. "500 kB". Must fit into the "Integer" range, i.e. the configured number of bytes has to be be smaller than 2^31. Defaults to "-1" (no limitations). </nowiki>
| drive.properties:66
|-
| <nowiki>com.openexchange.drive.maxConcurrentSyncOperations</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the maximum allowed number of synchronization operations, i.e. all requests to the "drive" module apart from up- and downloads, that the server accepts concurrently. While the limit is reached, further synchronization requests are rejected in a HTTP 503 manner (service unavailable), and the client is instructed to try again at a later time. Defaults to "-1" (no limitations). </nowiki>
| drive.properties:74
|-
| <nowiki>com.openexchange.drive.directLinkQuota</nowiki>
| <nowiki>[protocol]://[hostname]</nowiki>
| <nowiki>Configures the pattern for a direct link to manage a user's quota. Text in brackets is replaced dynamically during link generation in the backend, however, it's still possible to overwrite them here with a static value, or even define an arbitrary URL here. [protocol] is replaced automatically with the protocol used by the client (typically "http" or "https"). [hostname] should be replaced with the server's canonical host name (if not, the server tries to determine the hostname on it's own), [uiwebpath] is replaced with the value of "com.openexchange.UIWebPath" as defined in "server.properties", while [dispatcherPrefix] is replaced with the value of "com.openexchange.dispatcher.prefix" ("server.properties", too). [contextid], [userid] and [login] are replaced to reflect the values of the current user. Defaults to "[protocol]://[hostname]". </nowiki>
| drive.properties:93
|-
| <nowiki>com.openexchange.oauth.dropbox.apiSecret</nowiki>
| <nowiki>PUT_YOUR_APP_SECRET_HERE</nowiki>
| <nowiki>The API secret </nowiki>
| dropbox.properties:10
|-
| <nowiki>com.openexchange.oauth.dropbox</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable </nowiki>
| dropbox.properties:4
|-
| <nowiki>com.openexchange.oauth.dropbox.apiKey</nowiki>
| <nowiki>PUT_YOUR_APP_KEY_HERE</nowiki>
| <nowiki>The API key </nowiki>
| dropbox.properties:7
|-
| <nowiki>com.openexchange.oauth.dropbox</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable </nowiki>
| dropboxoauth.properties:3
|-
| <nowiki>com.openexchange.oauth.dropbox.apiKey</nowiki>
| <nowiki></nowiki>
| <nowiki>The API key </nowiki>
| dropboxoauth.properties:6
|-
| <nowiki>com.openexchange.oauth.dropbox.apiSecret</nowiki>
| <nowiki></nowiki>
| <nowiki>The API secret </nowiki>
| dropboxoauth.properties:9
|-
| <nowiki>com.openexchange.mobile.configuration.urlencoding</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the URL encoding which will be used to modify the given URL </nowiki>
| eas-provisioning-mail.properties:11
|-
| <nowiki>com.openexchange.mobile.configuration.mail.from</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Define the FROM address of the email which will be sent to the user when he has selected the email transport as provisioning method. Possible values are: 1. A valid eMail address (eg.: admin@example.com) 2. user (Then the from address will be the standard address from the user who sends the provisioning message) </nowiki>
| eas-provisioning-mail.properties:19
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_US.subject</nowiki>
| <nowiki>Open-Xchange Mobility Provisioning</nowiki>
| <nowiki>Define the subject and the mailtext of the provisioning eMail which will be send to the user if he has chosen eMail as provisioning method. You can set a subject and text per language. If you want to add a new language code provide the following two configuration options: com.openexchange.mobile.configuration.mail.message.$languagecode_$LANDCODE.subject com.openexchange.mobile.configuration.mail.message.$languagecode_$LANDCODE.text </nowiki>
| eas-provisioning-mail.properties:28
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_US.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:29
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_GB.subject</nowiki>
| <nowiki>Open-Xchange Mobility Provisioning</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:30
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.en_GB.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:31
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.de_DE.subject</nowiki>
| <nowiki>Open-Xchange Mobility-Provisionierung</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:32
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.de_DE.text</nowiki>
| <nowiki>Bitte auf den folgenden Link klicken, um die Open-Xchange Mobility Provisionierungs-Applikation zu \u00F6ffnen: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:33
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.fr_FR.subject</nowiki>
| <nowiki>Pr\u00E9paration de la mobilit\u00E9 Open-Xchange</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:34
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.fr_FR.text</nowiki>
| <nowiki>Veuillez cliquer sur le lien suivant pour ouvrir l'application de pr\u00E9paration de la mobilit\u00E9 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:35
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.nl_NL.subject</nowiki>
| <nowiki>Open-Xchange-mobility-initialisatie</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:36
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.nl_NL.text</nowiki>
| <nowiki>Klik op de volgende link om de initialisatietoepasssing voor Open-Xchange-mobility te starten: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:37
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.es_ES.subject</nowiki>
| <nowiki>Configuraci\u00F3n m\u00F3vil de Open-Xchange</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:38
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.es_ES.text</nowiki>
| <nowiki>Por favor, haga clic en el siguiente enlace para ejecutar la aplicaci\u00F3n de configuraci\u00F3n m\u00F3vil de Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:39
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.it_IT.subject</nowiki>
| <nowiki>Fornitura in mobilit\u00E0 Open-Xchange</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:40
|-
| <nowiki>com.openexchange.mobile.configuration.mail.message.it_IT.text</nowiki>
| <nowiki>Fai clic sul seguente collegamento per aprire l'applicazione di fornitura in mobilit\u00E0 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:41
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.en_US.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki>Define the text of the provisioning SMS which will be send to the user if he has chosen SMS as provisioning method. You can set a text per language. If you want to add a new language code provide the following configuration option: com.openexchange.mobile.configuration.sms.message.$languagecode_$LANDCODE.text </nowiki>
| eas-provisioning-mail.properties:48
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.en_GB.text</nowiki>
| <nowiki>Please click on the following link to open the Open-Xchange Mobility Provisioning application: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:49
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.de_DE.text</nowiki>
| <nowiki>Bitte auf den folgenden Link klicken, um die Open-Xchange Mobility Provisionierungs-Applikation zu \u00F6ffnen: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:50
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.fr_FR.text</nowiki>
| <nowiki>Veuillez cliquer sur le lien suivant pour ouvrir l'application de pr\u00E9paration de la mobilit\u00E9 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:51
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.nl_NL.text</nowiki>
| <nowiki>Klik op de volgende link om de initialisatietoepasssing voor Open-Xchange-mobility te starten: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:52
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.es_ES.text</nowiki>
| <nowiki>Por favor, haga clic en el siguiente enlace para ejecutar la aplicaci\u00F3n de configuraci\u00F3n m\u00F3vil de Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:53
|-
| <nowiki>com.openexchange.mobile.configuration.sms.message.it_IT.text</nowiki>
| <nowiki>Fai clic sul seguente collegamento per aprire l'applicazione di fornitura in mobilit\u00E0 Open-Xchange: %u</nowiki>
| <nowiki></nowiki>
| eas-provisioning-mail.properties:54
|-
| <nowiki>com.openexchange.mobile.configuration.url</nowiki>
| <nowiki>https://%h/servlet/mobileconfig?l=%p</nowiki>
| <nowiki>Define the URL which will be send to the device via the transport. The following placeholders will be replaced by: %h : The Hostname taken from the URL of the user %l : The login which the user has entered on the login page %c : The context ID %u : The user login %p : Users primary email address </nowiki>
| eas-provisioning-mail.properties:8
|-
| <nowiki>com.openexchange.mobile.configuration.json.action.sms.sipgat.api.url</nowiki>
| <nowiki>https://samurai.sipgate.net/RPC2</nowiki>
| <nowiki>Properties for the ACTION SMS Provisioning Plugin Currently only SIPGATE is supported as SMS provider via XML-RPC API Sipgate API URL </nowiki>
| eas-provisioning-sms.properties:10
|-
| <nowiki>com.openexchange.mobile.configuration.json.action.sms.sipgat.api.username</nowiki>
| <nowiki>openexchange</nowiki>
| <nowiki> Sipgate API Username </nowiki>
| eas-provisioning-sms.properties:14
|-
| <nowiki>com.openexchange.mobile.configuration.json.action.sms.sipgat.api.password</nowiki>
| <nowiki>test</nowiki>
| <nowiki> Sipgate API Password </nowiki>
| eas-provisioning-sms.properties:18
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:1
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/fr_FR/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:10
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/fr_FR/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-French.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:11
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_US/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:12
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_US/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:13
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_GB/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:14
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/en_GB/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:15
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/nl_NL/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:16
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/nl_NL/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-Dutch.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:17
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/es_ES/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:18
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/es_ES/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-Spanish.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:19
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/de_DE/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki> Blackberry configuration description: </nowiki>
| eas-provisioning-ui.properties:23
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/de_DE/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-German.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:24
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/fr_FR/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:25
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/fr_FR/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-French.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:26
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_US/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:27
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_US/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:28
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_GB/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:29
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/en_GB/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:30
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/nl_NL/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:31
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/nl_NL/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-Dutch.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:32
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/es_ES/name</nowiki>
| <nowiki>Blackberry</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:33
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/1/es_ES/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-blackberry-Spanish.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:34
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/de_DE/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki> Android configuration description: </nowiki>
| eas-provisioning-ui.properties:38
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/de_DE/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-German.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:39
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/fr_FR/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:40
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/fr_FR/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-French.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:41
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_US/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:42
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_US/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:43
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_GB/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:44
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/en_GB/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-English.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:45
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/nl_NL/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:46
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/nl_NL/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-Dutch.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:47
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/es_ES/name</nowiki>
| <nowiki>Android</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:48
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/2/es_ES/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-android2-Spanish.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:49
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/de_DE/name</nowiki>
| <nowiki>Nokia S60</nowiki>
| <nowiki>The following options will display the detailed setup descriptions from devices which don't support autoconfiguration emails. Nokia S60 configuration description: </nowiki>
| eas-provisioning-ui.properties:8
|-
| <nowiki>modules/com.openexchange.eas.provisioning.ui/other/0/de_DE/url</nowiki>
| <nowiki>plugins/com.openexchange.usm.eas/html/ox6-nokias60-German.html</nowiki>
| <nowiki></nowiki>
| eas-provisioning-ui.properties:9
|-
| <nowiki>com.openexchange.mobile.configuration.generator.OpensslBinary</nowiki>
| <nowiki></nowiki>
| <nowiki>The location of the openssl binary (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:10
|-
| <nowiki>com.openexchange.mobile.configuration.generator.OpensslTimeout</nowiki>
| <nowiki>3000</nowiki>
| <nowiki>The timeout for the openssl binary in milliseconds (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:12
|-
| <nowiki>com.openexchange.mobile.configuration.generator.CertFile</nowiki>
| <nowiki></nowiki>
| <nowiki>The cert file (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:14
|-
| <nowiki>com.openexchange.mobile.configuration.generator.KeyFile</nowiki>
| <nowiki></nowiki>
| <nowiki>The key file (needed if SignConfig is true) </nowiki>
| eas-provisioning.properties:16
|-
| <nowiki>com.openexchange.mobile.configuration.generator.iPhoneRegex</nowiki>
| <nowiki>^.*(iPhone|iPad).*$</nowiki>
| <nowiki>RegEx for iPhone browser detection </nowiki>
| eas-provisioning.properties:2
|-
| <nowiki>com.openexchange.mobile.configuration.generator.WinMobRegex</nowiki>
| <nowiki>^.*Windows Phone.*$</nowiki>
| <nowiki>RegEx for Windows Mobile browser detection </nowiki>
| eas-provisioning.properties:4
|-
| <nowiki>com.openexchange.mobile.configuration.generator.OnlySecureConnect</nowiki>
| <nowiki>true</nowiki>
| <nowiki>If only https should be used </nowiki>
| eas-provisioning.properties:6
|-
| <nowiki>com.openexchange.mobile.configuration.generator.SignConfig</nowiki>
| <nowiki>false</nowiki>
| <nowiki>If signing is used or not </nowiki>
| eas-provisioning.properties:8
|-
| <nowiki>read_cl </nowiki>
| <nowiki> ONE </nowiki>
| <nowiki>Consistency Levels. It can be defined on a per-column-family basis. Since we only have one column family, it only applies to that. Possible values (CaSe sensitive): ONE, TWO, THREE, QUORUM, ALL, ANY, EACH_QUORUM, LOCAL_QUORUM </nowiki>
| eavstorage.properties:15
|-
| <nowiki>write_cl </nowiki>
| <nowiki> ONE</nowiki>
| <nowiki></nowiki>
| eavstorage.properties:16
|-
| <nowiki>replication_factor </nowiki>
| <nowiki> 1</nowiki>
| <nowiki>Replication factor of the keyspace </nowiki>
| eavstorage.properties:2
|-
| <nowiki>keyspace </nowiki>
| <nowiki> OX</nowiki>
| <nowiki>Keyspace name </nowiki>
| eavstorage.properties:5
|-
| <nowiki>cf_xt_props </nowiki>
| <nowiki> ExtendedProperties</nowiki>
| <nowiki>Extended Properties column family name </nowiki>
| eavstorage.properties:8
|-
| <nowiki>com.openexchange.event.eventQueueDelay</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>This parameter set the delay in milliseconds when events are sent to the subscribed services. Events for example are triggered when deleting an appointment with attachment. The event then is for deleting the attachment. If this value is increased more events may be in the queue that must be executed. This can cause longer runtime delivering all those events. Lowering this value may cause too often look into the queue without finding events there to process. </nowiki>
| event.properties:17
|-
| <nowiki>com.openexchange.event.isEventQueueEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This option enables or disable the complete event handling for OX The event handling is a essential Open-Xchange component which needs to always run. This should only be set to false for debugging purposes. </nowiki>
| event.properties:8
|-
| <nowiki>com.openexchange.messaging.facebook.loginPageBaseURL</nowiki>
| <nowiki>http://www.facebook.com/login.php</nowiki>
| <nowiki>Specify the base URL of facebook's login page </nowiki>
| facebookmessaging.properties:10
|-
| <nowiki>com.openexchange.messaging.facebook.actionOfLoginForm</nowiki>
| <nowiki>https://login.facebook.com/login.php?login_attempt=1</nowiki>
| <nowiki>Specify the action of the facebook login form located at login page </nowiki>
| facebookmessaging.properties:13
|-
| <nowiki>com.openexchange.messaging.facebook.linkAfterLogin</nowiki>
| <nowiki>"\\Qhttp://www.facebook.com/profile.php?ref=profile&id=\\E([0-9]+)"</nowiki>
| <nowiki>Specify the regular expression (in quotes) for the link of the expected page after successfully passing facebook's login page Note: The (optional) capturing group is checked against facebook's user identifier. If no group is specified, no check is performed </nowiki>
| facebookmessaging.properties:17
|-
| <nowiki>com.openexchange.messaging.facebook.apiVersion</nowiki>
| <nowiki>1.0</nowiki>
| <nowiki>Specify the version of facebook's API </nowiki>
| facebookmessaging.properties:20
|-
| <nowiki>com.openexchange.messaging.facebook.nameOfUserField</nowiki>
| <nowiki>email</nowiki>
| <nowiki>Specify the name of the login field on facebook's login page </nowiki>
| facebookmessaging.properties:23
|-
| <nowiki>com.openexchange.messaging.facebook.nameOfPasswordField</nowiki>
| <nowiki>pass</nowiki>
| <nowiki>Specify the name of the password field on facebook's login page </nowiki>
| facebookmessaging.properties:26
|-
| <nowiki>com.openexchange.messaging.facebook</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| facebookmessaging.properties:3
|-
| <nowiki>com.openexchange.messaging.facebook.renewalFrequence</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Frequence for facebook session renewal in milliseconds. Default is 300000 (5 minutes). </nowiki>
| facebookmessaging.properties:7
|-
| <nowiki>com.openexchange.oauth.facebook</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable Facebook OAuth support </nowiki>
| facebookoauth.properties:2
|-
| <nowiki>com.openexchange.facebook.apiKey</nowiki>
| <nowiki>INSERT_YOUR_API_KEY_HERE</nowiki>
| <nowiki>Specify the API key obtained from facebook </nowiki>
| facebookoauth.properties:5
|-
| <nowiki>com.openexchange.facebook.secretKey</nowiki>
| <nowiki>INSERT_YOUR_API_SECRET_HERE</nowiki>
| <nowiki>Specify the secret key obtained from facebook </nowiki>
| facebookoauth.properties:8
|-
| <nowiki>com.openexchange.subscribe.socialplugin.facebook</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| facebooksubscribe.properties:1
|-
| <nowiki>com.openexchange.subscribe.socialplugin.facebook.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| facebooksubscribe.properties:2
|-
| <nowiki>java.util.logging.FileHandler.append</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| file-logging.properties:10
|-
| <nowiki>java.util.logging.FileHandler.append</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| file-logging.properties:10
|-
| <nowiki>.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>possible log levels are ALL INFO FINE </nowiki>
| file-logging.properties:2
|-
| <nowiki>.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>possible log levels are ALL INFO FINE </nowiki>
| file-logging.properties:2
|-
| <nowiki>com.openexchange.login.internal.LoginPerformer.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof. </nowiki>
| file-logging.properties:20
|-
| <nowiki>com.openexchange.login.internal.LoginPerformer.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof. </nowiki>
| file-logging.properties:20
|-
| <nowiki>com.openexchange.sessiond.impl.SessionHandler.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:21
|-
| <nowiki>com.openexchange.sessiond.impl.SessionHandler.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:21
|-
| <nowiki>sun.rmi.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:23
|-
| <nowiki>sun.rmi.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:23
|-
| <nowiki>org.apache.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:24
|-
| <nowiki>org.apache.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:24
|-
| <nowiki>com.sun.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:25
|-
| <nowiki>com.sun.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:25
|-
| <nowiki>javax.management.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:26
|-
| <nowiki>javax.management.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| file-logging.properties:26
|-
| <nowiki>javax.jmdns.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:27
|-
| <nowiki>javax.jmdns.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:27
|-
| <nowiki>com.hazelcast.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:28
|-
| <nowiki>com.hazelcast.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:28
|-
| <nowiki>org.glassfish.grizzly.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:29
|-
| <nowiki>org.glassfish.grizzly.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:29
|-
| <nowiki>org.apache.cxf.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set to FINE to log SOAP requests for debugging purpose </nowiki>
| file-logging.properties:32
|-
| <nowiki>org.apache.cxf.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set to FINE to log SOAP requests for debugging purpose </nowiki>
| file-logging.properties:32
|-
| <nowiki>com.openexchange.soap.cxf.logger.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:33
|-
| <nowiki>com.openexchange.soap.cxf.logger.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| file-logging.properties:33
|-
| <nowiki>org.jaudiotagger.level</nowiki>
| <nowiki>SEVERE</nowiki>
| <nowiki>Set org.jaudiotagger to SEVERE </nowiki>
| file-logging.properties:36
|-
| <nowiki>org.jaudiotagger.level</nowiki>
| <nowiki>SEVERE</nowiki>
| <nowiki>Set org.jaudiotagger to SEVERE </nowiki>
| file-logging.properties:36
|-
| <nowiki>com.openexchange.documentconverter.impl.Manager.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set global documentconverter logging level to WARNING </nowiki>
| file-logging.properties:39
|-
| <nowiki>com.openexchange.documentconverter.impl.Manager.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Set global documentconverter logging level to WARNING </nowiki>
| file-logging.properties:39
|-
| <nowiki>handlers</nowiki>
| <nowiki>java.util.logging.FileHandler</nowiki>
| <nowiki></nowiki>
| file-logging.properties:4
|-
| <nowiki>handlers</nowiki>
| <nowiki>java.util.logging.FileHandler</nowiki>
| <nowiki></nowiki>
| file-logging.properties:4
|-
| <nowiki>com.gargoylesoftware.htmlunit.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Reduce log level for htmlunit.jar </nowiki>
| file-logging.properties:42
|-
| <nowiki>com.gargoylesoftware.htmlunit.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki>Reduce log level for htmlunit.jar </nowiki>
| file-logging.properties:42
|-
| <nowiki>com.openexchange.ajax.requesthandler.DispatcherServlet.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>A switch to control which exceptions are logged to the log file Set this to ALL to log all exceptions </nowiki>
| file-logging.properties:49
|-
| <nowiki>com.openexchange.ajax.requesthandler.DispatcherServlet.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>A switch to control which exceptions are logged to the log file Set this to ALL to log all exceptions </nowiki>
| file-logging.properties:49
|-
| <nowiki>java.util.logging.FileHandler.pattern</nowiki>
| <nowiki>/var/log/open-xchange/open-xchange.log</nowiki>
| <nowiki></nowiki>
| file-logging.properties:5
|-
| <nowiki>java.util.logging.FileHandler.pattern</nowiki>
| <nowiki>/var/log/open-xchange/open-xchange.log</nowiki>
| <nowiki></nowiki>
| file-logging.properties:5
|-
| <nowiki>java.util.logging.FileHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| file-logging.properties:6
|-
| <nowiki>java.util.logging.FileHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| file-logging.properties:6
|-
| <nowiki>java.util.logging.FileHandler.limit</nowiki>
| <nowiki>2097152</nowiki>
| <nowiki></nowiki>
| file-logging.properties:7
|-
| <nowiki>java.util.logging.FileHandler.limit</nowiki>
| <nowiki>2097152</nowiki>
| <nowiki></nowiki>
| file-logging.properties:7
|-
| <nowiki>java.util.logging.FileHandler.count</nowiki>
| <nowiki>99</nowiki>
| <nowiki></nowiki>
| file-logging.properties:8
|-
| <nowiki>java.util.logging.FileHandler.count</nowiki>
| <nowiki>99</nowiki>
| <nowiki></nowiki>
| file-logging.properties:8
|-
| <nowiki>java.util.logging.FileHandler.formatter</nowiki>
| <nowiki>java.util.logging.SimpleFormatter</nowiki>
| <nowiki></nowiki>
| file-logging.properties:9
|-
| <nowiki>java.util.logging.FileHandler.formatter</nowiki>
| <nowiki>java.util.logging.SimpleFormatter</nowiki>
| <nowiki></nowiki>
| file-logging.properties:9
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| filemanagementDistributed.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| filemanagementDistributed.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| filemanagementDistributed.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>distributedFiles-0</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| filemanagementDistributed.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>3600</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. </nowiki>
| filemanagementDistributed.properties:31
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].endpoint</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the endpoint (e.g. "ec2.amazonaws.com") or a full URL, including the protocol (e.g. "https://ec2.amazonaws.com") of the region specific AWS endpoint this client will communicate with. Defaults to "s3.amazonaws.com" if not defined. </nowiki>
| filestore-s3.properties:22
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].region</nowiki>
| <nowiki>us-west-2</nowiki>
| <nowiki>Configures the Amazon S3 region to use when creating new buckets. This value is also used to pre-configure the client when no specific endpoint is set. Possible values are "us-gov-west-1", "us-east-1", "us-west-1", "us-west-2", "eu-west-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1" and "sa-east-1". Defaults to "us-west-2". </nowiki>
| filestore-s3.properties:29
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].accessKey</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the AWS access key to use. Required. </nowiki>
| filestore-s3.properties:32
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].secretKey</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the AWS secret key to use. Required. </nowiki>
| filestore-s3.properties:35
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].encryption</nowiki>
| <nowiki>none</nowiki>
| <nowiki>Optionally specifies which client-side encryption should be used. Current options include "none" for no encryption, or "rsa" for an RSA-based asymmetric encryption. Defaults to "none". Please note that depending on the used key length and Java runtime, one might need to replace the so-called "JCE Unlimited Strength Jurisdiction Policy Files" accordingly. </nowiki>
| filestore-s3.properties:43
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].encryption.rsa.keyStore</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the path to the local keystore file (PKCS #12) containing the public-/private-key pair to use for encryption, e.g. "/opt/open-xchange/etc/cert/awss3.p12". Required if "com.openexchange.aws.s3.[filestoreID].encryption" is set to "rsa". </nowiki>
| filestore-s3.properties:49
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].encryption.rsa.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the password used when creating the referenced keystore containing public-/private-key pair to use for encryption. Note that blank or null passwords are in violation of the PKCS #12 specifications. Required if "com.openexchange.aws.s3.[filestoreID].encryption" is set to "rsa". </nowiki>
| filestore-s3.properties:55
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].bucketName</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the name of the parent bucket to use. The bucket will be created
automatically if it not yet exists, however, it's still possible to use an
already existing one. There are some naming restrictions, please refer to
http://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html for
details. Required. </nowiki>
| filestore-s3.properties
|-
| <nowiki>com.openexchange.filestore.s3.[filestoreID].pathStyleAccess</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Defines if path-style-access should be used when accessing the S3 API. If not set to "true", virtual-hosted-style access is used. Please refer to
http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html for
details. Defaults to true. </nowiki>
| filestore-s3.properties
|-
| <nowiki>com.openexchange.find.basic.mail.searchmailbody </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Denotes if mail search queries should be matched against mail bodies. This improves the search experience within the mail module, if your mail backend supports fast full text search. Otherwise it can slow down the search requests significantly. Change the value to 'true', if fast full text search is supported. Default is 'false'. </nowiki>
| findbasic.properties:16
|-
| <nowiki>com.openexchange.find.basic.mail.allMessagesFolder </nowiki>
| <nowiki></nowiki>
| <nowiki>Some mail backends provide a virtual folder that contains all messages of a user to enable cross-folder mail search. Open-Xchange can make use of this feature to improve the search experience. Set the value to the name of the virtual mail folder containing all messages. Leave blank if no such folder exists. </nowiki>
| findbasic.properties:7
|-
| <nowiki>IGNORE_SHARED_ADDRESSBOOK</nowiki>
| <nowiki>TRUE</nowiki>
| <nowiki>Determine whether to ignore 'shared addressbook' folder or not. Possible values: TRUE / FALSE </nowiki>
| foldercache.properties:12
|-
| <nowiki>ENABLE_INTERNAL_USER_EDIT</nowiki>
| <nowiki>TRUE</nowiki>
| <nowiki>Define if users are allowed to edit their own contact object contained in folder 'Global Address Book' aka 'Internal Users'. Switching this parameter only has an effect for new created contexts. </nowiki>
| foldercache.properties:17
|-
| <nowiki>com.openexchange.folderstorage.outlook.showPersonalBelowInfoStore</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specifies whether a user's default InfoStore folder should appear below InfoStore root folder: - Infostore -- My files -- Public infostore -- Userstore -- Other infstore folders </nowiki>
| foldercache.properties:27
|-
| <nowiki>com.openexchange.folderstorage.database.preferDisplayName</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies whether default InfoStore folders are labeled with owning user's display name or name is read from folder storage (database) </nowiki>
| foldercache.properties:31
|-
| <nowiki>ENABLE_DB_GROUPING</nowiki>
| <nowiki> TRUE</nowiki>
| <nowiki>Define where to perform folder grouping. This filters the database results for duplicate folders in the where clause of the db statement or afterwards in the application. Possible values: TRUE / FALSE </nowiki>
| foldercache.properties:5
|-
| <nowiki>ENABLE_FOLDER_CACHE</nowiki>
| <nowiki> TRUE</nowiki>
| <nowiki>Enable or disable folder caching. Possible values: TRUE / FALSE </nowiki>
| foldercache.properties:8
|-
| <nowiki>com.openexchange.folder.json.module</nowiki>
| <nowiki>folders</nowiki>
| <nowiki># Define the module which also serves as the appendix for registered servlet: # If module is set to "myfolders", the servlet path is changed to "/ajax/myfolders" # Default is "folders" </nowiki>
| folderjson.properties:6
|-
| <nowiki>project.required.plugins</nowiki>
| <nowiki>org.apache.forrest.plugin.output.pdf</nowiki>
| <nowiki>The names of plugins that are required to build the project comma separated list (no spaces) You can request a specific version by appending "-VERSION" to the end of the plugin name. If you exclude a version number the latest released version will be used, however, be aware that this may be a development version. In a production environment it is recomended that you specify a known working version. Run "forrest available-plugins" for a list of plug-ins currently available </nowiki>
| forrest.properties:125
|-
| <nowiki>project.skin</nowiki>
| <nowiki>lucene</nowiki>
| <nowiki>Specifies name of Forrest skin to use See list at http://forrest.apache.org/docs/skins.html </nowiki>
| forrest.properties:29
|-
| <nowiki>com.openexchange.freebusy.provider.ews.password</nowiki>
| <nowiki></nowiki>
| <nowiki>The password to access the EWS. Required. </nowiki>
| freebusy_provider_ews.properties:11
|-
| <nowiki>com.openexchange.freebusy.provider.ews.detailed</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether the detailed free/busy-view including subject and location of the appointments is requested from EWS or not. </nowiki>
| freebusy_provider_ews.properties:15
|-
| <nowiki>com.openexchange.freebusy.provider.ews.emailSuffixes</nowiki>
| <nowiki></nowiki>
| <nowiki>Allows the definition of a comma-separated list of e-mail-address suffixes (e.g. domain parts like "@example.org") that are used to pre-filter the requested participants before passing them to EWS. Optional, but strongly recommended to reduce the amount of transferred data. </nowiki>
| freebusy_provider_ews.properties:21
|-
| <nowiki>com.openexchange.freebusy.provider.ews.validEmailsOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether only valid e-mail addresses are used in the free/busy lookup or not. </nowiki>
| freebusy_provider_ews.properties:25
|-
| <nowiki>com.openexchange.freebusy.provider.ews.trustAllCerts</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to skip certificate validation and trust all server certificates. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory". </nowiki>
| freebusy_provider_ews.properties:30
|-
| <nowiki>com.openexchange.freebusy.provider.ews.skipHostVerification</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to bypass hostname verification. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.hostname.verifier". </nowiki>
| freebusy_provider_ews.properties:35
|-
| <nowiki>com.openexchange.freebusy.provider.ews.exchangeVersion</nowiki>
| <nowiki>EXCHANGE_2010</nowiki>
| <nowiki>Configures the requested Exchange Server version. Possible values include "EXCHANGE_2007_SP_1", "EXCHANGE_2010", "EXCHANGE_2010_SP_1" and "EXCHANGE_2010_SP_2". </nowiki>
| freebusy_provider_ews.properties:40
|-
| <nowiki>com.openexchange.freebusy.provider.ews.url</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the URL to the Exchange Web Service (usually something like http://exchange.example.com/EWS/Exchange.asmx). Required. </nowiki>
| freebusy_provider_ews.properties:5
|-
| <nowiki>com.openexchange.freebusy.provider.ews.userName</nowiki>
| <nowiki></nowiki>
| <nowiki>The user name to access the EWS. Required. </nowiki>
| freebusy_provider_ews.properties:8
|-
| <nowiki>com.openexchange.freebusy.provider.google.emailSuffixes</nowiki>
| <nowiki>@gmail.com,@googlemail.com</nowiki>
| <nowiki>Allows the definition of a comma-separated list of e-mail-address suffixes (e.g. domain parts like "@googlemail.com") that are used to pre-filter the requested participants before passing them to Google. Optional, but strongly recommended to reduce the amount of transferred data. </nowiki>
| freebusy_provider_google.properties:15
|-
| <nowiki>com.openexchange.freebusy.provider.google.validEmailsOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether only valid e-mail addresses are used in the free/busy lookup or not. </nowiki>
| freebusy_provider_google.properties:19
|-
| <nowiki>com.openexchange.freebusy.provider.google.apiEndpoint</nowiki>
| <nowiki>https://www.googleapis.com/calendar/v3</nowiki>
| <nowiki>Configures the URI of the Google Calendar API endpoint and should normally not be changed. Required. </nowiki>
| freebusy_provider_google.properties:5
|-
| <nowiki>com.openexchange.freebusy.provider.google.apiKey</nowiki>
| <nowiki>{YOUR_API_KEY}</nowiki>
| <nowiki>Sets the Google API key to be used for requests to the Google Calendar API. Required. </nowiki>
| freebusy_provider_google.properties:9
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.userID</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the user ID of the user in whose name the internal free/busy data is requested from the server (should normally be the internal user ID of the context administrator). Required. </nowiki>
| freebusy_publisher_ews.properties:10
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.url</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the URL to the Exchange Web Service (usually something like http://exchange.example.com/EWS/Exchange.asmx). Required. </nowiki>
| freebusy_publisher_ews.properties:14
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.userName</nowiki>
| <nowiki></nowiki>
| <nowiki>The user name to access the EWS. Required. </nowiki>
| freebusy_publisher_ews.properties:17
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.password</nowiki>
| <nowiki></nowiki>
| <nowiki>The password to access the EWS. Required. </nowiki>
| freebusy_publisher_ews.properties:20
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.publishMonths</nowiki>
| <nowiki>3</nowiki>
| <nowiki>Configures the amount of free/busy data to be published. The period always starts at the first of the current month. Defaults to '3'. </nowiki>
| freebusy_publisher_ews.properties:24
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.delay</nowiki>
| <nowiki>15</nowiki>
| <nowiki>Specifies the time in minutes between publication cycles, i.e. configures the free/busy data update interval. Defaults to '15'. </nowiki>
| freebusy_publisher_ews.properties:28
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.initialDelay</nowiki>
| <nowiki>5</nowiki>
| <nowiki>Specifies the time in minutes before starting the first publication cycle upon bundle startup. Defaults to '5'. </nowiki>
| freebusy_publisher_ews.properties:32
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.chunkSize</nowiki>
| <nowiki>50</nowiki>
| <nowiki>Defines the number of users that are processed in a chunk when publishing free/busy data. Default to '50'. </nowiki>
| freebusy_publisher_ews.properties:36
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.exchangeVersion</nowiki>
| <nowiki>EXCHANGE_2010</nowiki>
| <nowiki>Configures the requested Exchange Server version. Possible values include "EXCHANGE_2007_SP_1", "EXCHANGE_2010", "EXCHANGE_2010_SP_1" and "EXCHANGE_2010_SP_2". Defaults to 'EXCHANGE_2010'. </nowiki>
| freebusy_publisher_ews.properties:41
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.trustAllCerts</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to skip certificate validation and trust all server certificates. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.SSLSocketFactory". </nowiki>
| freebusy_publisher_ews.properties:46
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.contextID</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the context ID of the users whose free/busy data is published to the Exchange server. Required. </nowiki>
| freebusy_publisher_ews.properties:5
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.skipHostVerification</nowiki>
| <nowiki>false</nowiki>
| <nowiki>For testing purposes, it's possible to bypass hostname verification. This might only work when using Sun Java as it configures "com.sun.xml.internal.ws.transport.https.client.hostname.verifier". </nowiki>
| freebusy_publisher_ews.properties:51
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies how the legacyExchangeDN for free/busy users is retrieved. May be one of 'static' or 'ldap'. A static lookup uses existing user attributes to construct the legacyExchangeDN path, while 'ldap' queries the 'legacyExchangeDN' attribute from the Active Directory using one or more user attributes. Required. </nowiki>
| freebusy_publisher_ews.properties:58
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.static</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the template to construct the legacyExchangeDN path. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'static'. All occurrences of the following user attributes are replaced: [displayName], [contactId], [givenName], [surName], [userId], [imapLogin], [imapServer], [mailDomain], [mail], [loginInfo]. An example template would be "/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/ cn=Recipients/cn=[displayName]" </nowiki>
| freebusy_publisher_ews.properties:67
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.filter</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the LDAP filter used to query the Active Directory for the legacyExchangeDN of a user. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. Within the search filter, all occurrences of the following user attributes are replaced dynamically: [displayName], [contactId], [givenName], [surName], [userId], [imapLogin], [imapServer], [mailDomain], [mail], [loginInfo]. For example: "(&(objectClass=contact)(cn=[displayName]))" </nowiki>
| freebusy_publisher_ews.properties:76
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.uri</nowiki>
| <nowiki></nowiki>
| <nowiki>The URI of the LDAP server, should be in the format ldap://myserver.example.com:389. For SSL access, use the ldaps protocol and the appropriate port, e.g. ldaps://myserver.example.com:636. Required if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. </nowiki>
| freebusy_publisher_ews.properties:82
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.baseDN</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures a base LDAP path. If defined, all Distinguished Names supplied to and received from LDAP operations will be relative to the LDAP path supplied. If not defined, the default naming context of the RootDSE is used as baseDN. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. </nowiki>
| freebusy_publisher_ews.properties:89
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.bindDN</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the bind DN used for LDAP authentication here. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap'. If left empty, anonymous authentication is used. </nowiki>
| freebusy_publisher_ews.properties:94
|-
| <nowiki>com.openexchange.freebusy.publisher.ews.lookup.ldap.bindPW</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the bind password used for LDAP authentication here. Only used if 'com.openexchange.freebusy.publisher.ews.lookup' is set to 'ldap' and 'com.openexchange.freebusy.publisher.ews.lookup.ldap.bindDN' is defined. </nowiki>
| freebusy_publisher_ews.properties:99
|-
| <nowiki>com.openexchange.http.grizzly.hasCometEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Comet is an umbrella term used to describe a technique allowing web browser to receive almost real time updates from the server. The two most common approaches are long polling and streaming. Long polling differs from streaming in that each update from the server ultimately results in another follow up request from the client. Default value: true </nowiki>
| grizzly.properties:18
|-
| <nowiki>com.openexchange.http.grizzly.hasWebSocketsEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Bi-directional, full-duplex communications channels over a single TCP connection. Default value: false </nowiki>
| grizzly.properties:23
|-
| <nowiki>com.openexchange.http.grizzly.hasJMXEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Do you want to enable grizzly monitoring via JMX? Default value: true. </nowiki>
| grizzly.properties:31
|-
| <nowiki>com.openexchange.http.grizzly.hasAJPEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Grizzly is able to communicate via AJP besides its default prototcol HTTP. Do you want to use AJP instead of HTTP? Default value: false </nowiki>
| grizzly.properties:40
|-
| <nowiki>com.openexchange.http.grizzly.ping</nowiki>
| <nowiki>PROCESSING</nowiki>
| <nowiki>Specify the ping mechanism to use. Currently supported values: * NONE -- No ping at all * PROCESSING -- Ping through 102 Processing interim response * CONTINUE -- Ping through 100 Continue interim response * WHITESPACE -- Ping through transmitting a whitespace character (and implicitly committing HTTP response) Default is PROCESSING. </nowiki>
| grizzly.properties:52
|-
| <nowiki>com.openexchange.http.grizzly.pingDelay</nowiki>
| <nowiki>90000</nowiki>
| <nowiki>The ping delay aka frequency in milliseconds. Default is 90000. </nowiki>
| grizzly.properties:56
|-
| <nowiki>com.openexchange.http.grizzly.maxPingCount</nowiki>
| <nowiki>9</nowiki>
| <nowiki>The number of pings allowed being initiated before quit A value of zero or less means unlimited (actually 2^31 - 1) Default is 9 (because Apache has a hard-coded limit of 10) </nowiki>
| grizzly.properties:61
|-
| <nowiki>com.openexchange.halo.linkedin.enabledMailCapableKey</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether LinkedIn API key/secret are allowed to access E-Mail-sensitive data </nowiki>
| halo-linkedin.properties:4
|-
| <nowiki>com.openexchange.hazelcast.network.portAutoIncrement</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures if automatically the next port should be tried if the incoming port is already in use. Defaults to "true". </nowiki>
| hazelcast.properties:102
|-
| <nowiki>com.openexchange.hazelcast.network.outboundPortDefinitions</nowiki>
| <nowiki></nowiki>
| <nowiki>By default, Hazelcast lets the system to pick up an ephemeral port during socket bind operation. But security policies/firewalls may require to restrict outbound ports to be used by Hazelcast enabled applications. To fulfill this requirement, you can configure Hazelcast to use only defined outbound ports. You can use port ranges and/or comma separated ports, e.g. "35000-35100" or "36001, 36002, 36003". Defaults to "". </nowiki>
| hazelcast.properties:110
|-
| <nowiki>com.openexchange.hazelcast.network.enableIPv6Support</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables support for IPv6. IPv6 support is switched off by default, since some platforms have issues in use of IPv6 stack, and some other platforms such as Amazon AWS have no support at all. Defaults to "false". </nowiki>
| hazelcast.properties:116
|-
| <nowiki>com.openexchange.hazelcast.socket.bindAny</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether to bind the server- and client-sockets to any local interface or not. Defaults to "false", which restricts the bind operation to the picked interface address based on the value of "com.openexchange.hazelcast.network.interfaces". </nowiki>
| hazelcast.properties:122
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables symmetric encryption. When enabled, the entire communication between the hazelcast members is encrypted at socket level. Ensure that all symmetric encryption settings are equal on all participating nodes in the cluster. More advanced options (including asymmetric encryption and SSL) may still be configured via the "hazelcast.xml" file, see instructions on top of this file. Defaults to "false". /!\ ---==== Additional note ====--- /!\ If symmetric encryption is enabled, it might have impact on Hazelcast cluster stability. Hazelcast nodes start loosing cluster connectivity under high load scenarios </nowiki>
| hazelcast.properties:140
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.algorithm</nowiki>
| <nowiki>PBEWithMD5AndDES</nowiki>
| <nowiki>Configures the name of the symmetric encryption algorithm to use, such as "DES/ECB/PKCS5Padding", "PBEWithMD5AndDES", "Blowfish" or "DESede". The available cipher algorithms may vary based on the underlying JCE. Defaults to "PBEWithMD5AndDES". </nowiki>
| hazelcast.properties:146
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.salt</nowiki>
| <nowiki>2mw67LqNDEb3</nowiki>
| <nowiki>Specifies the salt value to use when generating the secret key for symmetric encryption. Defaults to "2mw67LqNDEb3". </nowiki>
| hazelcast.properties:150
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.password</nowiki>
| <nowiki>D2xhL8mPkjsF</nowiki>
| <nowiki>Specifies the pass phrase to use when generating the secret key for symmetric encryption. Defaults to "D2xhL8mPkjsF". </nowiki>
| hazelcast.properties:154
|-
| <nowiki>com.openexchange.hazelcast.network.symmetricEncryption.iterationCount</nowiki>
| <nowiki>19</nowiki>
| <nowiki>Configures the iteration count to use when generating the secret key for symmetric encryption. Defaults to "19". </nowiki>
| hazelcast.properties:158
|-
| <nowiki>com.openexchange.hazelcast.logging.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Configures whether Hazelcast's internal logging system is enabled or not. Defaults to "true". </nowiki>
| hazelcast.properties:165
|-
| <nowiki>com.openexchange.hazelcast.maxOperationTimeout</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Specifies the implicit maximum operation timeout in milliseconds for operations on distributed data structures, if no explicit timeout is specified for an operation. Defaults to "5000". </nowiki>
| hazelcast.properties:170
|-
| <nowiki>com.openexchange.hazelcast.jmx</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables or disables JMX monitoring for hazelcast components such as statistics about distributed data structures. Defaults to "true". </nowiki>
| hazelcast.properties:174
|-
| <nowiki>com.openexchange.hazelcast.jmxDetailed</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies whether detailed JMX monitoring is enabled or not, i.e. detailed information about entries in distributed data structures. Only taken into account if "com.openexchange.hazelcast.jmx" is "true". Defaults to "false". </nowiki>
| hazelcast.properties:179
|-
| <nowiki>com.openexchange.hazelcast.memcache.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables Hazelcast's internal Memcache client request listener service. Defaults to "false", as it's not needed by the backend. </nowiki>
| hazelcast.properties:183
|-
| <nowiki>com.openexchange.hazelcast.rest.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enables or disables Hazelcast's internal REST client request listener service. Defaults to "false", as it's not needed by the backend. </nowiki>
| hazelcast.properties:187
|-
| <nowiki>com.openexchange.hazelcast.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables or disables Hazelcast. Setting this property to "false" will result in no Hazelcast instance being created for this node, and all other dependent features will be disabled. Defaults to "true". </nowiki>
| hazelcast.properties:32
|-
| <nowiki>com.openexchange.hazelcast.group.name</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures the name of the cluster. Only nodes using the same group name will join each other and form the cluster. Required if "com.openexchange.hazelcast.network.join" is not "empty" (see below). </nowiki>
| hazelcast.properties:37
|-
| <nowiki>com.openexchange.hazelcast.group.password</nowiki>
| <nowiki>wtV6$VQk8#+3ds!a</nowiki>
| <nowiki>The password used when joining the cluster. Defaults to "wtV6$VQk8#+3ds!a". Please change this value, and ensure it's equal on all nodes in the cluster. </nowiki>
| hazelcast.properties:41
|-
| <nowiki>com.openexchange.hazelcast.network.join</nowiki>
| <nowiki>empty</nowiki>
| <nowiki>Specifies which mechanism is used to discover other backend nodes in the cluster. Possible values are "empty" (no discovery for single-node setups), "static" (fixed set of cluster member nodes) or "multicast" (automatic discovery of other nodes via multicast). Defaults to "empty". Depending on the specified value, further configuration might be needed, see "Networking" section below. </nowiki>
| hazelcast.properties:52
|-
| <nowiki>com.openexchange.hazelcast.network.join.static.nodes</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures a comma-separated list of IP addresses / hostnames of possible nodes in the cluster, e.g. "10.20.30.12, 10.20.30.13:5701, 192.178.168.110". Only used if "com.openexchange.hazelcast.network.join" is set to "static". It doesn't hurt if the address of the local host appears in the list, so that it's still possible to use the same list throughout all nodes in the cluster. </nowiki>
| hazelcast.properties:60
|-
| <nowiki>com.openexchange.hazelcast.network.join.multicast.group</nowiki>
| <nowiki>224.2.2.3</nowiki>
| <nowiki>Configures the multicast address used to discover other nodes in the cluster dynamically. Only used if "com.openexchange.hazelcast.network.join" is set to "multicast". If the nodes reside in different subnets, please ensure that multicast is enabled between the subnets. Defaults to "224.2.2.3". </nowiki>
| hazelcast.properties:66
|-
| <nowiki>com.openexchange.hazelcast.network.join.multicast.port</nowiki>
| <nowiki>54327</nowiki>
| <nowiki>Configures the multicast port used to discover other nodes in the cluster dynamically. Only used if "com.openexchange.hazelcast.network.join" is set to "multicast". Defaults to "54327". </nowiki>
| hazelcast.properties:71
|-
| <nowiki>com.openexchange.hazelcast.merge.firstRunDelay</nowiki>
| <nowiki>120s</nowiki>
| <nowiki>Configures the time until the first check if the cluster needs to merge is scheduled. This takes a timespan parameter with "ms" denoting milliseconds, "s" denoting seconds, "m" denoting minutes. The value is passed to the hazelcast property "hazelcast.merge.first.run.delay.seconds". Defaults to "120s". </nowiki>
| hazelcast.properties:78
|-
| <nowiki>com.openexchange.hazelcast.merge.runDelay</nowiki>
| <nowiki>120s</nowiki>
| <nowiki>Configures the time between each check if the cluster needs to merge. This takes a timespan parameter with "ms" denoting milliseconds, "s" denoting seconds, "m" denoting minutes. The value is passed to the hazelcast property "hazelcast.merge.next.run.delay.seconds". Defaults to "120s". </nowiki>
| hazelcast.properties:84
|-
| <nowiki>com.openexchange.hazelcast.network.interfaces</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>Comma-separated list of interface addresses hazelcast should use. Wildcards (*) and ranges (-) can be used. Leave blank to listen on all interfaces Especially in server environments with multiple network interfaces, it's recommended to specify the IP-address of the network interface to bind to explicitly. Defaults to "127.0.0.1" (local loopback only), needs to be adjusted when building a cluster of multiple backend nodes. </nowiki>
| hazelcast.properties:95
|-
| <nowiki>com.openexchange.hazelcast.network.port</nowiki>
| <nowiki>5701</nowiki>
| <nowiki>The port Hazelcast will listen for incoming connections. Defaults to "5701". </nowiki>
| hazelcast.properties:98
|-
| <nowiki>CONTEXT_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXContextMySQLStorage</nowiki>
| <nowiki></nowiki>
| hosting.properties:1
|-
| <nowiki>CREATE_CONTEXT_USE_UNIT</nowiki>
| <nowiki>context</nowiki>
| <nowiki>what to count when distributing contexts over db engines possible values: context or user </nowiki>
| hosting.properties:11
|-
| <nowiki>CHECK_CONTEXT_LOGIN_MAPPING_REGEXP</nowiki>
| <nowiki>[$%\\.+a-zA-Z0-9_-]</nowiki>
| <nowiki>pattern of allowed chars in login mapping names </nowiki>
| hosting.properties:14
|-
| <nowiki>NEW_CONTEXT_DEFAULT_ACCESS_COMBINATION_NAME</nowiki>
| <nowiki>webmail_plus</nowiki>
| <nowiki>Default access combination template name for newly created contexts! See also "ModuleAccessDefinitions" file for details! If the name is NOT defined in "ModuleAccessDefinitions" file , fallback will be used! </nowiki>
| hosting.properties:19
|-
| <nowiki>UTIL_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.storage.mysqlStorage.OXUtilMySQLStorage</nowiki>
| <nowiki></nowiki>
| hosting.properties:2
|-
| <nowiki>AVERAGE_CONTEXT_SIZE</nowiki>
| <nowiki>200</nowiki>
| <nowiki>Misc properties average size of a context in MB </nowiki>
| hosting.properties:6
|-
| <nowiki>CONTEXTS_PER_SCHEMA</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>amount of contexts per database schema </nowiki>
| hosting.properties:8
|-
| <nowiki>com.openexchange.imap.storeContainerType</nowiki>
| <nowiki>boundary-aware</nowiki>
| <nowiki>An IMAP connection cache acts a temporary keep-alive cache for already connected resources to an IMAP server's account. Meaning it keeps a resource open/connected for a short amount of time (see "com.openexchange.mail.mailAccessCacheIdleSeconds") and performs a "close elapsed ones" run periodically (see "com.openexchange.mail.mailAccessCacheShrinkerSeconds"). In addition to that behavior there are two modes of operation - bounded and unbounded. For an unbounded cache, set this property to "unbounded". Thus a user is allowed to establish as many connections to his IMAP account as demanded by his active clients (Web UI, EAS, Outlook OXtender, etc.). A bounded cache allows only as many concurrently opened resources as specified through "com.openexchange.imap.maxNumConnections" property. Taking the wording "resource" was chosen by intention, since two types of resource abstractions exist: IMAP store and IMAP protocol (an authenticated login's socket connection). The default setting "boundary-aware" considers an "IMAP store" as limited resources to an IMAP server. The vague thing about IMAP store is that it maintains a connection pool internally by itself. Thus it is possible that there are actually more active socket connections open than specified, because an IMAP store is allowed to open further connections when needed; e.g. when accessing another IMAP folder while INBOX has been opened, too. Practical experience showed that there will be at max.: "com.openexchange.imap.maxNumConnections" + 1 The setting "non-caching" does an exact mapping of resource to an established/authenticated socket connection to the IMAP account. It is named "non-caching" as it does no caching on its own, but delegates it to a custom queuing 'com.sun.mail.imap.IMAPStore' class. Thus an exact limitation of connected socket connections ('com.sun.mail.imap.protocol.IMAPProtocol' instances) is achieved. Specifying a quite small limitation - let's say "1" - arises the possibility that JavaMail gets dead-locked by itself. E.g. an IMAP store attempts to create a second connection. That attempt may get stalled as it waits for itself to free the already acquired connection which never happens. So, please use this exact mapping only if you specify a reasonable limitation. Default is "boundary-aware" </nowiki>
| imap.properties:115
|-
| <nowiki>com.openexchange.imap.maxNumExternalConnections</nowiki>
| <nowiki>imap.gmail.com:2,imap.googlemail.com:2</nowiki>
| <nowiki>Configure the max. number of concurrent connections which are allowed being established to a subscribed/external IMAP account. Notation is a comma-separated list of: <host> + ':' + <max-count>; e.g.: com.openexchange.imap.maxNumExternalConnections=imap.host1.com:4, imap.host2.com:6 For convenience a max-count can be specified which applies to all subscribed/external IMAP accounts; e.g.: com.openexchange.imap.maxNumExternalConnections=4 Zero or less is interpreted as unlimited. If not set, unlimited concurrent connections are allowed. </nowiki>
| imap.properties:124
|-
| <nowiki>com.openexchange.imap.enableTls</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables the use of the STARTTLS command (if supported by the server) to switch the connection to a TLS-protected connection. </nowiki>
| imap.properties:127
|-
| <nowiki>com.openexchange.imap.notifyRecent</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Notify about recent messages using mail push events. This is a poll-based alternative for any connection-keeping mail push bundle. </nowiki>
| imap.properties:130
|-
| <nowiki>com.openexchange.imap.notifyFrequencySeconds</nowiki>
| <nowiki>300</nowiki>
| <nowiki>The frequency when a check for recent mails is enforced. </nowiki>
| imap.properties:133
|-
| <nowiki>com.openexchange.imap.notifyFullNames</nowiki>
| <nowiki>INBOX</nowiki>
| <nowiki>The full names of the folders to consider. </nowiki>
| imap.properties:136
|-
| <nowiki>com.openexchange.imap.imapSearch</nowiki>
| <nowiki>imap</nowiki>
| <nowiki>Define where to search for emails: - Use value "imap" to let the IMAP Server search. The search is done on IMAP server if a mailbox' size exceeds the mailFetchLimit as defined in mail.properties. - Use value "force-imap" to let the IMAP Server search in every case. - Leave blank or fill in value "application" to search within application. </nowiki>
| imap.properties:14
|-
| <nowiki>com.openexchange.imap.maxMailboxNameLength</nowiki>
| <nowiki>60</nowiki>
| <nowiki>The max. length of a mailbox name Default is 60 characters </nowiki>
| imap.properties:140
|-
| <nowiki>com.openexchange.imap.invalidMailboxNameCharacters</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies a space-separated list of characters that are not allowed to be contained in a mailbox name; e.g. >>com.openexchange.imap.invalidMailboxNameCharacters="; / . | \\"<< Default is empty. </nowiki>
| imap.properties:145
|-
| <nowiki>com.openexchange.imap.allowFolderCaches</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enables/disables caching of IMAP folders. Default is true. Note: Only disable IMAP folder cache if you certainly know what you are doing. Disabling that cache may result in noticeable performance decrease. </nowiki>
| imap.properties:151
|-
| <nowiki>com.openexchange.imap.ssl.protocols</nowiki>
| <nowiki>SSLv3 TLSv1</nowiki>
| <nowiki>Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Default value is: SSLv3 TLSv1 </nowiki>
| imap.properties:155
|-
| <nowiki>com.openexchange.imap.ssl.ciphersuites</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the SSL cipher suites that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Check "http://<ox-grizzly-hostname>:<ox-grizzly-port>/stats/diagnostic?param=ciphersuites" to check available cipher suites. Default value is empty (fall-back to current JVM's default SSL cipher suite) </nowiki>
| imap.properties:162
|-
| <nowiki>com.openexchange.imap.umlautFilterThreshold</nowiki>
| <nowiki>50</nowiki>
| <nowiki>Specify the threshold for number of search results returned by IMAP server for which manual umlauts-filtering will be applied. If less than or equal to zero, no manual filtering will be applied. Default value is 50. </nowiki>
| imap.properties:19
|-
| <nowiki>com.openexchange.imap.imapFastFetch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This property determines whether a fast fetch is performed on large mail folders or not. Although the fetch is fast on IMAP side, a lot of data is transfered during reading response which cause a temporary memory peak. If disabled only the necessary fields are used as command arguments, which is slower but needs less memory. NOTE: See property "imapMessageFetchLimit" to know which mail folders are treated as large mail folders </nowiki>
| imap.properties:28
|-
| <nowiki>com.openexchange.imap.imapSupportsACL</nowiki>
| <nowiki>auto</nowiki>
| <nowiki>Define if IMAP server supports ACLs. Possible values: true/false/auto NOTE: Value "auto" means to use server-defined ACL support as indicated through response to IMAP command "CAPABILITY" </nowiki>
| imap.properties:33
|-
| <nowiki>com.openexchange.imap.imapTimeout</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.imap.timeout </nowiki>
| imap.properties:37
|-
| <nowiki>com.openexchange.imap.imapConnectionTimeout</nowiki>
| <nowiki>20000</nowiki>
| <nowiki>Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.imap.connectiontimeout </nowiki>
| imap.properties:41
|-
| <nowiki>com.openexchange.imap.imapTemporaryDown</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define the amount of time in milliseconds an IMAP server is treated as being temporary down. An IMAP server is treated as being temporary down if a socket connect fails. Further requests to the affected IMAP server are going to be denied for the specified amount of time. A value less or equal to zero disables this setting. </nowiki>
| imap.properties:47
|-
| <nowiki>com.openexchange.imap.failedAuthTimeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>The number of milliseconds a failed authentication attempt is cached to faster handle subsequent authentication attempts Default is 10 seconds. </nowiki>
| imap.properties:52
|-
| <nowiki>com.openexchange.imap.imapAuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for IMAP authentication </nowiki>
| imap.properties:55
|-
| <nowiki>com.openexchange.imap.User2ACLImpl</nowiki>
| <nowiki>auto</nowiki>
| <nowiki>Name of the class that implements User2ACL, their alias or "auto" to use auto-detection. Currently known aliases: Cyrus, Courier, Dovecot, and Sun (Sun Java(tm) System Messaging Server) </nowiki>
| imap.properties:59
|-
| <nowiki>com.openexchange.imap.blockSize</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>IMAP operations which shall be applied to a number of messages which exceeds the block size are performed in blocks. Example: A folder containing thousands of messages shall be cleared. To avoid the risk of an IMAP timeout when trying to delete all messages at once, the messages are deleted in block size portions. A block size equal to or less than zero means no block size. </nowiki>
| imap.properties:66
|-
| <nowiki>com.openexchange.imap.spamHandler</nowiki>
| <nowiki>DefaultSpamHandler</nowiki>
| <nowiki>Define the registration name of the appropriate spam handler to use </nowiki>
| imap.properties:69
|-
| <nowiki>com.openexchange.imap.imapSort</nowiki>
| <nowiki>imap</nowiki>
| <nowiki>Define where to sort emails: Value "imap" to let the IMAP Server sort (faster but less reliable). Leave blank or fill in value "application" to sort within application (slower but good quality). The sorting is done on IMAP server if a mailbox' size exceeds the mailFetchLimit as defined in mail.properties. NOTE: This value is going to be set to "application" if IMAP server capabilities do not contain string "SORT" </nowiki>
| imap.properties:7
|-
| <nowiki>com.openexchange.imap.propagateClientIPAddress</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether client's IP address should be propagated by a NOOP command; e.g. "A01 NOOP <CLIENT_IP>" </nowiki>
| imap.properties:72
|-
| <nowiki>com.openexchange.imap.propagateHostNames</nowiki>
| <nowiki></nowiki>
| <nowiki>Configure a comma-separated list of external IMAP server's host names which should receive client's IP address by a NOOP command, too </nowiki>
| imap.properties:75
|-
| <nowiki>com.openexchange.imap.maxNumConnections</nowiki>
| <nowiki>0</nowiki>
| <nowiki>The max. number of connection allowed being established for a user to an IMAP server. Less than or equal to zero means infinite. Please also consider "com.openexchange.imap.storeContainerType". Note: This setting overrides possibles restrictions specified through property "com.openexchange.imap.maxNumExternalConnections" if this property's value is less than the other one. Default is 0 (zero). </nowiki>
| imap.properties:84
|-
| <nowiki>com.openexchange.imap.namespacePerUser</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This option controls whether there it is expected to have a dedicated NAMESPACE per user or not. In case of "true" each mailbox account on associated IMAP server is allowed to have its own NAMESPACE set; might be "" (root) or "INBOX.". Otherwise for "false" every mailbox is assumed to have the same NAMESPACE set.
This influences the way Open-Xchange Server detects & caches NAMESPACE information; either on a per user basis (more IMAP traffic) or globally (only requested once).
It should not be changed/touched unless IMAP server behavior is well know.</nowiki>
| imap.properties
|-
| <nowiki>IMAP_TIMEOUT</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Socket I/O timeout value in milliseconds </nowiki>
| imapauth.properties:11
|-
| <nowiki>IMAP_CONNECTIONTIMEOUT</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Socket connection timeout value in milliseconds </nowiki>
| imapauth.properties:14
|-
| <nowiki>IMAP_SERVER</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>imap server ip or fqdn </nowiki>
| imapauth.properties:2
|-
| <nowiki>USE_FULL_LOGIN_INFO</nowiki>
| <nowiki>true</nowiki>
| <nowiki>############################################# Set to true to auth with "user@domain" instead of just "user" against imap server. If true the "domain" part will be used as the context name of the ox system. so add "domain" as a login mapping to be able to login. If false, the plugin react as only 1 context exists in the ox system, and this context has the mapping "defaultcontext" added. </nowiki>
| imapauth.properties:22
|-
| <nowiki>USE_MULTIPLE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>######## MULTIPLE IMAP SERVERS ############# If set to true the IMAP authentication plugin gets all IMAP server information from the OX database instead of reading configuration from this file. Following information is fetched from DB and will be used to authenticate against the server: - server - port - ssl/tls Moreover the proper login name is detected as configured by property "com.openexchange.mail.loginSource". To use this feature, set the correct values while provisioning an OX user. Useful if you have many IMAP Servers to connect to. ##### INFO: Domain part of the login is used as context name. Example: test@test.org Username of the OX account must be "test" and name of the OX context must be "test.org" </nowiki>
| imapauth.properties:47
|-
| <nowiki>IMAP_PORT</nowiki>
| <nowiki>143</nowiki>
| <nowiki>port on which the imap server is listening </nowiki>
| imapauth.properties:5
|-
| <nowiki>com.openexchange.authentication.imap.imapAuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for IMAP authentication </nowiki>
| imapauth.properties:51
|-
| <nowiki>IMAP_USE_SECURE</nowiki>
| <nowiki>false</nowiki>
| <nowiki>set to true if connecting via imaps:// </nowiki>
| imapauth.properties:8
|-
| <nowiki>com.openexchange.index.allowedModules </nowiki>
| <nowiki></nowiki>
| <nowiki>Specify all modules that may be indexed as a comma-separated list of module identifiers (these are numbers defined in http://oxpedia.org/wiki/index.php?title=HTTP_API#LinkObject). The default value is empty and disables indexing as a whole. This value takes effect on server granularity and can be overwritten for sets of contexts, single contexts and single users. See http://oxpedia.org/wiki/index.php?title=ConfigCascade and /ox-config-path/contextSets/index.yml for more information on this. Possible modules: E-Mail: 19 As of now only E-Mail can be enabled. Enabling other modules may lead to unforseen errors during runtime. </nowiki>
| index.properties:16
|-
| <nowiki>com.openexchange.service.indexing.workerThreads </nowiki>
| <nowiki> 4</nowiki>
| <nowiki>The number of worker threads for the clustered job scheduler instance that executes the indexing jobs. More worker threads allow it to run more indexing jobs at the same time, but will also increase the load of the worker node. It is recommended to start with a number not higher than the nodes number of CPU cores. Increasing the number afterwards always requires a restart of the node. </nowiki>
| indexing-service.properties:6
|-
| <nowiki>translator.get_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.IdListTranslator</nowiki>
| <nowiki></nowiki>
| infostore-querybuilder.properties:1
|-
| <nowiki>get_request.id_field </nowiki>
| <nowiki> uuid</nowiki>
| <nowiki></nowiki>
| infostore-querybuilder.properties:2
|-
| <nowiki>translator.all_request </nowiki>
| <nowiki> com.openexchange.index.solr.internal.querybuilder.translators.AllTranslator</nowiki>
| <nowiki></nowiki>
| infostore-querybuilder.properties:4
|-
| <nowiki>com.openexchange.infostore.zipDocumentsCompressionLevel</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Configures the used compression level that is applied to .zip containers when downloading multiple documents at once. Possible values are "-1" for the built-in default level, "0" for no compression, or any number between "1" (best speed) and "9" (best compression). Defaults to "-1". </nowiki>
| infostore.properties:10
|-
| <nowiki>MAX_UPLOAD_SIZE</nowiki>
| <nowiki>10485760</nowiki>
| <nowiki>If the sum of all uploaded files in one request is larger than this value, the upload will be rejected. If this value is not set or 0, the more general MAX_UPLOAD_SIZE configured in server.properties will be used. If that value is also 0 or not set, uploads will be unrestricted. The size is in Bytes. </nowiki>
| infostore.properties:4
|-
| <nowiki>com.openexchange.jolokia.servlet.name </nowiki>
| <nowiki> /monitoring/jolokia</nowiki>
| <nowiki>Under what servlet name jolokia will be published, please bear in mind that this should not be forwarded by apache and kept internal </nowiki>
| jolokia.properties:11
|-
| <nowiki>com.openexchange.jolokia.user </nowiki>
| <nowiki></nowiki>
| <nowiki>User used for authentication with HTTP Basic Authentication. If not set, jolokia won't start </nowiki>
| jolokia.properties:14
|-
| <nowiki>com.openexchange.jolokia.password </nowiki>
| <nowiki></nowiki>
| <nowiki>Password used for authentification with HTTP Basic Authentication. If not set, jolokia won't start </nowiki>
| jolokia.properties:17
|-
| <nowiki>com.openexchange.jolokia.maxDepth </nowiki>
| <nowiki> 0</nowiki>
| <nowiki>Maximum depth when traversing bean properties. If set to 0, depth checking is disabled </nowiki>
| jolokia.properties:20
|-
| <nowiki>com.openexchange.jolokia.maxObjects </nowiki>
| <nowiki> 100000</nowiki>
| <nowiki>Maximum number of objects which are traversed when serializing a single response. Use this as an airbag to avoid boosting your memory and network traffic. Nevertheless, when set to 0 no limit is imposed. </nowiki>
| jolokia.properties:24
|-
| <nowiki>com.openexchange.jolokia.restrict.to.localhost </nowiki>
| <nowiki> true</nowiki>
| <nowiki>This setting will restrict jolokia access to localhost. It is completly ignored when a jolokia-access.xml is present. It is also a second guard and bound to com.openexchange.connector.networkListenerHost inside server.properties As Jolokia uses the http / ajp interface, it is bound to the host for the connector's (ajp, http) network listener which is configured by com.openexchange.connector.networkListenerHost. </nowiki>
| jolokia.properties:30
|-
| <nowiki>com.openexchange.jolokia.start </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Start jolokia </nowiki>
| jolokia.properties:8
|-
| <nowiki>com.openexchange.kerberos.proxyDelimiter</nowiki>
| <nowiki>+</nowiki>
| <nowiki>Define a delimiter to be used to separate proxy authentication from normal user login on the frontend login screen. If defined, a proxy user can login on behalf of a user using the form <PROXYACCOUNT><DELIMITER><USERACCOUNT>. NOTE: Login to the mail server is not supported. The implementation for mail filter implementation based on SIEVE protocol does not support a proxy authentication, so it will raise error messages. </nowiki>
| kerberos.properties:15
|-
| <nowiki>com.openexchange.kerberos.proxyUser</nowiki>
| <nowiki></nowiki>
| <nowiki>Comma separated list of proxy user logins allowed to login as a proxy user for every other user account. </nowiki>
| kerberos.properties:18
|-
| <nowiki>java.security.auth.login.config</nowiki>
| <nowiki>/opt/open-xchange/etc/kerberosLogin.conf</nowiki>
| <nowiki>path to the Java authentication and authorization configuration file </nowiki>
| kerberos.properties:21
|-
| <nowiki>sun.security.krb5.debug</nowiki>
| <nowiki>false</nowiki>
| <nowiki>enable kerberos debugging </nowiki>
| kerberos.properties:24
|-
| <nowiki>java.security.krb5.conf</nowiki>
| <nowiki>/opt/open-xchange/etc/krb5.conf</nowiki>
| <nowiki>path to the krb5.conf configuration file java.security.krb5.conf=/etc/krb5.conf </nowiki>
| kerberos.properties:28
|-
| <nowiki>com.openexchange.kerberos.moduleName</nowiki>
| <nowiki>Open-Xchange</nowiki>
| <nowiki>Name of the module in the authentication and authorization configuration file. Must be an entry in the file named by java.security.auth.login.config. </nowiki>
| kerberos.properties:5
|-
| <nowiki>com.openexchange.kerberos.userModuleName</nowiki>
| <nowiki>Open-Xchange-User-Auth</nowiki>
| <nowiki>Name of the module in the authentication and authorization configuration file used for username and password authentication. Must be an entry in the file named by java.security.auth.login.config </nowiki>
| kerberos.properties:9
|-
| <nowiki>com.openexchange.langdetect.languageModelsDir</nowiki>
| <nowiki>languageModels</nowiki>
| <nowiki>The path to the directory containing the language models </nowiki>
| lang-detect.properties:4
|-
| <nowiki>com.openexchange.langdetect.languageCodesFile</nowiki>
| <nowiki>language-codes.properties</nowiki>
| <nowiki>Maps language to their code </nowiki>
| lang-detect.properties:7
|-
| <nowiki>com.sun.jndi.ldap.connect.timeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Timeouts are useful to get quick responses for login requests. This timeout is used if a new connection is established. </nowiki>
| ldapauth.properties:12
|-
| <nowiki>com.sun.jndi.ldap.read.timeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>This timeout only works since Java 6 SE to time out waiting for a response. </nowiki>
| ldapauth.properties:15
|-
| <nowiki>uidAttribute</nowiki>
| <nowiki>uid</nowiki>
| <nowiki>This attribute is used login. E.g. uid=<login>,baseDN </nowiki>
| ldapauth.properties:18
|-
| <nowiki>baseDN</nowiki>
| <nowiki>ou=Users,ou=OxObjects,dc=open-xchange,dc=com</nowiki>
| <nowiki>This is the base distinguished name where the user are located. </nowiki>
| ldapauth.properties:21
|-
| <nowiki>ldapReturnField</nowiki>
| <nowiki></nowiki>
| <nowiki>If you do not want to pass on the user id, used for authentication, to the groupware but another field entry of the LDAP user object, then you can specify the field here. </nowiki>
| ldapauth.properties:26
|-
| <nowiki>adsBind</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This option activates a special ADS bind. It allows the user to authenticate at the ADS with only the displayName or by using the syntax DOMAIN\Samaccountname. Note that "\" cannot be used in user names when this option is activated. </nowiki>
| ldapauth.properties:32
|-
| <nowiki>subtreeSearch</nowiki>
| <nowiki>false</nowiki>
| <nowiki>set subtreeSearch to true if the user entries are not directly below the baseDN, and e.g. distributed over one or more subtrees. The bindDN to authenticate the user will then determined using a search over the complete tree below baseDN NOTE: When two users exist with the same uidAttribute, authentication will be refused, though. </nowiki>
| ldapauth.properties:40
|-
| <nowiki>searchFilter</nowiki>
| <nowiki>(objectclass=posixAccount)</nowiki>
| <nowiki>specify the filter to limit the search of user entries (used in combination with subtreeSearch=true. the filter will be ANDed with the attributed specified in uidAttribute. Example: (&(objectclass=posixAccount)(uid=foo)) </nowiki>
| ldapauth.properties:47
|-
| <nowiki>java.naming.provider.url</nowiki>
| <nowiki>ldap://localhost:389/dc=example,dc=com</nowiki>
| <nowiki>URL of the LDAP server to connect to for authenticating users. ldaps is supported. </nowiki>
| ldapauth.properties:5
|-
| <nowiki>bindDN</nowiki>
| <nowiki></nowiki>
| <nowiki>if your LDAP server does not allow to do searches without any authentication, specify a dn here to bind in order to search (used in combination with subtreeSearch=true). </nowiki>
| ldapauth.properties:52
|-
| <nowiki>bindDNPassword</nowiki>
| <nowiki></nowiki>
| <nowiki>the password required for the bindDN </nowiki>
| ldapauth.properties:55
|-
| <nowiki>referral</nowiki>
| <nowiki>follow</nowiki>
| <nowiki>This option configures how to handle the chasing of referrals in LDAP (see http://java.sun.com/products/jndi/tutorial/ldap/referral/overview.html). possible values: ignore, follow, throw </nowiki>
| ldapauth.properties:60
|-
| <nowiki>java.naming.security.authentication</nowiki>
| <nowiki>simple</nowiki>
| <nowiki>Defines the authentication security that should be used. </nowiki>
| ldapauth.properties:8
|-
| <nowiki>com.openexchange.licensekey.1</nowiki>
| <nowiki>OX-AS-MK-123456-789</nowiki>
| <nowiki></nowiki>
| licensekeys.properties:1
|-
| <nowiki>modules/themes/light_breeze</nowiki>
| <nowiki>Light Breeze</nowiki>
| <nowiki>The following property defines the light breeze theme of the AJAX GUI. </nowiki>
| light-breeze-theme.properties:4
|-
| <nowiki>com.openexchange.oauth.linkedin</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable LinkedIn OAuth support </nowiki>
| linkedinoauth.properties:2
|-
| <nowiki>com.openexchange.socialplugin.linkedin.apikey</nowiki>
| <nowiki>REPLACE_THIS_WITH_THE_KEY_FROM_YOUR_LINKEDIN_APP</nowiki>
| <nowiki>These keys are either pre-filled or need to be replaced by ones gotten from an application managed at linkedIn for information how to create this application please see http://oxpedia.org/wiki/index.php?title=LinkedIn_Bundles </nowiki>
| linkedinoauth.properties:6
|-
| <nowiki>com.openexchange.socialplugin.linkedin.apisecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_THE_SECRET_FROM_YOUR_LINKEDIN_APP</nowiki>
| <nowiki></nowiki>
| linkedinoauth.properties:7
|-
| <nowiki>com.openexchange.subscribe.socialplugin.linkedin</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| linkedinsubscribe.properties:1
|-
| <nowiki>com.openexchange.subscribe.socialplugin.linkedin.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| linkedinsubscribe.properties:2
|-
| <nowiki>log4j.rootLogger</nowiki>
| <nowiki> ERROR, console</nowiki>
| <nowiki></nowiki>
| log4j.properties:1
|-
| <nowiki>log4j.rootLogger</nowiki>
| <nowiki> ERROR, console</nowiki>
| <nowiki></nowiki>
| log4j.properties:1
|-
| <nowiki>log4j.appender.console</nowiki>
| <nowiki>org.apache.log4j.ConsoleAppender</nowiki>
| <nowiki></nowiki>
| log4j.properties:3
|-
| <nowiki>log4j.appender.console</nowiki>
| <nowiki>org.apache.log4j.ConsoleAppender</nowiki>
| <nowiki></nowiki>
| log4j.properties:3
|-
| <nowiki>log4j.appender.console</nowiki>
| <nowiki>org.apache.log4j.ConsoleAppender</nowiki>
| <nowiki></nowiki>
| log4j.properties:3
|-
| <nowiki>log4j.appender.console.layout</nowiki>
| <nowiki>org.apache.log4j.PatternLayout</nowiki>
| <nowiki></nowiki>
| log4j.properties:4
|-
| <nowiki>log4j.appender.console.layout</nowiki>
| <nowiki>org.apache.log4j.PatternLayout</nowiki>
| <nowiki></nowiki>
| log4j.properties:4
|-
| <nowiki>log4j.appender.console.layout</nowiki>
| <nowiki>org.apache.log4j.PatternLayout</nowiki>
| <nowiki></nowiki>
| log4j.properties:4
|-
| <nowiki>log4j.appender.console.layout.ConversionPattern</nowiki>
| <nowiki> %d{dd.MM.yyyy HH:mm:ss} [%t] %-5p %c{1} - %m%n</nowiki>
| <nowiki></nowiki>
| log4j.properties:5
|-
| <nowiki>log4j.appender.console.layout.ConversionPattern</nowiki>
| <nowiki> %d{dd.MM.yyyy HH:mm:ss} [%t] %-5p %c{1} - %m%n</nowiki>
| <nowiki></nowiki>
| log4j.properties:5
|-
| <nowiki>log4j.appender.console.layout.ConversionPattern</nowiki>
| <nowiki> %d{dd.MM.yyyy HH:mm:ss} [%t] %-5p %c{1} - %m%n</nowiki>
| <nowiki></nowiki>
| log4j.properties:5
|-
| <nowiki>log4j.logger.com.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:7
|-
| <nowiki>log4j.logger.com.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:7
|-
| <nowiki>log4j.logger.de.kippdata</nowiki>
| <nowiki>INFO,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:7
|-
| <nowiki>log4j.logger.org.apache.solr</nowiki>
| <nowiki>WARN,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:8
|-
| <nowiki>log4j.logger.com.openexchange.realtime.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:8
|-
| <nowiki>log4j.logger.com.openexchange.realtime.hazelcast</nowiki>
| <nowiki>TRACE,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:8
|-
| <nowiki>log4j.logger.org.apache.solr.analysis</nowiki>
| <nowiki>ERROR,console</nowiki>
| <nowiki></nowiki>
| log4j.properties:9
|-
| <nowiki>com.openexchange.login.internal.LoginPerformer.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>Important note: The following option ensures, that all login relevant information is logged correctly. Such information is essential to detect and to address session issues, pontentially caused by 3rd parties. Open-Xchange strongly suggests NOT to modify this configuration setting unless you are forced to do so by specific legal requirements, e.g. privacy regulations. Please note: If these settings are changed, Open-Xchange will take no responsibility and will exclude support regarding any session issues and potential security breaches arising thereof. </nowiki>
| logging.properties:15
|-
| <nowiki>com.openexchange.sessiond.impl.SessionHandler.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:16
|-
| <nowiki>sun.rmi.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:18
|-
| <nowiki>org.apache.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| logging.properties:19
|-
| <nowiki>.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki>possible log levels are ALL INFO DEBUG </nowiki>
| logging.properties:2
|-
| <nowiki>com.sun.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:20
|-
| <nowiki>javax.management.level</nowiki>
| <nowiki>INFO</nowiki>
| <nowiki></nowiki>
| logging.properties:21
|-
| <nowiki>com.hazelcast.level</nowiki>
| <nowiki>SEVERE</nowiki>
| <nowiki></nowiki>
| logging.properties:22
|-
| <nowiki>com.openexchange.documentconverter.impl.IManager.level</nowiki>
| <nowiki>WARNING</nowiki>
| <nowiki></nowiki>
| logging.properties:23
|-
| <nowiki>handlers</nowiki>
| <nowiki>java.util.logging.ConsoleHandler</nowiki>
| <nowiki></nowiki>
| logging.properties:4
|-
| <nowiki>java.util.logging.ConsoleHandler.level</nowiki>
| <nowiki>ALL</nowiki>
| <nowiki></nowiki>
| logging.properties:5
|-
| <nowiki>com.openexchange.ajax.login.http-auth.client</nowiki>
| <nowiki>com.openexchange.ox.gui.dhtml</nowiki>
| <nowiki>Every client tells the backend through the client parameter on the login request his identity. This is not possible when using the HTTP authorization header based login. So the client identifier for that request is defined here. It must be the same identifier that the web frontend uses, if you set com.openexchange.cookie.hash to calculate and want the previously configured autologin to work. Identifier for web UI is: com.openexchange.ox.gui.dhtml </nowiki>
| login.properties:14
|-
| <nowiki>com.openexchange.ajax.login.http-auth.version</nowiki>
| <nowiki>HTTP Auth</nowiki>
| <nowiki>The version of the client when using the HTTP Authorization Header based login. This should not be the normal web frontend version because a different version can be used to distinguish logins through HTTP authorization header and normal login request. </nowiki>
| login.properties:18
|-
| <nowiki>com.openexchange.ajax.login.insecure</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether an insecure login is allowed. Meaning if local IP and/or user-agent strings are replaced in associated user session on login redirect or login redeem requests. To create a session from a server for some client you have to pass the clients IP address when creating the session. WARNING! Setting this parameter to true may result in users seeing a different users content if the infrastructure around OX does not work correctly. </nowiki>
| login.properties:30
|-
| <nowiki>com.openexchange.ajax.login.redirect.changeIPAllowed</nowiki>
| <nowiki>true</nowiki>
| <nowiki>This option has only an effect if com.openexchange.ajax.login.insecure is configured to true. This option allows to enable the IP check for /ajax/login?action=redirect requests. This request is mostly used to create a session without using the OX web UI login screen. The previous behavior allowed to change the IP for this request. Configure this option to false to have an IP check during this request. Additionally you can white list IP addresses from that an IP change is still allowed. This is useful if other systems in the infrastructure around OX want to create the session. </nowiki>
| login.properties:37
|-
| <nowiki>com.openexchange.ajax.login.randomToken</nowiki>
| <nowiki>false</nowiki>
| <nowiki>The Random-Token is a one time token with a limited lifetime, which is used to initiate sessions through 3rd party applications or websites. It is a UUID, generated by the backend via default Java UUID implementation. This token is deprecated and disabled by default. Setting this to false will prevent a random token from being written as part of the login response and prevent logins via a random token. </nowiki>
| login.properties:43
|-
| <nowiki>com.openexchange.ajax.login.formatstring.login</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the format for a logged login. Default format string "$login $ip $auth $agent $client $c $u $s" $s - session information $c - context information $u - user information $login - login string $ip - IP $auth - auth ID $agent - User-Agent $client - client identifier (and version) $iface - associated interface e.g. "$u - $c - $s - $agent - $client" Default is empty; meaning default format string. </nowiki>
| login.properties:61
|-
| <nowiki>com.openexchange.ajax.login.formatstring.logout</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the format for a logged logout. Default format string "Logout $c $u $s" $s - session information $c - context information $u - user information e.g. "$u - $c - $s" Default is empty; meaning default format string. </nowiki>
| login.properties:73
|-
| <nowiki>com.openexchange.ajax.login.http-auth.autologin</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures if some user is able to reenter his existing session after closing the browser tab or the complete browser. Setting this to true may be a security risk for clients running on unsafe computers. If this is configured to true, check that the parameter client contains the same identifier the UI sends as client parameter on normal login request. Otherwise the backend will not be able to rediscover the users session after closing the browser tab. This parameter only applies to the HTTP authorization header based login request. </nowiki>
| login.properties:8
|-
| <nowiki>strategy </nowiki>
| <nowiki> SimpleStrategy</nowiki>
| <nowiki>two options here either SimpleStrategy or NetworkTopologyStrategy </nowiki>
| loxandra.properties:13
|-
| <nowiki>node </nowiki>
| <nowiki> 192.168.33.37:9160</nowiki>
| <nowiki>node ip with port eg. node = 127.0.0.1:9160 </nowiki>
| loxandra.properties:3
|-
| <nowiki>keyspace </nowiki>
| <nowiki> OX</nowiki>
| <nowiki>keyspace name </nowiki>
| loxandra.properties:6
|-
| <nowiki>replication_factor </nowiki>
| <nowiki> 3</nowiki>
| <nowiki>replication factor of the keyspace </nowiki>
| loxandra.properties:9
|-
| <nowiki>com.openexchange.push.allowedClients</nowiki>
| <nowiki>"USM-EAS*", "USM-JSON*"</nowiki>
| <nowiki>Specify the comma-separated list of clients which are allowed to receive notifications about new mails. Wild-card notation is allowed. </nowiki>
| mail-push.properties:5
|-
| <nowiki>com.openexchange.mail.watcherTime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>Define exceeding time in milliseconds for mail connections. If use time of an mail connection exceeds this value it is logged. Thus unclosed connections can be detected. </nowiki>
| mail.properties:104
|-
| <nowiki>com.openexchange.mail.watcherShallClose</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define if watcher is allowed to close exceeded mail connections </nowiki>
| mail.properties:107
|-
| <nowiki>com.openexchange.mail.JavaMailProperties</nowiki>
| <nowiki>javamail.properties</nowiki>
| <nowiki>JavaMail Properties </nowiki>
| mail.properties:110
|-
| <nowiki>com.openexchange.mail.phishingHeader</nowiki>
| <nowiki></nowiki>
| <nowiki>A comma-separated list of headers which identifies phishing headers; e.g. X-Phishing1,X-Phishing2,etc. Leave empty for no phishing header. </nowiki>
| mail.properties:115
|-
| <nowiki>com.openexchange.mail.adminMailLoginEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define whether a context admin is allowed to login to mail system or not. Note that a mail account is supposed to exist if set to true; if not an authentication error will occur. </nowiki>
| mail.properties:120
|-
| <nowiki>com.openexchange.mail.addClientIPAddress</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Set whether client's IP address should be added to mail headers on delivery as custom header "X-Originating-IP" </nowiki>
| mail.properties:124
|-
| <nowiki>com.openexchange.mail.rateLimitPrimaryOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Define if the rateLimit and maxToCcBcc settings below will only affect the primary account or all accounts </nowiki>
| mail.properties:128
|-
| <nowiki>com.openexchange.mail.rateLimit</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Define the time (in milliseconds) which must pass by before a new mail can be sent A value of 0 disables the limit. </nowiki>
| mail.properties:132
|-
| <nowiki>com.openexchange.mail.maxToCcBcc</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Define the allowed maximum number of recipients in a mail A value of 0 disables the limit. </nowiki>
| mail.properties:136
|-
| <nowiki>com.openexchange.mail.passwordSource</nowiki>
| <nowiki>session</nowiki>
| <nowiki>Set the password source for primary mail/transport account; meaning which source is taken to determine a user's password to login into mailing system. If 'session' is set, then user's individual system's password is taken. If 'global' is set, then the value specified through property 'com.openexchange.mail.masterPassword' is taken. Currently known values: session and global </nowiki>
| mail.properties:14
|-
| <nowiki>com.openexchange.mail.hidePOP3StorageFolders</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether folders which carry a POP3 account shall not be displayed. This property affects primary account only. </nowiki>
| mail.properties:140
|-
| <nowiki>com.openexchange.mail.deleteDraftOnTransport</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to delete draft messages when sent out Note: Client MUST provide appropriate value in "sendtype" field; see http://oxpedia.org/wiki/index.php?title=HTTP_API#Send_a_mail </nowiki>
| mail.properties:145
|-
| <nowiki>com.openexchange.mail.supportMsisdnAddresses</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define if MSISDN addresses are supported or not. </nowiki>
| mail.properties:148
|-
| <nowiki>com.openexchange.mail.translateDefaultFolders</nowiki>
| <nowiki>true</nowiki>
| <nowiki>If set to 'false', translation of names of the mail default folders is not performed, if naming differs from pre-defined default values. Thus custom set names can be specified for Trash, Drafts, Sent & Spam folder. By default this value is 'true'. Pre-defined names are: "Trash" "Drafts" "Sent objects" "Spam" </nowiki>
| mail.properties:160
|-
| <nowiki>com.openexchange.mail.maxMailSize</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the max. mail size allowed being transported A value of zero or less means infinite. Default is -1 (infinite) </nowiki>
| mail.properties:173
|-
| <nowiki>com.openexchange.mail.hideDetailsForDefaultAccount</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to hide rather technical data from JSON representation of the primary mail account e.g. port, server name, secure flag, etc. Default is false </nowiki>
| mail.properties:178
|-
| <nowiki>com.openexchange.mail.maxForwardCount</nowiki>
| <nowiki>8</nowiki>
| <nowiki>Specifies the max. number of message attachments that are allowed to be forwarded as attachment Default is 8 </nowiki>
| mail.properties:182
|-
| <nowiki>com.openexchange.mail.account.blacklist</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies a black-list for those hosts that are covered by denoted IP range; e.g. "127.0.0.1-127.255.255.255" An empty value means no black-listing is active Default is empty </nowiki>
| mail.properties:187
|-
| <nowiki>com.openexchange.mail.imageHost</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the host/domain from which to load inlined images contained in message content Example "com.openexchange.mail.imageHost=http://my.imagehost.org". In case no protocol/schema is specified, "http" is assumed by default Default is empty; meaning to load from originating host </nowiki>
| mail.properties:193
|-
| <nowiki>com.openexchange.mail.mailServerSource</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Set the mail server source for primary mail account; meaning which source is taken to determine the mail server into which the user wants to login to access mails. Set to 'global' to take the value specified through property "com.openexchange.mail.mailServer". Set to 'user' to take user's individual mail server settings as specified in storage. Currently known values: user and global </nowiki>
| mail.properties:21
|-
| <nowiki>com.openexchange.mail.transportServerSource</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Set the transport server source for primary transport account; meaning which source is taken to determine the transport server into which the user wants to login to transport mails. Set to 'global' to take the value specified through property "com.openexchange.mail.transportServer". Set to 'user' to take user's individual transport server settings as specified in storage. Currently known values: user and global </nowiki>
| mail.properties:28
|-
| <nowiki>com.openexchange.mail.masterPassword</nowiki>
| <nowiki>secret</nowiki>
| <nowiki>The master password for primary mail/transport server. Only takes effect when property "com.openexchange.mail.passwordSource" is set to "global" </nowiki>
| mail.properties:32
|-
| <nowiki>com.openexchange.mail.mailServer</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>Primary mail server: e.g. 192.168.178.32:8143 or imap://192.168.178.32:7143 Only takes effect when property "com.openexchange.mail.mailServerSource" is set to "global" </nowiki>
| mail.properties:36
|-
| <nowiki>com.openexchange.mail.transportServer</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>Primary transport server: e.g. 192.168.178.32:125 or smtp://192.168.178.32:225 Only takes effect when property "com.openexchange.mail.transportServerSource" is set to "global" </nowiki>
| mail.properties:40
|-
| <nowiki>com.openexchange.mail.defaultMailProvider</nowiki>
| <nowiki>imap</nowiki>
| <nowiki>The mail provider fallback if an URL does not contain/define a protocol </nowiki>
| mail.properties:43
|-
| <nowiki>mail.mime.charset</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the default MIME charset used for character encoding. This setting will then be accessible through system property "mail.mime.charset". This parameter takes effect for the complete mail module where no charset is given. </nowiki>
| mail.properties:48
|-
| <nowiki>com.openexchange.mail.mailFetchLimit</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>Define the max. fetch limit; meaning all mails whose count is less than or equal to this value are going to be fetched with all attributes set. Thus these mails can be put into message cache for subsequent list requests. </nowiki>
| mail.properties:53
|-
| <nowiki>com.openexchange.mail.attachmentDisplaySizeLimit</nowiki>
| <nowiki>8192</nowiki>
| <nowiki>maximum size of email text attachments that will be displayed inline ( in bytes) </nowiki>
| mail.properties:57
|-
| <nowiki>com.openexchange.mail.mailAccessCacheShrinkerSeconds</nowiki>
| <nowiki>3</nowiki>
| <nowiki>Define the interval seconds of the mail access cache's shrinker thread </nowiki>
| mail.properties:60
|-
| <nowiki>com.openexchange.mail.mailAccessCacheIdleSeconds</nowiki>
| <nowiki>4</nowiki>
| <nowiki>Define the idle seconds a mail access may reside in mail access cache before it is removed by shrinker thread </nowiki>
| mail.properties:63
|-
| <nowiki>com.openexchange.mail.quoteLineColors</nowiki>
| <nowiki>#a14044,#917722,#599351,#516193,#666666</nowiki>
| <nowiki>Comma-separated hex values of colors for displaying quoted text emails </nowiki>
| mail.properties:66
|-
| <nowiki>com.openexchange.mail.userFlagsEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable user defined flags </nowiki>
| mail.properties:69
|-
| <nowiki>com.openexchange.mail.loginSource</nowiki>
| <nowiki>login</nowiki>
| <nowiki>Set the login source for primary mail/transport account; meaning which source is taken to determine a user's login for mailing system. If 'login' is set, then user's individual mail login as defined in user storage is taken. If 'mail' is set, then user's individual primary email address is taken. If 'name' is set, then user's individual system's user name is taken. Currently known values: login, mail, and name </nowiki>
| mail.properties:7
|-
| <nowiki>com.openexchange.mail.partModifierImpl</nowiki>
| <nowiki>com.openexchange.mail.partmodifier.DummyPartModifier</nowiki>
| <nowiki>Define the implementing class of PartModifier. This class is then be used to manipulate the email before displaying. </nowiki>
| mail.properties:73
|-
| <nowiki>com.openexchange.mail.allowNestedDefaultFolderOnAltNamespace</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This property defines if the default folders of an user (Draft, Sent, Spam & Trash) are going to be placed right below folder "INBOX" even if feature "altNamespace" is enabled. NOTE: This property requires that subfolders are still permitted below initial folder "INBOX" even though "altNamespace" is enabled. </nowiki>
| mail.properties:80
|-
| <nowiki>com.openexchange.mail.ignoreSubscription</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Defines if folder subscription is ignored when listing mail folders If set to 'true', all folders - regardless of their subscription status - are going to be listed </nowiki>
| mail.properties:85
|-
| <nowiki>com.openexchange.mail.supportSubscription</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Define if underlying store should support subscription </nowiki>
| mail.properties:88
|-
| <nowiki>com.openexchange.mail.defaultSeparator</nowiki>
| <nowiki>/</nowiki>
| <nowiki>Define the separator within folder fullnames if not available from mail server </nowiki>
| mail.properties:91
|-
| <nowiki>com.openexchange.mail.watcherEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The watcher checks after watcherFrequency for mail connections used for more than watcherTime milliseconds and logs this mail connection. If watcherShallClose is set to true those connections will be closed. </nowiki>
| mail.properties:96
|-
| <nowiki>com.openexchange.mail.watcherFrequency</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define watcher's frequency in milliseconds </nowiki>
| mail.properties:99
|-
| <nowiki>com.openexchange.mail.enforceSecureConnection</nowiki>
| <nowiki>false</nowiki>
| <nowiki>controls whether external mail accounts may only be subscribed if the associated provider supports accessing it by using a secure connection (either SSL or TLS). If neither SSL nor TLS is supported, account subscription is rejected. </nowiki>
| mail.properties
|-
| <nowiki>SIEVE_CREDSRC</nowiki>
| <nowiki>session</nowiki>
| <nowiki>Specify which sieve credentials should be use. Two options are allowed here: "session" : login name and password are used from the current session "session-full-login" : full login (incl. context part) name and password are used from the current session "imapLogin" : the login name is taken from the field imapLogin of the current user the password is taken from the current session "mail" : use the primary mail address of the user and the password from the session </nowiki>
| mailfilter.properties:13
|-
| <nowiki>SIEVE_SERVER</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>to override the sieve server defaults specify a value for the sieve server here </nowiki>
| mailfilter.properties:16
|-
| <nowiki>SIEVE_PORT</nowiki>
| <nowiki>2000</nowiki>
| <nowiki>Specify the SIEVE port ----------------------------------------------------------- NOTE: 2000 is the deprecated port number for SIEVE (now assigned to some Cisco SCCP protocol by the IANA) 4190 is the new one used with most recent Linux and IMAP implementations. Please check your system's default port defined at /etc/services. ----------------------------------------------------------- </nowiki>
| mailfilter.properties:24
|-
| <nowiki>SCRIPT_NAME</nowiki>
| <nowiki>Open-Xchange</nowiki>
| <nowiki>If you want the script to be generated with another script name change it here. Note that the mail filter bundle will then leave the old script with the old script name behind, and doesn't delete it </nowiki>
| mailfilter.properties:29
|-
| <nowiki>SIEVE_AUTH_ENC</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the charset encoding to use for authentication to sieve server </nowiki>
| mailfilter.properties:32
|-
| <nowiki>NON_RFC_COMPLIANT_TLS_REGEX</nowiki>
| <nowiki>^Cyrus.*v([0-1]\\.[0-9].*|2\\.[0-2].*|2\\.3\\.[0-9]|2\\.3\\.[0-9][^0-9].*)$</nowiki>
| <nowiki>Define the regex which recognizes servers with incorrect sieve TLS implementation </nowiki>
| mailfilter.properties:35
|-
| <nowiki>TLS</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether to use TLS if available </nowiki>
| mailfilter.properties:38
|-
| <nowiki>SIEVE_LOGIN_TYPE</nowiki>
| <nowiki>user</nowiki>
| <nowiki>Specify which sieve server should be used. Two options are allowed here: user : use the imap server setting stored for user in the database global : use the sieve server given in this config file for all users </nowiki>
| mailfilter.properties:4
|-
| <nowiki>VACATION_DOMAINS</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify here if vacation messages should only be sent to specific domains If multiple domains are given, they should be separated by "," e.g. VACATION_DOMAINS=testdomain.com,example.com </nowiki>
| mailfilter.properties:43
|-
| <nowiki>com.openexchange.mail.filter.connectionTimeout</nowiki>
| <nowiki>30000</nowiki>
| <nowiki>Specifies when the connection should time out (value in milliseconds) </nowiki>
| mailfilter.properties:46
|-
| <nowiki>com.openexchange.mail.filter.passwordSource</nowiki>
| <nowiki>session</nowiki>
| <nowiki>Set the password source; meaning which source is taken to determine a user's password to login into mail filter system. If 'session' is set, then user's individual system's password is taken. If 'global' is set, then the value specified through property 'com.openexchange.mail.filter.masterPassword' is taken. Currently known values: session and global </nowiki>
| mailfilter.properties:53
|-
| <nowiki>com.openexchange.mail.filter.masterPassword</nowiki>
| <nowiki></nowiki>
| <nowiki>The master password for mail/transport server. Only takes effect when property "com.openexchange.mail.filter.passwordSource" is set to "global" </nowiki>
| mailfilter.properties:57
|-
| <nowiki>com.openexchange.mail.filter.useUTF7FolderEncoding</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This property defines if mailbox names shall be UTF-7 encoded as specified in RFC2060; section 5.1.3. "Mailbox International Naming Convention". Default is "false"; meaning no UTF-7 encoding is performed. Set to "true" for those Cyrus IMAP server versions that do NOT support "sieve_utf8fileinto" property (e.g. lower than v2.3.11) Set to "true" for those Cyrus IMAP server versions that support "sieve_utf8fileinto" property having that property set to "0". Thus moving mails with the 'fileinto' command will properly work for mailbox names that contain non-ascii characters </nowiki>
| mailfilter.properties:65
|-
| <nowiki>com.openexchange.mail.filter.punycode</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable punycode encoding for the username used in authentication against the managesieve server </nowiki>
| mailfilter.properties:68
|-
| <nowiki>com.openexchange.mail.filter.useSIEVEResponseCodes</nowiki>
| <nowiki>false</nowiki>
| <nowiki>interpret SIEVE Response Codes, see https://tools.ietf.org/html/rfc5804#section-1.3 in most cases, this option must be kept to false </nowiki>
| mailfilter.properties:72
|-
| <nowiki>com.openexchange.mail.filter.redirectWhitelist</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify a comma-separated list of domains (wild-card syntax supported) that are allowed for redirect rules </nowiki>
| mailfilter.properties:75
|-
| <nowiki>com.openexchange.mail.filter.preferGSSAPI</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether to prefer GSSAPI authentication mechanism if supported by SIEVE backend Default is false. </nowiki>
| mailfilter.properties:79
|-
| <nowiki>com.openexchange.push.malpoll.concurrentglobal</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the tasks executed by global timer are executed concurrently or by calling timer's thread. Note: This property only has effect if "com.openexchange.push.malpoll.global" is set to "true" </nowiki>
| malpoll.properties:14
|-
| <nowiki>com.openexchange.push.malpoll.folder</nowiki>
| <nowiki>INBOX</nowiki>
| <nowiki>Define the folder to look-up for new mails in each mailbox Default is INBOX folder </nowiki>
| malpoll.properties:18
|-
| <nowiki>com.openexchange.push.malpoll.period</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Define the amount of time in milliseconds when to periodically check for new mails. Default is 300000 (5 minutes). </nowiki>
| malpoll.properties:3
|-
| <nowiki>com.openexchange.push.malpoll.global</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether a global timer is set or a timer per user Or in other words: Do you want a global heartbeat or a heartbeat per per user? Default is true. </nowiki>
| malpoll.properties:8
|-
| <nowiki>JMXBindAddress</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>Define the bind address for JMX agent Use value "*" to let the JMX monitor bind to all interfaces </nowiki>
| management.properties:11
|-
| <nowiki>JMXLogin</nowiki>
| <nowiki></nowiki>
| <nowiki>Define the JMX login for authentication Leaving this property empty means not to use authentication </nowiki>
| management.properties:15
|-
| <nowiki>JMXPassword</nowiki>
| <nowiki></nowiki>
| <nowiki>Define the JMX password in SHA hashed version This property only has effect if previous property "JMXLogin" is set. The following perl command can be used to generate such a password: perl -M'Digest::SHA1 qw(sha1_base64)' -e 'print sha1_base64("YOURSECRET")."=\n";' that requires to install the Digest::SHA1 perl module, of course. </nowiki>
| management.properties:25
|-
| <nowiki>JMXPort</nowiki>
| <nowiki>9999</nowiki>
| <nowiki>Define the port for the RMI Registry. The default is 9999. </nowiki>
| management.properties:3
|-
| <nowiki>JMXServerPort</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Define the JMX RMI Connector Server port. Typically chosen randomly by JVM. The default is -1; meaning that port is randomly determined by JVM </nowiki>
| management.properties:7
|-
| <nowiki>com.openexchange.messaging.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Determines whether messaging is enabled for this server </nowiki>
| messaging.properties:2
|-
| <nowiki>com.openexchange.subscribe.microformats.contacts.http</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:1
|-
| <nowiki>com.openexchange.subscribe.microformats.infostore.http</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:2
|-
| <nowiki>com.openexchange.subscribe.microformats.contacts.http.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:3
|-
| <nowiki>com.openexchange.subscribe.microformats.infostore.http.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| microformatSubscription.properties:4
|-
| <nowiki>com.openexchange.subscribe.microformats.allowedHosts</nowiki>
| <nowiki></nowiki>
| <nowiki>Optionally specifies the list of accepted host names allowed being subscribed If property is empty, there is no restriction for such subscriptions Otherwise non-matching host names are rejected. </nowiki>
| microformatSubscription.properties:9
|-
| <nowiki>iPhoneTemplate.tmpl </nowiki>
| <nowiki> mobile_configuration</nowiki>
| <nowiki></nowiki>
| mobile.configuration.generator.properties:1
|-
| <nowiki>winMobileTemplate.tmpl </nowiki>
| <nowiki> mobile_configuration</nowiki>
| <nowiki></nowiki>
| mobile.configuration.generator.properties:2
|-
| <nowiki>com.openxchange.mobilenotifier.enabled </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Sets whether Mobilenotifier module is enabled at all </nowiki>
| mobilenotifier.properties:4
|-
| <nowiki>com.openexchange.mobilenotifier.mail.maxContentSize </nowiki>
| <nowiki> 200</nowiki>
| <nowiki>Defines the maximum content size of the mail content that should be displayed </nowiki>
| mobilenotifiermail.properties:4
|-
| <nowiki>com.openexchange.oauth.msliveconnect</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable MS Live OAuth support </nowiki>
| msliveconnectoauth.properties
|-
| <nowiki>com.openexchange.oauth.msliveconnect.apiKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_KEY</nowiki>
| <nowiki></nowiki>
| msliveconnectoauth.properties
|-
| <nowiki>com.openexchange.oauth.msliveconnect.apiSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_SECRET</nowiki>
| <nowiki></nowiki>
| msliveconnectoauth.properties
|-
| <nowiki>notify_participants_on_delete </nowiki>
| <nowiki> true</nowiki>
| <nowiki></nowiki>
| notification.properties:27
|-
| <nowiki>object_link</nowiki>
| <nowiki>http://[hostname]/[uiwebpath]#m=[module]&i=[object]&f=[folder]</nowiki>
| <nowiki></nowiki>
| notification.properties:35
|-
| <nowiki>imipForInternalUsers </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Enables/Disables imip-mails for internal users. </nowiki>
| notification.properties:38
|-
| <nowiki>com.openexchange.notification.fromSource</nowiki>
| <nowiki>defaultSenderAddress</nowiki>
| <nowiki>This property defines which email address of a user is used as from header when this user triggers notification mails. Possible values are: primaryMail or defaultSenderAddress </nowiki>
| notification.properties:42
|-
| <nowiki>com.openexchange.oauth.provider.validator.maxVersion</nowiki>
| <nowiki>1.0</nowiki>
| <nowiki>The maximum valid oauth_version Default value is 1.0. </nowiki>
| oauth-provider.properties:13
|-
| <nowiki>com.openexchange.oauth.provider.validator.v2.maxTimestampAgeMsec</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>The range of valid time stamps, in milliseconds into the past or future. So the total range of valid time stamps is twice this value, rounded to the nearest second. Default value is 5 minutes (300000). </nowiki>
| oauth-provider.properties:18
|-
| <nowiki>com.openexchange.oauth.provider.validator.v2.maxVersion</nowiki>
| <nowiki>2.0</nowiki>
| <nowiki>The maximum valid OAuth v2 version Default value is 2.0. </nowiki>
| oauth-provider.properties:22
|-
| <nowiki>com.openexchange.oauth.provider.secret</nowiki>
| <nowiki>f58c636e089745d4a79679d726aca8b5</nowiki>
| <nowiki>The secret identifier </nowiki>
| oauth-provider.properties:4
|-
| <nowiki>com.openexchange.oauth.provider.validator.maxTimestampAgeMsec</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>The range of valid time stamps, in milliseconds into the past or future. So the total range of valid time stamps is twice this value, rounded to the nearest second. Default value is 5 minutes (300000). </nowiki>
| oauth-provider.properties:9
|-
| <nowiki>com.openexchange.oauth.callback</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Sets whether call-back policy is enabled when performing OAuth authentication If false; oob (out-of-band) is used which requires user interaction to provide the verifier (pin) Default is false </nowiki>
| oauth.properties:6
|-
| <nowiki>RMI_HOSTNAME</nowiki>
| <nowiki>rmi://localhost:1099/</nowiki>
| <nowiki> admin daemon rmi URL </nowiki>
| open-xchange-admin-soap.properties:14
|-
| <nowiki>LOCK_WAIT_TIME</nowiki>
| <nowiki>10</nowiki>
| <nowiki> How long (in seconds) the system should wait for a lock before throwing exceptions </nowiki>
| open-xchange-admin-soap.properties:20
|-
| <nowiki>MAX_RMI_CONNECT_ATTEMPTS</nowiki>
| <nowiki>2</nowiki>
| <nowiki> maximum attempts to reconnect to the admin daemon </nowiki>
| open-xchange-admin-soap.properties:4
|-
| <nowiki>CONNECT_ATTEMPTS_DELAY_TIME</nowiki>
| <nowiki>1</nowiki>
| <nowiki> time in seconds to wait between connect attempts </nowiki>
| open-xchange-admin-soap.properties:9
|-
| <nowiki>modules/com.openexchange.help/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| open-xchange-gui-help-plugin.properties:1
|-
| <nowiki>additionalPackages</nowiki>
| <nowiki>org.eclipse.equinox.event_1.3.0.v20130327-1442.jar</nowiki>
| <nowiki></nowiki>
| osgiTest.properties:1
|-
| <nowiki>additionalPackages</nowiki>
| <nowiki></nowiki>
| <nowiki></nowiki>
| osgiTest.properties:1
|-
| <nowiki>mox/config/mailCount</nowiki>
| <nowiki> 50</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:1
|-
| <nowiki>mox/config/defaultContactFolder</nowiki>
| <nowiki> "private"</nowiki>
| <nowiki>can be one of "none", "private" or "global". "none" : no folder is selected by default, the user will be asked on first start "private" : default private addressbook is selected for the user "global" : global addressbook is selected by default for the user </nowiki>
| oxmobile.properties:12
|-
| <nowiki>mox/config/appointmentDays</nowiki>
| <nowiki> 10</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:2
|-
| <nowiki>mox/config/maxAppointmentBreak</nowiki>
| <nowiki> 50</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:3
|-
| <nowiki>mox/subscribedFolders/contacts</nowiki>
| <nowiki> []</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:4
|-
| <nowiki>mox/subscribedFolders/mail</nowiki>
| <nowiki> []</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:5
|-
| <nowiki>mox/subscribedFolders/calendar</nowiki>
| <nowiki> []</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:6
|-
| <nowiki>mox/defaultContactStoreFolder</nowiki>
| <nowiki> -1</nowiki>
| <nowiki></nowiki>
| oxmobile.properties:7
|-
| <nowiki>modules/com.openexchange.custom.parallels/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property enables the Parallels GUI-Plugins </nowiki>
| parallels-ui.properties:2
|-
| <nowiki>ui/parallels/sender_address_hiding_activated</nowiki>
| <nowiki>true</nowiki>
| <nowiki>disable/enable default sender address hiding for POA setups </nowiki>
| parallels-ui.properties:5
|-
| <nowiki>ui/parallels/use_parallels_antispam_features</nowiki>
| <nowiki>true</nowiki>
| <nowiki>should the parallels antispam features be used </nowiki>
| parallels-ui.properties:8
|-
| <nowiki>com.openexchange.custom.parallels.branding.suffix</nowiki>
| <nowiki></nowiki>
| <nowiki>The following defines the options for the branding stuff set via "loginmapping" attributes within a context in OX. Example: If want to brand a context, set a login mapping with a string like this: BRANDING||<YOUR_POA_BRANDED_HOST> com.openexchange.custom.parallels.branding.suffix=BRANDING|| Leave empty if not, or the log will fill up with warnings </nowiki>
| parallels.properties:16
|-
| <nowiki>com.openexchange.custom.parallels.branding.fallbackhost</nowiki>
| <nowiki></nowiki>
| <nowiki> Fallback host which should be used if now branding-host was specified for a context Info: If you need trailing slash, add it here. For compatibility reasons it will not be appended by the server to support also jumping to server scripts IMPORTANT INFO: the notification.properties attribute: "object_link" MUST be set to include the [hostname] placeholder like: https://[hostname]#m=[module]&i=[object]&f=[folder] If this is not set, the systems hostname is used. </nowiki>
| parallels.properties:29
|-
| <nowiki>com.openexchange.custom.parallels.antispam.xmlrpc.port</nowiki>
| <nowiki>3100</nowiki>
| <nowiki> This port will be used to communicate with the "POA XML-RPC Service" to retrieve correct spamd hostname and user so that OX can train spamd via socket communication THIS property below must only contain URL to OX GUI like webmail.system.com/ox6 </nowiki>
| parallels.properties:38
|-
| <nowiki>com.openexchange.custom.parallels.openapi.interface_url</nowiki>
| <nowiki>http://<coreserver>:<port>/</nowiki>
| <nowiki> # OpenAPI properties for managing Black&White Lists via OX GUI This property defines the URL to the HTTP OpenAPI interface of POA </nowiki>
| parallels.properties:44
|-
| <nowiki>com.openexchange.custom.parallels.openapi.auth_enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki> This property defines if OpenAPI calls should be made with http basic auth </nowiki>
| parallels.properties:48
|-
| <nowiki>com.openexchange.custom.parallels.sso_info_servlet</nowiki>
| <nowiki>/ajax/parallels/info</nowiki>
| <nowiki>Properties for the Parallels Plugin The property defines the mount point of the parallels info servlet used to retrieve correct hostname for direktlinks and sessiontimeouts/logout page </nowiki>
| parallels.properties:5
|-
| <nowiki>com.openexchange.custom.parallels.openapi.auth_id</nowiki>
| <nowiki>openapi_user_id</nowiki>
| <nowiki> This property defines OpenAPI http basic auth credentials auth id </nowiki>
| parallels.properties:52
|-
| <nowiki>com.openexchange.custom.parallels.openapi.auth_password</nowiki>
| <nowiki>openapi_password</nowiki>
| <nowiki> This property defines OpenAPI http basic auth credentials auth password </nowiki>
| parallels.properties:56
|-
| <nowiki>com.openexchange.custom.parallels.openapi_servlet</nowiki>
| <nowiki>/ajax/parallels/openapi</nowiki>
| <nowiki> The property defines the mount point of the OX OpenAPI servlet implementation. Typically, no need to change it. </nowiki>
| parallels.properties:61
|-
| <nowiki>com.openexchange.participant.autoSearch</nowiki>
| <nowiki>true</nowiki>
| <nowiki>When searching for participants and the participants selection dialog is opened this option defines if initially all users, groups and resources are displayed or not. If this option is true every opening of the dialog triggers a search request on the server. </nowiki>
| participant.properties:13
|-
| <nowiki>com.openexchange.participant.MaximumNumberParticipants</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Defines the maximum number of participants that can be selected for an appointment or a task. This should prevent slow free busy queries and slow server and GUI responses if in large contexts large number of participants are selected. 0 means no limit. </nowiki>
| participant.properties:19
|-
| <nowiki>com.openexchange.participant.ShowWithoutEmail</nowiki>
| <nowiki>true</nowiki>
| <nowiki>When searching for external participants in contact folders this option defines if contacts without email address are shown. </nowiki>
| participant.properties:7
|-
| <nowiki>com.openexchange.passwordchange.regexp</nowiki>
| <nowiki>[^a-z0-9]</nowiki>
| <nowiki> Configures a regular expression pattern to use when calculating the strength if indicating "com.openexchange.passwordchange.showStrength" is "true", i.e. any character not matching the pattern increases the displayed password strength. Defaults to "[^a-z0-9]". </nowiki>
| passwordchange.properties:11
|-
| <nowiki>com.openexchange.passwordchange.special</nowiki>
| <nowiki>$, _, %</nowiki>
| <nowiki>Defines a string that is shown as an example of special characters that increase a passwords' strength. This should be a subset of characters matched by the pattern defined at "com.openexchange.passwordchange.regexp".
Defaults to "$, _, or %". </nowiki>
| passwordchange.properties:14
|-
| <nowiki>com.openexchange.passwordchange.showStrength</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Configures whether to show a graphical indicator reflecting the strength of the current password or not. The strength is evaluated based on matching performed against the pattern defined via "com.openexchange.passwordchange.regexp" during typing. Possible values are "true" to show the strength, or "false", otherwise. Defaults to "false". </nowiki>
| passwordchange.properties:2
|-
| <nowiki>com.openexchange.passwordchange.minLength</nowiki>
| <nowiki>4</nowiki>
| <nowiki>Specifies the minimum required length of a password entered by the user.
Passwords shorter than the configured length are not accepted. Defaults to "4". </nowiki>
| passwordchange.properties:5
|-
| <nowiki>com.openexchange.passwordchange.maxLength</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specifies the minimum required length of a password entered by the user.
Passwords shorter than the configured length are not accepted. A value of "0"
disables the check and allows an unlimited length. Defaults to "0".The maximum length of an entered password. 0 for unlimited. </nowiki>
| passwordchange.properties:8
|-
| <nowiki>com.openexchange.passwordchange.allowedPattern</nowiki>
| <nowiki></nowiki>
| <nowiki>Optionally configures a pattern to match the entered password against, i.e.
only passwords matching this pattern will be accepted. Please note that the
pattern is used to perform a 'positive' test against the entire entered
password, and only matching strings are accepted, so use appropriate
quantifiers as needed. For example, if the backslash character '\' should
not be permitted in passwords, a pattern could look like "[^\\]*", or, if
only ASCII characters should be allowed, the pattern "[\x00-\x7F]*" could
be used (each without the quotation marks). By default, no pattern is
configured, i.e. all character sequences are allowed.</nowiki>
| passwordchange.properties
|-
| <nowiki>com.openexchange.passwordchange.allowedPatternHint</nowiki>
| <nowiki></nowiki>
| <nowiki>Configures a string that is shown to users in an error message after trying
to save a password not fulfilling the pattern defined in
"com.openexchange.passwordchange.allowedPattern". This text should explain
which characters are allowed according to the pattern, and is inserted for
"[...]" in the following error message: "The entered password is illegal
and can't be saved. Allowed characters are: [...]". Required if
"com.openexchange.passwordchange.allowedPattern" is defined.</nowiki>
| passwordchange.properties
|-
| <nowiki>com.openexchange.capability.alone</nowiki>
| <nowiki>false</nowiki>
| <nowiki>The property "alone" signals that the user is the only user in associated context/tenant. It disables certain collaborative features and that would therefore be useless in such a context/tenant. Default is false </nowiki>
| permissions.properties:14
|-
| <nowiki>com.openexchange.capability.filestore</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Signal if file store is available or not Default is true </nowiki>
| permissions.properties:9
|-
| <nowiki>com.openexchange.pop3.pop3TemporaryDown</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define the amount of time in milliseconds a POP3 server is treated as being temporary down. A POP3 server is treated as being temporary down if a socket connect fails. Further requests to the affected POP3 server are going to be denied for the specified amount of time. A value less or equal to zero disables this setting. </nowiki>
| pop3.properties:13
|-
| <nowiki>com.openexchange.pop3.pop3AuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for POP3 authentication </nowiki>
| pop3.properties:16
|-
| <nowiki>com.openexchange.pop3.spamHandler</nowiki>
| <nowiki>DefaultSpamHandler</nowiki>
| <nowiki>Define the registration name of the appropriate spam handler to use </nowiki>
| pop3.properties:19
|-
| <nowiki>com.openexchange.pop3.pop3ConnectionIdleTime</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Define the amount of time in milliseconds an established POP3 connection is kept open although being idle. Since some POP3 servers limit the time period in which connections may be opened/closed, this property allows to keep the connection open to avoid an error on a subsequent login. This property overwrites default connection idle time specified through property "com.openexchange.mail.mailAccessCacheIdleSeconds". </nowiki>
| pop3.properties:27
|-
| <nowiki>com.openexchange.pop3.pop3Timeout</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.pop3.timeout </nowiki>
| pop3.properties:3
|-
| <nowiki>com.openexchange.pop3.pop3BlockSize</nowiki>
| <nowiki>100</nowiki>
| <nowiki>Specify the number of messages (positive integer!) which are allowed to be processed at once. Default is 100. Zero or negative value is defaulted to 100. </nowiki>
| pop3.properties:32
|-
| <nowiki>com.openexchange.pop3.allowPing</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether ping operation is allowed for POP3 account Many POP3 account limit number of allowed login attempts in a certain time interval Default is false </nowiki>
| pop3.properties:37
|-
| <nowiki>com.openexchange.pop3.logDeniedPing</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether denied ping operation shall be indicated as a warning to client Only effective if "com.openexchange.pop3.allowPing" is set to false. Default is true </nowiki>
| pop3.properties:42
|-
| <nowiki>com.openexchange.pop3.ssl.protocols</nowiki>
| <nowiki>SSLv3 TLSv1</nowiki>
| <nowiki>Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Default value is: SSLv3 TLSv1 </nowiki>
| pop3.properties:46
|-
| <nowiki>com.openexchange.pop3.ssl.ciphersuites</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the SSL cipher suites that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Check "http://<ox-grizzly-hostname>:<ox-grizzly-port>/stats/diagnostic?param=ciphersuites" to check available cipher suites. Default value is empty (fall-back to current JVM's default SSL cipher suite) </nowiki>
| pop3.properties:53
|-
| <nowiki>com.openexchange.pop3.pop3ConnectionTimeout</nowiki>
| <nowiki>20000</nowiki>
| <nowiki>Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.pop3.connectiontimeout </nowiki>
| pop3.properties:7
|-
| <nowiki>com.openexchange.preview.cache.quota</nowiki>
| <nowiki>10485760</nowiki>
| <nowiki>Specify the total quota for preview cache for each context This value is used if no individual context quota is defined. A value of zero or less means no quota Default is 10485760 (10MB) </nowiki>
| preview.properties:11
|-
| <nowiki>com.openexchange.preview.cache.quotaPerDocument</nowiki>
| <nowiki>524288</nowiki>
| <nowiki>Specify the quota per document for preview cache for each context This value is used if no individual quota per document is defined. A value of zero or less means no quota Default is 524288 (512KB) </nowiki>
| preview.properties:17
|-
| <nowiki>com.openexchange.preview.cache.type</nowiki>
| <nowiki>FS</nowiki>
| <nowiki>Specifies what type of storage is used for caching previews Either file store ("FS") or database ("DB"). Default is "FS" (file store) </nowiki>
| preview.properties:22
|-
| <nowiki>com.openexchange.preview.cache.quotaAware</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies if storing previews in file store affects user's file store quota or not Only applies if "com.openexchange.preview.cache.type" is set to "FS" Default is false. </nowiki>
| preview.properties:27
|-
| <nowiki>com.openexchange.preview.cache.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The switch to enable/disable the preview cache Default is true (enabled) </nowiki>
| preview.properties:5
|-
| <nowiki>com.openexchange.http.probe.alias</nowiki>
| <nowiki>/healthProbe</nowiki>
| <nowiki>The alias name in the URI namespace at which the probe is registered Default value: /healthProbe </nowiki>
| probe.properties:9
|-
| <nowiki>com.openexchange.publish.microformats.usesWhitelisting</nowiki>
| <nowiki>true</nowiki>
| <nowiki>if set to true, the contents of a microformatted publication will be processed through a whitelisting filter that removes elements that are considered potentially unsafe. We recommend you use this in case you do not have publications on a different subdomain. </nowiki>
| publications.properties:5
|-
| <nowiki>contacts_hcard_censored.tmpl </nowiki>
| <nowiki> contacts, publish, default</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:1
|-
| <nowiki>contacts_hcard_uncensored.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:2
|-
| <nowiki>contacts_oxmf_censored.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:3
|-
| <nowiki>contacts_oxmf_uncensored.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:4
|-
| <nowiki>contacts.tmpl </nowiki>
| <nowiki> contacts, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:5
|-
| <nowiki>infostore.tmpl </nowiki>
| <nowiki> infostore, publish, default</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:7
|-
| <nowiki>infostore_gallery.tmpl </nowiki>
| <nowiki> infostore, publish</nowiki>
| <nowiki></nowiki>
| publish.microformats.properties:8
|-
| <nowiki>com.openexchange.push.ms.maxDelayDuration</nowiki>
| <nowiki>600000</nowiki>
| <nowiki>The maximum time in milliseconds a push object may be delayed before finally pushing it to the clients Default value: 600000 </nowiki>
| push-ms.properties:10
|-
| <nowiki>com.openexchange.push.ms.delayDuration</nowiki>
| <nowiki>120000</nowiki>
| <nowiki>Time in milliseconds after which a queued object object is pushed to clients unless it got delayed again due to modifications of the push object within the delayDuration or modifications within the folder of the push object. Default value: 120000 </nowiki>
| push-ms.properties:5
|-
| <nowiki>com.openexchange.push.udp.remoteHost</nowiki>
| <nowiki></nowiki>
| <nowiki>list of open-xchange servers that should be connected when multicast is disabled </nowiki>
| push-udp.properties:10
|-
| <nowiki>com.openexchange.push.udp.registerTimeout</nowiki>
| <nowiki>3600000</nowiki>
| <nowiki>time in milliseconds a client registration is kept </nowiki>
| push-udp.properties:13
|-
| <nowiki>com.openexchange.push.udp.registerPort</nowiki>
| <nowiki>44335</nowiki>
| <nowiki>Port where the clients send the push registration request to. </nowiki>
| push-udp.properties:16
|-
| <nowiki>com.openexchange.push.udp.registerDistributionEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>only one of registerDistribution or eventDistribution can be enabled at the same time. if set to true, registrations are distributed to all ox servers </nowiki>
| push-udp.properties:21
|-
| <nowiki>com.openexchange.push.udp.eventDistributionEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>if set to true, events will be distributed to all Open-Xchange servers </nowiki>
| push-udp.properties:23
|-
| <nowiki>com.openexchange.push.udp.outputQueueDelay</nowiki>
| <nowiki>120000</nowiki>
| <nowiki>time in milliseconds after which queued "push" packages are sent to clients </nowiki>
| push-udp.properties:26
|-
| <nowiki>com.openexchange.push.udp.hostname</nowiki>
| <nowiki></nowiki>
| <nowiki>if empty, then the output of the java function getHostName will be used. This name is used for internal communication. </nowiki>
| push-udp.properties:30
|-
| <nowiki>com.openexchange.push.udp.senderAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>address used as the sender address when UDP packages are sent to the clients (should be the IP address of the load balancer in front of the Open-Xchange server farm </nowiki>
| push-udp.properties:35
|-
| <nowiki>com.openexchange.push.udp.multicastEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>true/false Send register information per multicast </nowiki>
| push-udp.properties:38
|-
| <nowiki>com.openexchange.push.udp.multicastAddress</nowiki>
| <nowiki>224.0.0.1</nowiki>
| <nowiki>IP multicast address </nowiki>
| push-udp.properties:41
|-
| <nowiki>com.openexchange.push.udp.multicastPort</nowiki>
| <nowiki>9982</nowiki>
| <nowiki>Multicast port </nowiki>
| push-udp.properties:44
|-
| <nowiki>com.openexchange.push.udp.pushEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>defines if server push port gets opened or not </nowiki>
| push-udp.properties:6
|-
| <nowiki>com.openexchange.push.imapidle.pushmode</nowiki>
| <nowiki>always</nowiki>
| <nowiki>when to fire push events? possible values: newmail,always default: always Explanation: newmail means to only send a push event in case of at least one new mail has arrived. NOTE: Using dovecot this does only work when only ONE concurrent session of the same user is active. always send a push event for every changes to the users mailbox. </nowiki>
| push_imapidle.properties:18
|-
| <nowiki>com.openexchange.push.imapidle.folder</nowiki>
| <nowiki>INBOX</nowiki>
| <nowiki>Define the folder to look-up for new mails in each mailbox Default is INBOX folder </nowiki>
| push_imapidle.properties:3
|-
| <nowiki>com.openexchange.push.imapidle.delay</nowiki>
| <nowiki>5000</nowiki>
| <nowiki>Waiting time in milliseconds before a reconnect is performed</nowiki>
| push_imapidle.properties
|-
| <nowiki>com.openexchange.push.imapidle.clusterLock</nowiki>
| <nowiki>hz</nowiki>
| <nowiki>Specifies what system to use to manage a cluster-lock
Possible values:
- "db" for database-based locking
- "hz" for Hazelcast-based locking (default)
- "none" for no cluster lock mechanism</nowiki>
| push_imapidle.properties
|-
| <nowiki>com.openexchange.push.mail.notify.udp_listen_multicast</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define if the listener should receive multicast messages </nowiki>
| push_mailnotify.properties:2
|-
| <nowiki>com.openexchange.push.mail.notify.use_ox_login</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to use the ox login name to check for a valid push event. The default is to only check the users aliases. If mailboxname@example.com is not contained in the list of aliases, set this to true. Warning: This won't work in multidomain setups where the same login might exist in different contexts! </nowiki>
| push_mailnotify.properties:23
|-
| <nowiki>com.openexchange.push.mail.notify.use_full_email_address</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether to use the full email address from aliases or just use the localpart. When using a multidomain setup where the imap login is an email address, this should be set to true. If not, login might not be unique because foo@example.com and foo@example.net might be different users. Note: Do NOT set com.openexchange.push.mail.notify.imap_login_delimiter in this case! </nowiki>
| push_mailnotify.properties:32
|-
| <nowiki>com.openexchange.push.mail.notify.udp_listen_host</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>Define the hostname or interface/multicast group where the udp server should listen </nowiki>
| push_mailnotify.properties:5
|-
| <nowiki>com.openexchange.push.mail.notify.udp_listen_port</nowiki>
| <nowiki>23420</nowiki>
| <nowiki>Define the port where the udp server should listen </nowiki>
| push_mailnotify.properties:8
|-
| <nowiki>com.openexchange.push.mail.notify.delay_millis</nowiki>
| <nowiki>5000 </nowiki>
| <nowiki>specifies the delay time frame in which incoming UDP events are collected and send out as one push event to the OX cluster. Default is 5000 milliseconds </nowiki>
| push_mailnotify.properties
|-
| <nowiki>com.openexchange.quartz.startLocalScheduler </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Wether the local quartz scheduler instance should be started. If false, this node is unable to perform local jobs. </nowiki>
| quartz.properties:3
|-
| <nowiki>com.openexchange.quartz.localThreads </nowiki>
| <nowiki> 5</nowiki>
| <nowiki>Number of worker threads for the local scheduler instance. </nowiki>
| quartz.properties:6
|-
| <nowiki>com.openexchange.quota.contact</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of contacts that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation. Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad), but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any contact in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.infostore</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of documents that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad),
but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any document in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.attachment</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of attachments bound to PIM objects that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad),
but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any attachment in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.calendar</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of appointments that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad), but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any appointment in affected context. Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.quota.task</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies the quota for the number of tasks that are allowed being created within a single context (tenant-wise scope).
The purpose of this quota is to define a rough upper limit that is unlikely being reached during normal operation.
Therefore it is rather supposed to prevent from excessive item creation (e.g. a synchronizing client running mad), but not intended to have a fine-grained quota setting. Thus exceeding that quota limitation will cause an appropriate exception being thrown, denying to further create any task in affected context.
Default is -1 (unlimited) </nowiki>
| quota.properties
|-
| <nowiki>com.openexchange.realtime.isTraceAllUsersEnabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable tracing for all users. Default value: false </nowiki>
| realtime.properties:18
|-
| <nowiki>com.openexchange.realtime.usersToTrace</nowiki>
| <nowiki></nowiki>
| <nowiki>Enable tracing only for a set of users by using the userID@contextID notation e.g.: 1@1, 2@1, 3@1 Default value: empty set </nowiki>
| realtime.properties:22
|-
| <nowiki>com.openexchange.documentconverter.errorDir</nowiki>
| <nowiki>n/a</nowiki>
| <nowiki>A temporary directory, containing files that could not be converted due to an error condition or due to a timeout</nowiki>
| realtime.properties
|-
| <nowiki>errorMessage</nowiki>
| <nowiki>Error!!!</nowiki>
| <nowiki>The displayd error Message. </nowiki>
| recaptcha.properties:11
|-
| <nowiki>publicKey</nowiki>
| <nowiki></nowiki>
| <nowiki>The API Key to use the recaptcha Service This is hosted by Google, so you need an Google Account to receive API Keys Go to: http://www.google.com/recaptcha to generate keys. Use the global-key option to avoid domain restrictions. </nowiki>
| recaptcha.properties:7
|-
| <nowiki>privateKey</nowiki>
| <nowiki></nowiki>
| <nowiki></nowiki>
| recaptcha.properties:8
|-
| <nowiki>com.openexchange.report.client.proxy.useproxy</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This defines if a proxy server should be used to establish the http connection to the Open-Xchange report server, and if which server and proxy details to use. </nowiki>
| reportclient.properties:3
|-
| <nowiki>com.openexchange.report.client.proxy.address</nowiki>
| <nowiki>proxy.example.com</nowiki>
| <nowiki></nowiki>
| reportclient.properties:4
|-
| <nowiki>com.openexchange.report.client.proxy.port</nowiki>
| <nowiki>8080</nowiki>
| <nowiki></nowiki>
| reportclient.properties:5
|-
| <nowiki>com.openexchange.report.client.proxy.authrequired</nowiki>
| <nowiki>false</nowiki>
| <nowiki></nowiki>
| reportclient.properties:6
|-
| <nowiki>com.openexchange.report.client.proxy.username</nowiki>
| <nowiki>USER</nowiki>
| <nowiki></nowiki>
| reportclient.properties:7
|-
| <nowiki>com.openexchange.report.client.proxy.password</nowiki>
| <nowiki>PASSWORD</nowiki>
| <nowiki></nowiki>
| reportclient.properties:8
|-
| <nowiki>com.openexchange.requestwatcher.isEnabled</nowiki>
| <nowiki> true</nowiki>
| <nowiki>Enable/disable the requestwatcher. Default value: true (enabled). </nowiki>
| requestwatcher.properties:13
|-
| <nowiki>com.openexchange.requestwatcher.frequency</nowiki>
| <nowiki> 30000</nowiki>
| <nowiki>Define the requestwatcher's frequency in milliseconds. Default value: 30000. </nowiki>
| requestwatcher.properties:17
|-
| <nowiki>com.openexchange.requestwatcher.maxRequestAge</nowiki>
| <nowiki> 60000</nowiki>
| <nowiki>Define the maximum allowed age of requests in milliseconds. Default value: 60000. </nowiki>
| requestwatcher.properties:21
|-
| <nowiki>com.openexchange.requestwatcher.restartPermission</nowiki>
| <nowiki> false</nowiki>
| <nowiki>Permission to stop & re-init system (works only for the ajp connector) </nowiki>
| requestwatcher.properties:24
|-
| <nowiki>RESELLER_STORAGE</nowiki>
| <nowiki>com.openexchange.admin.reseller.storage.mysqlStorage.OXResellerMySQLStorage</nowiki>
| <nowiki></nowiki>
| reseller.properties:1
|-
| <nowiki>com.openexchange.rmi.host </nowiki>
| <nowiki> localhost</nowiki>
| <nowiki>Set this to 0 to bind on all interfaces </nowiki>
| rmi.properties:2
|-
| <nowiki>com.openexchange.rmi.port </nowiki>
| <nowiki> 1099</nowiki>
| <nowiki></nowiki>
| rmi.properties:4
|-
| <nowiki>com.openexchange.messaging.rss</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the RSS Messaging Service is available or not </nowiki>
| rssmessaging.properties:2
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtClientMapping.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtClientMapping.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtClientMapping.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtClientMapping-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtClientMapping.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtIDMapping.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtIDMapping.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtIDMapping.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtIDMapping-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtIDMapping.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtResourceDirectory.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtResourceDirectory.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtResourceDirectory.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtResourceDirectory-2</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtResourceDirectory.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>86400</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. </nowiki>
| rtResourceDirectory.properties:31
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| rtStanzaStorage.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| rtStanzaStorage.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| rtStanzaStorage.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>rtStanzaStorage-0</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| rtStanzaStorage.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>3600</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. </nowiki>
| rtStanzaStorage.properties:31
|-
| <nowiki>com.openexchange.secret.secretSource</nowiki>
| <nowiki>"<password>"</nowiki>
| <nowiki>Specifies the source for secret (used to decrypt/encrypt user passwords) <password>: Denotes the session's password (also the fall-back to previous handling) <user-id>: Denotes the user identifier <context-id>: Denotes the context identifier <random>: Denotes the value specified in property 'com.openexchange.secret.secretRandom' <list>: Step-wise trial-and-error with tokens specified in file 'secrets' Literals are surrounded by single-quotes E.g. com.openexchange.secret.secretSource="<user-id> + '@' + <context-id>" </nowiki>
| secret.properties:11
|-
| <nowiki>com.openexchange.secret.secretRandom</nowiki>
| <nowiki>eb495148-a9f8-441e-8a28-dcb9eecd60f9</nowiki>
| <nowiki>The random secret token </nowiki>
| secret.properties:14
|-
| <nowiki>com.openexchange.cookie.hash</nowiki>
| <nowiki>calculate</nowiki>
| <nowiki>Whether the hash value for the cookie name should be calculated or remembered from the session for each request. Possible values are: calculate (default) - Calculate hash from client login parameter and HTTP header User-Agent (may be modified through c.o.cookie.hash.fields) remember - remember once calculated hash in session and use it for the whole session life time (less secure) </nowiki>
| server.properties:101
|-
| <nowiki>com.openexchange.cookie.hash.salt</nowiki>
| <nowiki>replaceMe1234567890</nowiki>
| <nowiki>Cookie hash salt to avoid a potential brute force attack to cookie hashes. This value should be replaced by any random String with at least 16 Characters. </nowiki>
| server.properties:105
|-
| <nowiki>com.openexchange.forceHTTPS</nowiki>
| <nowiki>false</nowiki>
| <nowiki>If an HTTPS connection is detected the cookie is automatically marked as secure. This tells the browser only to send the cookie over encrypted connections. If HTTPS is terminated in front by some load balancer only HTTP is detected. Then this parameter can force to set the secure flag for cookies. Additionally all links generated inside the groupware to point at itself will use the https:// protocol prefix when this is set. Use this flag to indicate that HTTPS termination happens elsewhere. </nowiki>
| server.properties:111
|-
| <nowiki>com.openexchange.servlet.maxActiveSessions</nowiki>
| <nowiki>250000</nowiki>
| <nowiki>The maximum number of active sessions that will be created by this Manager, or -1 for no limit. Default is 250.000 HTTP sessions </nowiki>
| server.properties:115
|-
| <nowiki>UPLOAD_DIRECTORY</nowiki>
| <nowiki>/var/spool/open-xchange/uploads</nowiki>
| <nowiki>Upload Parameter. All uploads that are done by a client are temporarily saved in that directory. </nowiki>
| server.properties:12
|-
| <nowiki>com.openexchange.servlet.maxInactiveInterval</nowiki>
| <nowiki>1800</nowiki>
| <nowiki>The initial maximum time interval, in seconds, between client requests before a HTTP session is invalidated. This only applies to the HTTP session controlled by special JSESSIONID cookie, and does therefore not influence life-time of Groupware session. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 1800 seconds is used. </nowiki>
| server.properties:121
|-
| <nowiki>com.openexchange.servlet.maxBodySize</nowiki>
| <nowiki>104857600</nowiki>
| <nowiki>Specify the maximum body size allowed being transferred via PUT or POST method A request exceeding that limit will be responded with a 500 error and that request is discarded Equal or less than zero means no restriction concerning body size By default limit is set to 100MB (104857600 bytes). </nowiki>
| server.properties:127
|-
| <nowiki>com.openexchange.servlet.echoHeaderName</nowiki>
| <nowiki>X-Echo-Header</nowiki>
| <nowiki>Specify the name of the echo header whose value is echoed for each request providing that header </nowiki>
| server.properties:130
|-
| <nowiki>com.openexchange.servlet.contentSecurityPolicy</nowiki>
| <nowiki>""</nowiki>
| <nowiki>The value of Content-Security-Policy header Please refer to An Introduction to Content Security Policy (http://www.html5rocks.com/en/tutorials/security/content-security-policy/) Default value is empty; meaning no Content-Security-Policy header </nowiki>
| server.properties:135
|-
| <nowiki>com.openexchange.servlet.maxRateTimeWindow</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Specify the rate limit' time window in which to track incoming HTTP requests Default value is 300000 (5 minutes). </nowiki>
| server.properties:139
|-
| <nowiki>com.openexchange.servlet.maxRate</nowiki>
| <nowiki>500</nowiki>
| <nowiki>Specify the rate limit that applies to incoming HTTP requests A client that exceeds that limit will receive a "429 Too Many Requests" HTTP error code That rate limit acts like a sliding window time frame; meaning that it considers only requests that fit into time windows specified through "com.openexchange.servlet.maxRateTimeWindow" from current time stamp: window-end := $now window-start := $window-end - $maxRateTimeWindow Default value is 500 requests per $maxRateTimeWindow (default: 5 minutes). </nowiki>
| server.properties:148
|-
| <nowiki>com.openexchange.servlet.maxRateLenientModules</nowiki>
| <nowiki>rt, system</nowiki>
| <nowiki>Specify those AJAX-accessible modules which are excluded from the rate limit checks Default value: rt, system </nowiki>
| server.properties:152
|-
| <nowiki>com.openexchange.servlet.maxRateLenientClients</nowiki>
| <nowiki>"Open-Xchange .NET HTTP Client*", "Open-Xchange USM HTTP Client*", "Jakarta Commons-HttpClient*"</nowiki>
| <nowiki>Specify (wildcard notation supported) those User-Agents which are excluded from the rate limit checks Default value: "Open-Xchange .NET HTTP Client*", "Open-Xchange USM HTTP Client*", "Jakarta Commons-HttpClient*" </nowiki>
| server.properties:156
|-
| <nowiki>com.openexchange.servlet.maxRateKeyPartProviders</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify how to associate a rate limit with a HTTP request By default a rate limit is associated with that tuple of { remote-address, user-agent } This does not apply to all scenarios. Therefore it is possible to specify more parts in a comma-separated list that build up the key. Possible values are: - "http-session" := The identifier of the request-associated HTTP session aka JSESSIONID cookie - "cookie-" + <cookie-name> := Specifies the (ignore-case) name of the arbitrary cookie whose value is considered. If missing it is ignored. - "header-" + <header-name> := Specifies the (ignore-case) name of the arbitrary header whose value is considered. If missing it is ignored. - "parameter-" + <parameter-name> := Specifies the (ignore-case) name of the arbitrary parameter whose value is considered. If missing it is ignored. E.g. com.openexchange.servlet.maxRateKeyPartProviders=cookie-My-Secret-Cookie, parameter-request_num Default is empty; meaning only remote-address and user-agent are considered </nowiki>
| server.properties:170
|-
| <nowiki>com.openexchange.log.suppressedCategories</nowiki>
| <nowiki>USER_INPUT</nowiki>
| <nowiki>Specifies a comma-separated list of those error categories that shall not be logged Default value is: USER_INPUT </nowiki>
| server.properties:174
|-
| <nowiki>com.openexchange.log.maxMessageLength</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specifies max. message length to log. Messages that exceed that limit are split. A value of less than 1 means unlimited. Default is -1 (unlimited) </nowiki>
| server.properties:179
|-
| <nowiki>com.openexchange.json.maxSize</nowiki>
| <nowiki>2500</nowiki>
| <nowiki>Specify the max. number of allowed attributes for a JSON object </nowiki>
| server.properties:182
|-
| <nowiki>com.openexchange.webdav.disabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Setting this to true means that the WebDav XML servlets for attachments, calendar, contacts and tasks will be disabled. On requests to these servlets a service-not-available (503) response will be sent. See "webdav-disabled-message.txt" to customize the detailed error message that will be sent. </nowiki>
| server.properties:187
|-
| <nowiki>com.openexchange.ajax.response.includeStackTraceOnError</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether the JSON response object should provide the stack trace of the associated exception </nowiki>
| server.properties:190
|-
| <nowiki>com.openexchange.connector.networkListenerHost</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki>The host for the connector's (ajp, http) network listener. Set to "*" if you want to listen on all available interfaces. Default value: 127.0.0.1, bind to localhost only. </nowiki>
| server.properties:195
|-
| <nowiki>com.openexchange.connector.networkListenerPort</nowiki>
| <nowiki>8009</nowiki>
| <nowiki>The default port for the connector's (ajp, http) network listener. Default value: 8009. </nowiki>
| server.properties:199
|-
| <nowiki>MAX_UPLOAD_SIZE</nowiki>
| <nowiki>104857600</nowiki>
| <nowiki>If the sum of all uploaded files in one request is greater than this value, the upload will be rejected. This value can be overridden on a per-module basis by setting the MAX_UPLOAD_SIZE parameter in the modules config file (attachment.properties or infostore.properties). Or it can be overriden on a per-user basis by setting the upload_quota in the mail configuration of this user If this value is set to 0 and not overridden by the module config or user config uploads will be unrestricted. The size is in bytes. </nowiki>
| server.properties:20
|-
| <nowiki>com.openexchange.connector.maxRequestParameters</nowiki>
| <nowiki>30</nowiki>
| <nowiki>Specify the max. number of allowed request parameters for the connector (ajp, http) Default value: 30 </nowiki>
| server.properties:203
|-
| <nowiki>com.openexchange.server.backendRoute</nowiki>
| <nowiki>OX0</nowiki>
| <nowiki>To enable proper load balancing and request routing from {client1, client2 .. .} --> balancer --> {backend1, backend2 ...} we have to append a backend route to the JSESSIONID cookies separated by a '.'. It's important that this backend route is unique for every single backend behind the load balancer. The string has to be a sequence of characters excluding semi-colon, comma and white space so the JSESSIONID cookie stays in accordance with the cookie specification after we append the backendroute to it. Default value: OX0 </nowiki>
| server.properties:213
|-
| <nowiki>com.openexchange.server.considerXForwards</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Decides if we should consider X-Forward-Headers that reach the backend. Those can be spoofed by clients so we have to make sure to consider the headers only if the proxy/proxies reliably override those headers for incoming requests. Default value: true </nowiki>
| server.properties:219
|-
| <nowiki>com.openexchange.server.forHeader</nowiki>
| <nowiki>X-Forwarded-For</nowiki>
| <nowiki>The name of the protocolHeader used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. This is needed for grizzly based setups that make use of http proxying. If the header isn't found the first proxy in front of grizzly will be used as originating IP/remote address. Default value: X-Forwarded-For </nowiki>
| server.properties:227
|-
| <nowiki>com.openexchange.server.knownProxies </nowiki>
| <nowiki> </nowiki>
| <nowiki>A list of know proxies in front of our httpserver/balancer as comma separated IPs e.g: 192.168.1.50, 192.168.1.51 </nowiki>
| server.properties:230
|-
| <nowiki>com.openexchange.html.css.parse.timeout</nowiki>
| <nowiki>4</nowiki>
| <nowiki>Specify the amount of seconds to wait for a CSS content being parsed This property influences parsing of HTML messages. If CSS could not be parsed in time, CSS is stripped from message's content. Default value is 4 </nowiki>
| server.properties:235
|-
| <nowiki>MAX_UPLOAD_IDLE_TIME_MILLIS</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>The max. idle time in milliseconds for an uploaded file temporary stored in upload directory </nowiki>
| server.properties:24
|-
| <nowiki>com.openexchange.log.suppressedCategories</nowiki>
| <nowiki>USER_INPUT</nowiki>
| <nowiki>Specify the OXException categories (comma separted) to be suppressed when logging. The Exception itself will still be logged as configured, but the StackTraces are omitted. Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING Default is USER_INPUT. </nowiki>
| server.properties:241
|-
| <nowiki>com.openexchange.rest.services.basic-auth.login</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the user name used for HTTP basic auth by internal REST servlet Both settings need to be set in order to have basic auth enabled - "com.openexchange.rest.services.basic-auth.login" and "com.openexchange.rest.services.basic-auth.password" Default is empty. Please change! </nowiki>
| server.properties:248
|-
| <nowiki>com.openexchange.rest.services.basic-auth.password</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the password used for HTTP basic auth by internal REST servlet Both settings need to be set in order to have basic auth enabled - "com.openexchange.rest.services.basic-auth.login" and "com.openexchange.rest.services.basic-auth.password" Default is empty. Please change! </nowiki>
| server.properties:255
|-
| <nowiki>MAX_BODY_SIZE</nowiki>
| <nowiki>0</nowiki>
| <nowiki>The max. HTTP body size Zero or less means infinite. /!\ Deprecated: Use "com.openexchange.servlet.maxBodySize" instead /!\ </nowiki>
| server.properties:29
|-
| <nowiki>com.openexchange.defaultMaxConcurrentAJAXRequests</nowiki>
| <nowiki>100</nowiki>
| <nowiki>The default max. number of allowed concurrent requests per user This property only has effect if no individual value has been specified for active user A value less than or equal to zero means infinite </nowiki>
| server.properties:34
|-
| <nowiki>DefaultEncoding</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>DEFAULT ENCODING FOR INCOMING HTTP REQUESTS This value MUST be equal to web server's default encoding </nowiki>
| server.properties:38
|-
| <nowiki>com.openexchange.MinimumSearchCharacters</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Minimum number of characters a search pattern must contain. 0 means no minimum. This should prevent slow searches for contacts or big responses in large contexts. </nowiki>
| server.properties:43
|-
| <nowiki>PUBLISH_REVOKE</nowiki>
| <nowiki></nowiki>
| <nowiki>e-mail address of a person that can be called if data has been published and the actual owner of the data objects to the publication. If removed or left empty, the e-maill address of the context admin is used. </nowiki>
| server.properties:48
|-
| <nowiki>com.openexchange.IPCheck</nowiki>
| <nowiki>true</nowiki>
| <nowiki>On session validation of every request the client IP address is compared with the client IP address used for the login request. If this configuration parameter is set to "true" and the client IP addresses do not match the request will be denied and the denied request is logged with level info. Setting this parameter to "false" will only log the different client IP addresses with debug level. WARNING! This should be only set to "false" if you know what you are doing and if all requests are secure - requests are always encrypted by using HTTPS. </nowiki>
| server.properties:56
|-
| <nowiki>com.openexchange.IPMaskV4</nowiki>
| <nowiki></nowiki>
| <nowiki>Subnet mask for accepting IP-ranges. Using CIDR-Notation for v4 and v6 or dotted decimal only for v4. Examples: com.openexchange.IPMaskV4=255.255.255.0 com.openexchange.IPMaskV4=/24 com.openexchange.IPMaskV6=/60 </nowiki>
| server.properties:64
|-
| <nowiki>com.openexchange.IPMaskV6</nowiki>
| <nowiki></nowiki>
| <nowiki></nowiki>
| server.properties:65
|-
| <nowiki>com.openexchange.IPCheckWhitelist</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify a comma-separated list of client patterns that do bypass IP check E.g. com.openexchange.IPCheckWhitelist="Mobile App*", "Foo*" </nowiki>
| server.properties:69
|-
| <nowiki>com.openexchange.UIWebPath</nowiki>
| <nowiki>/ox6/index.html</nowiki>
| <nowiki>Configures the path on the web server where the UI is located. This path is used to generate links directly into the UI. The default conforms to the path where the UI is installed by the standard packages on the web server. This path is used for the [uiwebpath]. For the Open-Xchange 6 frontend the path needs to be configured to "/ox6/index.html" which is still the default. For the App Suite frontend the path needs to be configured to "/appsuite/". </nowiki>
| server.properties:75
|-
| <nowiki>com.openexchange.dispatcher.prefix</nowiki>
| <nowiki>/ajax/</nowiki>
| <nowiki>Specify the prefix for Central Dispatcher framework (the Open-Xchange AJAX interface) </nowiki>
| server.properties:78
|-
| <nowiki>PrefetchEnabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable or disable SearchIterator prefetch. If prefetch is enabled the underlying ResultSet data is completely stored and all related resources are released immediately when creating a SearchIterator. Possible values: TRUE / FALSE </nowiki>
| server.properties:8
|-
| <nowiki>com.openexchange.cookie.ttl</nowiki>
| <nowiki>1W</nowiki>
| <nowiki>The time-to-live for session, secret and JSESSIONID cookie. Note: Time-to-live is only relevant for session and secret cookie, if autologin is enabled as well. Autologin is configured in sessiond.properties by "com.openexchange.sessiond.autologin" property. Can contain units of measurement: D (=days) W(=weeks) H(=hours). Special identifier "web-browser" to let the Cookie(s) be deleted when the Web browser exits </nowiki>
| server.properties:87
|-
| <nowiki>com.openexchange.cookie.httpOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the "; HttpOnly" should be appended to server cookies exits </nowiki>
| server.properties:90
|-
| <nowiki>com.openexchange.servlet.maxRateLenientRemoteAddresses</nowiki>
| <nowiki></nowiki>
| <nowiki>That property allows to specify (wildcard notation supported) those remote addresses/IPs which are excluded from the rate limit checks. Default value is empty. </nowiki>
| server.properties
|-
| <nowiki>com.openexchange.preview.thumbnail.blockingWorker</nowiki>
| <nowiki>false</nowiki>
| <nowiki> The backend either delivers a thumbnail when it's available from cache or fails fast while initiating the thumbnail creation/caching in the background. The advantage is that clients aren't blocked and can simply retry later when the thumbnail can be delivered from cache.
If there is no cache configured for the user/context:
We either have to generate the thumbnail on the fly which has the potential to block the whole client by occupying the max number of allowed connections to the domain or simply fail fast which leaves the client responsive but without thumbnails
Default value is "false" to keep the client responsive. </nowiki>
| server.properties
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| sessionId2tokenHz.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| sessionId2tokenHz.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| sessionId2tokenHz.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>sessionId2token-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| sessionId2tokenHz.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>300</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. This value should be set equal to value of property "com.openexchange.tokenlogin.maxIdleTime" in file "tokenlogin.properties". Defaults to 300 (5 minutes). </nowiki>
| sessionId2tokenHz.properties:33
|-
| <nowiki>com.openexchange.sessiond.maxSessionPerClient</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Specify the number of sessions allowed per client (Web UI, EAS, WebDAV, ...) and user. A value equal to or less than zero means unlimited </nowiki>
| sessiond.properties:13
|-
| <nowiki>com.openexchange.sessiond.sessionDefaultLifeTime</nowiki>
| <nowiki>3600000</nowiki>
| <nowiki>Life time (in milliseconds) of a session in the short term session containers. After this time the session is put into the long life time container and all temporary session data is removed. This only applies if com.openexchange.sessiond.autologin is enabled. Short term session containers are rotated every 6 minutes. Therefore this value should be a multiple of 6 minutes. Default is 3600000 </nowiki>
| sessiond.properties:20
|-
| <nowiki>com.openexchange.sessiond.sessionLongLifeTime</nowiki>
| <nowiki>1W</nowiki>
| <nowiki>This amount of time a session can live without any interaction, if com.openexchange.sessiond.autologin is enabled. First the session lives in the short term session container, see configuration option com.openexchange.sessiond.sessionDefaultLifeTime. Then the session is moved into the long term session container. The session can be restored from here, but it won't have any temporary session data anymore. Restoring temporary session data may cause some slower functionality and maybe temporary errors on image, proxy data or the like. The overall time a session can live is defined by this option. The life time in the long term session container is the time configured here subtracted by the time in the short term session container. Can contain units of measurement: D(=days) W(=weeks) H(=hours) M(=minutes). Long term session containers are rotated every hour. Therefore this value should be a multiple of 1 hour. </nowiki>
| sessiond.properties:30
|-
| <nowiki>com.openexchange.sessiond.randomTokenTimeout</nowiki>
| <nowiki>30000</nowiki>
| <nowiki>The random token to access a newly created session is valid for this configured time. Can contain units of measurement: D(=days) W(=weeks) H(=hours) M(=minutes). </nowiki>
| sessiond.properties:34
|-
| <nowiki>com.openexchange.sessiond.autologin</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether autologin is allowed or not </nowiki>
| sessiond.properties:37
|-
| <nowiki>com.openexchange.sessiond.encryptionKey</nowiki>
| <nowiki>auw948cz,spdfgibcsp9e8ri+<#qawcghgifzign7c6gnrns9oysoeivn</nowiki>
| <nowiki>Key to encrypt passwords during transmission during session migration. Change this, and make sure it's the same in the entire cluster </nowiki>
| sessiond.properties:44
|-
| <nowiki>com.openexchange.sessiond.asyncPutToSessionStorage</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specify if sessions shall be put asynchronously to session storage Default is true </nowiki>
| sessiond.properties:48
|-
| <nowiki>com.openexchange.sessiond.maxSession</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Maximum number of concurrent sessions, 0 stands for unlimited </nowiki>
| sessiond.properties:6
|-
| <nowiki>com.openexchange.sessiond.maxSessionPerUser</nowiki>
| <nowiki>100</nowiki>
| <nowiki>Maximum number of concurrent sessions per user, a value less than or equal to zero means unlimited </nowiki>
| sessiond.properties:9
|-
| <nowiki>com.openexchange.sessiond.remoteParameterNames</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the colon-separated names of such parameters that are supposed to be taken over from session to stored session representation. The parameter names MUST NOT contain the ':' colon character that serves a delimiter. E.g. com.openexchange.sessiond.remoteParameterNames=remoteParameter1:remoteParameter2:...:remoteParameterN
# By default this setting is empty.Maximum number of concurrent sessions per user, a value less than or equal to zero means unlimited </nowiki>
| sessiond.properties
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| sessions.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| sessions.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| sessions.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>sessions-6</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| sessions.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>640000</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. To avoid unnecessary eviction, the value should be higher than the configured 'com.openexchange.sessiond.sessionLongLifeTime' in 'sessiond.properties'. Defaults to 640000 (a bit more than a week). </nowiki>
| sessions.properties:33
|-
| <nowiki>com.openexchange.sessionstorage.hazelcast.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enabled/disable Hazelcast-based session storage </nowiki>
| sessionstorage-hazelcast.properties:4
|-
| <nowiki>com.openexchange.mail.smal.blacklist </nowiki>
| <nowiki> *</nowiki>
| <nowiki>Specify host names of mail backends that shall be excluded from index access. If set to *, only the primary mail account is allowed to be indexed. Leave empty to allow indexing for all external mail accounts. Example: gmail.com,googlemail.com </nowiki>
| smal.properties:8
|-
| <nowiki>com.openexchange.smtp.smtpAuthEnc</nowiki>
| <nowiki>UTF-8</nowiki>
| <nowiki>Define the encoding for SMTP authentication Default is UTF-8 </nowiki>
| smtp.properties:11
|-
| <nowiki>com.openexchange.smtp.smtpAuthentication</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable SMTP Authentication Default is true </nowiki>
| smtp.properties:15
|-
| <nowiki>com.openexchange.smtp.setSMTPEnvelopeFrom</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Defines if SMTP header ENVELOPE-FROM should be explicitly set to user's primary email address or not Default is false </nowiki>
| smtp.properties:20
|-
| <nowiki>com.openexchange.smtp.smtpTimeout</nowiki>
| <nowiki>50000</nowiki>
| <nowiki>Define the socket I/O timeout value in milliseconds. A value less than or equal to zero is infinite timeout. See also mail.smtp.timeout Default is 50000 </nowiki>
| smtp.properties:25
|-
| <nowiki>com.openexchange.smtp.smtpConnectionTimeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Define the socket connection timeout value in milliseconds. A value less or equal to zero is infinite timeout. See also mail.smtp.connectiontimeout Default is 10000 </nowiki>
| smtp.properties:30
|-
| <nowiki>com.openexchange.smtp.logTransport</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specifies whether a transported message shall be logged providing "Message-Id" header, login, and SMTP server information Default is false </nowiki>
| smtp.properties:34
|-
| <nowiki>com.openexchange.smtp.ssl.protocols</nowiki>
| <nowiki>SSLv3 TLSv1</nowiki>
| <nowiki>Specifies the SSL protocols that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Default value is: SSLv3 TLSv1 </nowiki>
| smtp.properties:38
|-
| <nowiki>com.openexchange.smtp.ssl.ciphersuites</nowiki>
| <nowiki></nowiki>
| <nowiki>Specifies the SSL cipher suites that will be enabled for SSL connections. The property value is a whitespace separated list of tokens. Check "http://<ox-grizzly-hostname>:<ox-grizzly-port>/stats/diagnostic?param=ciphersuites" to check available cipher suites. Default value is empty (fall-back to current JVM's default SSL cipher suite) </nowiki>
| smtp.properties:45
|-
| <nowiki>com.openexchange.smtp.smtpLocalhost</nowiki>
| <nowiki>null</nowiki>
| <nowiki>The localhost name that is going to be used on SMTP's HELO or EHLO command. The default is set to InetAddress.getLocalHost().getHostName() but if either JDK or name service are not configured properly, this routine fails and the HELO or EHLO command is send without a name which leads to an error: "501 HELO requires domain address" The value "null" falls back to InetAddress.getLocalHost().getHostName() which works in most cases. Default is "null" </nowiki>
| smtp.properties:7
|-
| <nowiki>com.openexchange.nosql.cassandra.snappyjava.nativelibs </nowiki>
| <nowiki> @oxsnappydir@/lib</nowiki>
| <nowiki>Path for native libs </nowiki>
| snappy.properties:2
|-
| <nowiki>com.openexchange.soap.cxf.entityExpansionLimit</nowiki>
| <nowiki>128000</nowiki>
| <nowiki>Java platform limits the number of entity expansions that are allowed for a single XML document. Default is 128000, which is considered to be a pretty large number for any real life application. However, if any application does need to have a higher limit, this property (which maps to 'entityExpansionLimit' system property) can be increased to the desired size. Setting it to 0 (zero) means unlimited. Default value is 128000 </nowiki>
| soap-cxf.properties:18
|-
| <nowiki>com.openexchange.soap.cxf.baseAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>Specify the base address for published end points; e.g. "http://www.myserver.com/myservices" Default is empty; meaning to use running machine's address </nowiki>
| soap-cxf.properties:5
|-
| <nowiki>com.openexchange.soap.cxf.hideServiceListPage</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether to hice service list page Default is false </nowiki>
| soap-cxf.properties:9
|-
|<nowiki>com.openexchange.soap.cxf.disableAddressUpdates</nowiki>
| <nowiki>true</nowiki>
| <nowiki>prevents the URL manipulation Default is true </nowiki>
| soap-cxf.properties:25
|-
| <nowiki>com.openexchange.solr.solrHome </nowiki>
| <nowiki> /opt/open-xchange/solr</nowiki>
| <nowiki>This is the path to the home directory of the embedded Solr server. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:10
|-
| <nowiki>com.openexchange.solr.libDir </nowiki>
| <nowiki> /opt/open-xchange/solr/lib</nowiki>
| <nowiki>This is the path to the library directory of the embedded Solr server. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:14
|-
| <nowiki>com.openexchange.solr.configDir </nowiki>
| <nowiki> /opt/open-xchange/solr/conf</nowiki>
| <nowiki>This is the path to the configuration directory of the embedded Solr server. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:18
|-
| <nowiki>com.openexchange.solr.schemaMail </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/schema-mail.xml</nowiki>
| <nowiki>This is the path to the schema file for the mail index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:22
|-
| <nowiki>com.openexchange.solr.configMail </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/solrconfig-mail.xml</nowiki>
| <nowiki>This is the path to the configuration file for the mail index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:26
|-
| <nowiki>com.openexchange.solr.schemaInfostore </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/schema-infostore.xml</nowiki>
| <nowiki>This is the path to the schema file for the infostore index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:30
|-
| <nowiki>com.openexchange.solr.configInfostore </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/solrconfig-infostore.xml</nowiki>
| <nowiki>This is the path to the configuration file for the infostore index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:34
|-
| <nowiki>com.openexchange.solr.schemaAttachments </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/schema-attachments.xml</nowiki>
| <nowiki>This is the path to the schema file for the attachment index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:38
|-
| <nowiki>com.openexchange.solr.configAttachments </nowiki>
| <nowiki> /opt/open-xchange/solr/conf/solrconfig-attachments.xml</nowiki>
| <nowiki>This is the path to the configuration file for the attachment index. Don't change this unless you know what you are doing! </nowiki>
| solr.properties:42
|-
| <nowiki>com.openexchange.solr.isSolrNode </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Indicates whether this OX node is a Solr node or not. Being a Solr node means that this node will be used to perform Solr searches and jobs like indexing mailboxes etc. If set to false, all index search actions will be delegated to a Solr node. </nowiki>
| solr.properties:6
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.port</nowiki>
| <nowiki>783</nowiki>
| <nowiki>If the mail should be send to spamd specify the port of the spamassassin daemon here </nowiki>
| spamassassin.properties:10
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.timeout</nowiki>
| <nowiki>10</nowiki>
| <nowiki>If the mail should be send to spamd specify the timeout after which the try to connect is aborted here </nowiki>
| spamassassin.properties:14
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.retries</nowiki>
| <nowiki>1</nowiki>
| <nowiki>If the mail should be send to spamd specify the connect retries here. </nowiki>
| spamassassin.properties:17
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.spamd</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Choose if a mail should be send to spamd afterwards </nowiki>
| spamassassin.properties:2
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.retrysleep</nowiki>
| <nowiki>1</nowiki>
| <nowiki>If the mail should be send to spamd specify the connect retries sleep here. This is how log should be waited between the different tries. </nowiki>
| spamassassin.properties:21
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.unsubscribeSpamFolders</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Indicates whether the confirmed-spam/confirmed-ham folders shall automatically be unsubscribed during login. Default is true. </nowiki>
| spamassassin.properties:25
|-
| <nowiki>com.openexchange.spamhandler.spamassassin.hostname</nowiki>
| <nowiki>localhost</nowiki>
| <nowiki>If the mail should be send to spamd specify the hostname of the spamassassin daemon here </nowiki>
| spamassassin.properties:6
|-
| <nowiki>modules/com.openexchange.spamhandler.spamexperts/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki>The following property enables the Spamexperts Iframe GUI-Plugins </nowiki>
| spamexperts-ui.properties:9
|-
| <nowiki>com.openexchange.custom.spamexperts.panel_servlet</nowiki>
| <nowiki>/ajax/spamexperts/panel</nowiki>
| <nowiki> The next property defines the mount point of the panel servlet </nowiki>
| spamexperts.properties:10
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.api_interface_url</nowiki>
| <nowiki>http://demo1.spambrand.com/api/authticket/create/username/</nowiki>
| <nowiki> URL of spamexperts Interface to generate new sessions </nowiki>
| spamexperts.properties:15
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.admin_user</nowiki>
| <nowiki>admin</nowiki>
| <nowiki> This property defines the username which should be used as basic auth </nowiki>
| spamexperts.properties:21
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.admin_password</nowiki>
| <nowiki>demo</nowiki>
| <nowiki> This property defines the password which should be used as basic auth </nowiki>
| spamexperts.properties:27
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.api_auth_attribute</nowiki>
| <nowiki>mail</nowiki>
| <nowiki> Which user attribute should be used for authentication against panel API Possible values: - imaplogin -> Users IMAP login - mail -> Users mail address - login -> String which user entered at login mask - username -> Users "username" attribute. </nowiki>
| spamexperts.properties:37
|-
| <nowiki>com.openexchange.custom.spamexperts.panel.web_ui_url</nowiki>
| <nowiki>http://demo1.spambrand.com/?authticket=</nowiki>
| <nowiki> Defines the URL where the panel is available </nowiki>
| spamexperts.properties:43
|-
| <nowiki>com.openexchange.custom.spamexperts.imapurl</nowiki>
| <nowiki></nowiki>
| <nowiki> the imap url to the spamexperts imap server Example: imap://myserver.example.com </nowiki>
| spamexperts.properties:55
|-
| <nowiki>com.openexchange.custom.spamexperts.imapuser</nowiki>
| <nowiki></nowiki>
| <nowiki> username to authenticate against the imap server </nowiki>
| spamexperts.properties:60
|-
| <nowiki>com.openexchange.custom.spamexperts.imappassword</nowiki>
| <nowiki></nowiki>
| <nowiki> password to authenticate against the imap server </nowiki>
| spamexperts.properties:65
|-
| <nowiki>com.openexchange.custom.spamexperts.trainspamfolder</nowiki>
| <nowiki>Spam</nowiki>
| <nowiki> Foldername of folder to place spam mails in order to train the system </nowiki>
| spamexperts.properties:70
|-
| <nowiki>com.openexchange.custom.spamexperts.trainhamfolder</nowiki>
| <nowiki>Not Spam</nowiki>
| <nowiki> Foldername of folder to place ham mails in order to train the system </nowiki>
| spamexperts.properties:75
|-
| <nowiki>com.openexchange.spamhandler.cloudmark.targetHamEmailAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>Defines the eMail address to which the selected eMails will be bounced, if they are marked as Ham. If no address is specified the bounce will be skipped, but moving the selected mails back to the Inbox will still be processed (if configured). Privacy note: This will send private mails of users to that address when marked as Ham </nowiki>
| spamhandler_cloudmark.properties:10
|-
| <nowiki>com.openexchange.spamhandler.cloudmark.targetSpamFolder</nowiki>
| <nowiki>2</nowiki>
| <nowiki>Defines to which folder the selected mails should be moved to after they have been bounced to the target eMail address. If no option is configured the selected mails will be moved to the users trash folder. Possible options are: 0 = Do not move the message at all 1 = User's trash folder (Default) 2 = User's SPAM folder 3 = Subscribed confirmed-spam folder (experimental) </nowiki>
| spamhandler_cloudmark.properties:20
|-
| <nowiki>com.openexchange.spamhandler.cloudmark.targetSpamEmailAddress</nowiki>
| <nowiki></nowiki>
| <nowiki>Defines the eMail address to which the selected eMails will be bounced. If no address is specified the bounce will be skipped, but moving the selected mails to the target folder will still be processed (if configured) </nowiki>
| spamhandler_cloudmark.properties:4
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>driver </nowiki>
| <nowiki> com.mysql.jdbc.Driver</nowiki>
| <nowiki></nowiki>
| sql.properties:1
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>login </nowiki>
| <nowiki> openexchange</nowiki>
| <nowiki></nowiki>
| sql.properties:2
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>password </nowiki>
| <nowiki> secret</nowiki>
| <nowiki></nowiki>
| sql.properties:3
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/open-xchange-db_6</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/open-xchange-db_6</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/ox_test</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://localhost/ox_test</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>url </nowiki>
| <nowiki> jdbc:mysql://devel-master.netline.de/openexchangeHEAD_14</nowiki>
| <nowiki></nowiki>
| sql.properties:4
|-
| <nowiki>com.openexchange.subscribe.autorun</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Defines whether subscriptions should be run automatically on login, if a given interval has elapsed The intervals default to one day, but can be configured individually by subscription type in the subscription source specific configuration files </nowiki>
| subscribe.properties:4
|-
| <nowiki>serviceUsageInspection</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enabled/disable service usage inspection. If enabled, all services obtained and managed by ServiceHolder class will be tracked to ensure all services are put back (via unget) within a certain amount of time. The time range can be defined through property 'serviceUsageTimeout'. </nowiki>
| system.properties:10
|-
| <nowiki>serviceUsageTimeout</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>The service usage timeout in milliseconds. This property only has effect if property 'serviceUsageInspection' is set to 'true'. </nowiki>
| system.properties:14
|-
| <nowiki>MimeTypeFileName</nowiki>
| <nowiki>mime.types</nowiki>
| <nowiki>Name of the MIME type file </nowiki>
| system.properties:17
|-
| <nowiki>UserConfigurationStorage</nowiki>
| <nowiki>Caching</nowiki>
| <nowiki>Name of the class implementing the UserConfigurationStorage. Currently known aliases: Caching, DB </nowiki>
| system.properties:21
|-
| <nowiki>Cache</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Switch for enabling caching in the groupware. Normally this should be set to true or the database will get a lot more load. </nowiki>
| system.properties:25
|-
| <nowiki>CalendarSQL</nowiki>
| <nowiki>com.openexchange.groupware.calendar.CalendarMySQL</nowiki>
| <nowiki></nowiki>
| system.properties:29
|-
| <nowiki>SERVER_NAME</nowiki>
| <nowiki>local</nowiki>
| <nowiki>Server name registered by registerserver in the configuration database can be read with listservers </nowiki>
| system.properties:33
|-
| <nowiki>com.openexchange.config.cascade.scopes</nowiki>
| <nowiki>user, context, contextSets, server</nowiki>
| <nowiki>The scopes to use in the config cascade, and their precedence </nowiki>
| system.properties:36
|-
| <nowiki>com.openexchange.caching.configfile</nowiki>
| <nowiki>cache.ccf</nowiki>
| <nowiki>Location of default cache configuration file </nowiki>
| system.properties:4
|-
| <nowiki>com.openexchange.threadpool.testinjector.freqmillis</nowiki>
| <nowiki>10000</nowiki>
| <nowiki>Frequency millis </nowiki>
| testinjector.properties:10
|-
| <nowiki>com.openexchange.threadpool.testinjector.factor</nowiki>
| <nowiki>100</nowiki>
| <nowiki>Increase factor </nowiki>
| testinjector.properties:13
|-
| <nowiki>com.openexchange.threadpool.testinjector.sleepmillis</nowiki>
| <nowiki>2500</nowiki>
| <nowiki>Time to waste per task </nowiki>
| testinjector.properties:16
|-
| <nowiki>com.openexchange.threadpool.testinjector.enabled</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enabled </nowiki>
| testinjector.properties:4
|-
| <nowiki>com.openexchange.threadpool.testinjector.rampup</nowiki>
| <nowiki>1000</nowiki>
| <nowiki>Ramp-up count </nowiki>
| testinjector.properties:7
|-
| <nowiki>com.openexchange.threadpool.maximumPoolSize</nowiki>
| <nowiki>2147483647</nowiki>
| <nowiki>The maximum number of threads to allow in the pool. Default is max. integer value of 2^31 - 1 which is considered as unlimited max. number of threads. </nowiki>
| threadpool.properties:11
|-
| <nowiki>com.openexchange.threadpool.keepAliveTime</nowiki>
| <nowiki>60000</nowiki>
| <nowiki>When the number of threads is greater than the core, this is the maximum time (in milliseconds) that excess idle threads will wait for new tasks before terminating. Default is 60000msec </nowiki>
| threadpool.properties:17
|-
| <nowiki>com.openexchange.threadpool.workQueue</nowiki>
| <nowiki>synchronous</nowiki>
| <nowiki>The queue type to use for holding tasks before they are executed. This queue will hold only the tasks submitted by the execute method. Supported values: synchronous and linked A synchronous queue is an appropriate choice when "com.openexchange.threadpool.maximumPoolSize" is unlimited and possible rejection of tasks is allowed. A synchronous queue has no capacity, it rather acts as a direct hand-off of tasks to an already waiting worker thread and will deny the task if there is no further worker thread to process the task. A linked queue is an appropriate choice when "com.openexchange.threadpool.maximumPoolSize" is limited and rejection of tasks is prohibited. A linked queue has a (fixed) capacity to store submitted tasks which have to wait for a worker thread to become ready. </nowiki>
| threadpool.properties:29
|-
| <nowiki>com.openexchange.threadpool.corePoolSize</nowiki>
| <nowiki>3</nowiki>
| <nowiki>The number of threads to keep in the pool, even if they are idle. If unsure follow this rule: Number of CPUs + 1 </nowiki>
| threadpool.properties:3
|-
| <nowiki>com.openexchange.threadpool.workQueueSize</nowiki>
| <nowiki>0</nowiki>
| <nowiki>The size of the work queue. Zero means unlimited size. Note: If this property is set to a value greater than zero, property "com.openexchange.threadpool.workQueue" is implicitly set to "linked" to accomplish a fixed-size work queue. </nowiki>
| threadpool.properties:34
|-
| <nowiki>com.openexchange.threadpool.blocking</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable blocking behavior. A blocking behavior means that caller is blocked until space becomes available in working queue. This is useful for installation with limited capacities concerning max. number of threads and a bounded blocking work queue. </nowiki>
| threadpool.properties:38
|-
| <nowiki>com.openexchange.threadpool.refusedExecutionBehavior</nowiki>
| <nowiki>abort</nowiki>
| <nowiki>The default behavior to obey when execution is blocked because the thread bounds and queue capacities are reached. Supported values: abort, caller-runs, discard abort: Aborts execution by throwing an appropriate exception to the caller caller-runs: The caller is considered to run the task if thread pool is unable to do so discard: The task is silently discarded. No exception is thrown. </nowiki>
| threadpool.properties:46
|-
| <nowiki>com.openexchange.threadpool.prestartAllCoreThreads</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Starts all core threads, causing them to idly wait for work. This overrides the default policy of starting core threads only when new tasks are executed. </nowiki>
| threadpool.properties:7
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.backupCount</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Number of backups. If 1 is set as the backup-count for example, then all entries of the map will be copied to another JVM for fail-safety. 0 means no backup. </nowiki>
| token2sessionIdHz.properties:11
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.asyncBackupCount</nowiki>
| <nowiki>0</nowiki>
| <nowiki>Number of nodes with async backups. Async backups do not block operations and do not require acknowledgements. 0 means no backup. Any integer between 0 and 6. Default is 0, setting bigger than 6 has no effect. </nowiki>
| token2sessionIdHz.properties:16
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.readBackupData</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Can we read the local backup entries? Default value is false for strong consistency. Being able to read backup data will give you greater performance. </nowiki>
| token2sessionIdHz.properties:21
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.name</nowiki>
| <nowiki>token2sessionId-1</nowiki>
| <nowiki>The name of the map. Don't change this on your own. </nowiki>
| token2sessionIdHz.properties:24
|-
| <nowiki>com.openexchange.hazelcast.configuration.map.maxIdleSeconds</nowiki>
| <nowiki>300</nowiki>
| <nowiki>Maximum number of seconds for each entry to stay idle in the map. Entries that are idle (not touched) for more than <max-idle-seconds> will get automatically evicted from the map. Entry is touched if get, put or containsKey is called. Any integer between 0 and Integer.MAX_VALUE. 0 means infinite. This value should be set equal to value of property "com.openexchange.tokenlogin.maxIdleTime" in file "tokenlogin.properties". Defaults to 300 (5 minutes). </nowiki>
| token2sessionIdHz.properties:33
|-
| <nowiki>com.openexchange.tokenlogin</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable or disable token-login </nowiki>
| tokenlogin.properties:4
|-
| <nowiki>com.openexchange.tokenlogin.maxIdleTime</nowiki>
| <nowiki>300000</nowiki>
| <nowiki>Specify the maximum time (in milliseconds) a token may be idle before it is evicted Default is 300000 (5 minutes) </nowiki>
| tokenlogin.properties:8
|-
| <nowiki>com.openexchange.mail.transport.enablePublishOnExceededQuota</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable to publish email attachments if quota is exceeded rather than throwing an appropriate error. ------- /!\ Please be aware that this option requires infostore module to be enabled! /!\ ------- </nowiki>
| transport.properties:15
|-
| <nowiki>com.openexchange.mail.transport.publishingPublicInfostoreFolder</nowiki>
| <nowiki>i18n-defined</nowiki>
| <nowiki>Specify the name of the publishing infostore folder which is created below public infostore folder. The denoted folder is created if absent only if "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled The special identifier "i18n-defined" indicates to use translation of text "E-Mail attachments". </nowiki>
| transport.properties:20
|-
| <nowiki>com.openexchange.mail.transport.publishPrimaryAccountOnly</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether all accounts or only primary account are affected if property "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled. </nowiki>
| transport.properties:24
|-
| <nowiki>com.openexchange.mail.transport.sendAttachmentToExternalRecipients</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Whether external recipients shall receive file attachments instead of publication links although quota is exceeded if property "com.openexchange.mail.transport.enablePublishOnExceededQuota" is enabled. </nowiki>
| transport.properties:28
|-
| <nowiki>com.openexchange.mail.transport.provideLinksInAttachment</nowiki>
| <nowiki>false</nowiki>
| <nowiki>This options enables that publication links are provided in a separate "text/html" file attachment named "links.html, instead of inserting them to top of mail text. This avoids modification of original mail text. If set to "false", the publication links are inserted to top of mail text. </nowiki>
| transport.properties:33
|-
| <nowiki>com.openexchange.mail.transport.publishedDocumentTimeToLive</nowiki>
| <nowiki>604800000</nowiki>
| <nowiki>Define the time-to-live in milliseconds for published email attachments </nowiki>
| transport.properties:36
|-
| <nowiki>com.openexchange.mail.transport.referencedPartLimit</nowiki>
| <nowiki>1048576</nowiki>
| <nowiki>Define the limit in bytes for keeping an internal copy of a referenced MIME message's part when sending a mail. If a part exceeds this limit a temporary file is created holding part's copy </nowiki>
| transport.properties:4
|-
| <nowiki>com.openexchange.mail.transport.externalRecipientsLocale</nowiki>
| <nowiki>user-defined</nowiki>
| <nowiki>Set the identifier of the locale to use when composing text sent to external recipients; e.g "en", or "de" The special identifier "user-defined" indicates to use that locale from the user who sends the email. </nowiki>
| transport.properties:40
|-
| <nowiki>com.openexchange.mail.transport.removeMimeVersionInSubParts</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Specify whether to strictly obey suggestion in RFC 2045 The MIME-Version header field is required at the top level of a message, but is _not_ required for each body part of a multipart entity. If set to "true", each message is processed to not contain a MIME-Version header in sub-parts Default is "false" </nowiki>
| transport.properties:46
|-
| <nowiki>com.openexchange.mail.defaultTransportProvider</nowiki>
| <nowiki>smtp</nowiki>
| <nowiki>The transport provider fallback if an URL does not contain/define a protocol </nowiki>
| transport.properties:7
|-
| <nowiki>com.openexchange.twitter.http.proxyPort</nowiki>
| <nowiki></nowiki>
| <nowiki>The HTTP proxy port </nowiki>
| twitter.properties:10
|-
| <nowiki>com.openexchange.twitter.http.connectionTimeout</nowiki>
| <nowiki>20000</nowiki>
| <nowiki>Connection time out </nowiki>
| twitter.properties:13
|-
| <nowiki>com.openexchange.twitter.http.readTimeout</nowiki>
| <nowiki>120000</nowiki>
| <nowiki>Read time out </nowiki>
| twitter.properties:16
|-
| <nowiki>com.openexchange.twitter.http.retryCount</nowiki>
| <nowiki>3</nowiki>
| <nowiki>Retry count </nowiki>
| twitter.properties:19
|-
| <nowiki>com.openexchange.twitter.http.retryIntervalSecs</nowiki>
| <nowiki>10</nowiki>
| <nowiki>Retry interval seconds </nowiki>
| twitter.properties:22
|-
| <nowiki>com.openexchange.twitter.consumerKey</nowiki>
| <nowiki>kZX3V4AmAWwC53yA5RjHbQ</nowiki>
| <nowiki>The consumer key </nowiki>
| twitter.properties:28
|-
| <nowiki>com.openexchange.twitter.consumerSecret</nowiki>
| <nowiki>HvY7pVFFQSGPVu9LCoBMUhvMpS00qdtqBob99jucc</nowiki>
| <nowiki>The consumer secret </nowiki>
| twitter.properties:31
|-
| <nowiki>com.openexchange.twitter.clientVersion</nowiki>
| <nowiki>2.2.3</nowiki>
| <nowiki>The client version string </nowiki>
| twitter.properties:4
|-
| <nowiki>com.openexchange.twitter.http.proxyHost</nowiki>
| <nowiki></nowiki>
| <nowiki>The HTTP proxy host </nowiki>
| twitter.properties:7
|-
| <nowiki>com.openexchange.messaging.twitter</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Whether the twitter messaging service is available </nowiki>
| twittermessaging.properties:2
|-
| <nowiki>com.openexchange.oauth.twitter</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable Twitter OAuth bundle </nowiki>
| twitteroauth.properties:4
|-
| <nowiki>ui/global/toolbar/mode/value</nowiki>
| <nowiki>tabbased</nowiki>
| <nowiki>UI: Toolbar type Possible values: tabbased|simple </nowiki>
| ui.properties:11
|-
| <nowiki>ui/global/toolbar/mode/configurable</nowiki>
| <nowiki>true</nowiki>
| <nowiki>All user to configure the latter Possible values: true|false </nowiki>
| ui.properties:15
|-
| <nowiki>ui/mail/showContactImage/value </nowiki>
| <nowiki> true</nowiki>
| <nowiki>UI: Show contact images in email view Possible values: true|false </nowiki>
| ui.properties:19
|-
| <nowiki>ui/mail/showContactImage/configurable </nowiki>
| <nowiki> true</nowiki>
| <nowiki>All user to configure the latter Possible values: true|false Please configure the ui.yml accordingly. </nowiki>
| ui.properties:24
|-
| <nowiki>ui/mail/replyTo/configurable </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Allow user to configure a reply-to address Possible values: true|false </nowiki>
| ui.properties:28
|-
| <nowiki>ui/global/windows/mode/value</nowiki>
| <nowiki>embedded</nowiki>
| <nowiki>UI: Window manager Possible values: embedded and popups </nowiki>
| ui.properties:3
|-
| <nowiki>ui/portal/autoRefresh </nowiki>
| <nowiki> false</nowiki>
| <nowiki>Auto refresh portal page Possible values: true|false Whenever the user accesses the portal, all visible widgets get refreshed (mail, calendar, contacts etc.). Default is false. </nowiki>
| ui.properties:34
|-
| <nowiki>ui/portal/customUWA </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Allow custom UWA widgets Possible values: true|false Disables add, remove, edit in UI. Default is true. </nowiki>
| ui.properties:39
|-
| <nowiki>ui/global/expert/mode/configurable </nowiki>
| <nowiki> true</nowiki>
| <nowiki>Allow disabling of expert mode Possible values: true|false value does not affect user setting. reserved for future use. </nowiki>
| ui.properties:44
|-
| <nowiki>ui/global/expert/mode/value </nowiki>
| <nowiki> false</nowiki>
| <nowiki></nowiki>
| ui.properties:45
|-
| <nowiki>ui/global/windows/mode/configurable</nowiki>
| <nowiki>true</nowiki>
| <nowiki>All user to configure the latter Possible values: true|false </nowiki>
| ui.properties:7
|-
| <nowiki>com.openexchange.outlook.updater.allowEditUrl</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Set this to false if users should not be able to change the URL that points to update.xml.
In that case the updater is delivered with an according installation parameter that forbids editing the URL. </nowiki>
| updater.properties
|-
| <nowiki>modules/com.openexchange.upsell.multiple.gui/module</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| upsell-multiple-gui.properties:1
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.oxuser.template_subject</nowiki>
| <nowiki>/opt/open-xchange/etc/groupware/upsell_mail_subject_ox_enduser.tmpl</nowiki>
| <nowiki> Subject to use for emails which are sent to the ox enduser. If you need i18n support, create template with suffix "_<LANGUAGE_CODE>" Example: upsell_mail_subject_ox_enduser.tmpl_de_DE For placeholders, see above. </nowiki>
| upsell.properties:102
|-
| <nowiki>com.openexchange.upsell.multiple.servlet</nowiki>
| <nowiki>/ajax/upsell/multiple</nowiki>
| <nowiki> The next property defines the mount point of the servlet </nowiki>
| upsell.properties:109
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.host</nowiki>
| <nowiki>127.0.0.1</nowiki>
| <nowiki> FOR TESTING, DEMO ONLY. DO NOT TOUCH IF YOU DONT KNOW WHAT THESE OPTIONS MEAN! OX API RMI Host, IF not localhost, make sure the OX accepts remote RMI connections! See AdminDaemon.properties for enabling remote connections. </nowiki>
| upsell.properties:117
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.masteradmin</nowiki>
| <nowiki>oxadminmaster</nowiki>
| <nowiki> OX API RMI Masteradmin </nowiki>
| upsell.properties:122
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.masteradmin.pass</nowiki>
| <nowiki>secret</nowiki>
| <nowiki> OX API RMI Masteradmin Password </nowiki>
| upsell.properties:127
|-
| <nowiki>com.openexchange.upsell.multiple.rmi.downgrade.accessname</nowiki>
| <nowiki>pim</nowiki>
| <nowiki> Which access-combination-name should be used for downgrading the context </nowiki>
| upsell.properties:132
|-
| <nowiki>com.openexchange.upsell.multiple.method.external.shop_api_url</nowiki>
| <nowiki>http://shop.host.com/api/generateshopurl</nowiki>
| <nowiki>DISABLED AT THE MOMENT! URL of the external Interface to generate "upsell URL" for customers shop or control center URL will be used in a POST request with following parameters of the logged in ox user: src = "ox_upsell" user = <ox_username> userid = <ox_user_id> pwd = <ox_user_password> cid = <ox_user_cid> mail = <ox_user_mail> login = <ox_user_full_login_from_login_mask> imaplogin = <ox_user_imap_login> clicked_feat = <clicked_feature_at_gui> upsell_plan = <clicked_upsell_plan> </nowiki>
| upsell.properties:151
|-
| <nowiki>com.openexchange.upsell.multiple.method</nowiki>
| <nowiki>static</nowiki>
| <nowiki> Define which Upsell method should be used Possible values: a) direct b) static, c) email direct = Redirect within IFRAME immediately to com.openexchange.upsell.multiple.method.static.shop_redir_url value after clicking one of the upsell triggers static = Redirect AFTER clicking a button within the shipped OX Upsell pages email = Send email to specific address AFTER clicking a button within the shipped OX Upsell pages </nowiki>
| upsell.properties:33
|-
| <nowiki>com.openexchange.upsell.multiple.method.static.shop_redir_url</nowiki>
| <nowiki>http://shop.host.tld/?shop=true&src=ox&user=_USER_&userid=_USERID_&mail=_MAIL_&login=_LOGIN_&imaplogin=_IMAPLOGIN_&clicked_feat=_CLICKED_FEATURE_&lang=_LANG_&cid=_CID_</nowiki>
| <nowiki>b) Defines the static URL to redirect with all parameters we can pass , see below for all possible parameters </nowiki>
| upsell.properties:39
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.address</nowiki>
| <nowiki>upsell@shop.host.tld</nowiki>
| <nowiki>c) Defines the email address where upsell will send all infos to for processing this request </nowiki>
| upsell.properties:45
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.template</nowiki>
| <nowiki>/opt/open-xchange/etc/groupware/upsell_mail_body.tmpl</nowiki>
| <nowiki> Email template to load, if not found, hardcoded text will be used. Following placeholders will be replaced by ox users data: "_USER_" "_USERID_" "_MAIL_" "_LOGIN_" "_IMAPLOGIN" "_CLICKED_FEATURE_" "_UPSELL_PLAN_" - Not in use. "_CID_" "_LANG_" "_PURCHASE_TYPE_" - Only used if email or static method is used due to the OX upsell layout/buttons "_INVITE_" - User checked "invite my friends" checkbox in upsell box </nowiki>
| upsell.properties:63
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.subject</nowiki>
| <nowiki>OX upsell in context _CID_ for user _USERID_ (_USER_) with email _MAIL_ was requested by clicking _CLICKED_FEATURE_</nowiki>
| <nowiki> Mail subject to use when sending upsell request mails. See available placeholders in option above </nowiki>
| upsell.properties:68
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.oxuser.enabled</nowiki>
| <nowiki>true</nowiki>
| <nowiki> Send info email to ox enduser to inform about upsell? </nowiki>
| upsell.properties:74
|-
| <nowiki>com.openexchange.upsell.multiple.method.email.oxuser.template</nowiki>
| <nowiki>/opt/open-xchange/etc/groupware/upsell_mail_body_ox_enduser.tmpl</nowiki>
| <nowiki>Following placeholders can be replaced by ox users data: "_USER_" "_USERID_" "_MAIL_" "_LOGIN_" "_IMAPLOGIN" "_CLICKED_FEATURE_" "_UPSELL_PLAN_" - Not in use. "_CID_" "_LANG_" "_PURCHASE_TYPE_" - Only used if email or static method is used due to the OX upsell layout/buttons </nowiki>
| upsell.properties:94
|-
| <nowiki>com.openexchange.user.contactCollectOnMailAccess</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define the default behavior whether to collect contacts on mail access Note: Appropriate user access permission still needs to be granted in order to take effect </nowiki>
| user.properties:11
|-
| <nowiki>com.openexchange.user.contactCollectOnMailTransport</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Define the default behavior whether to collect contacts on mail transport Note: Appropriate user access permission still needs to be granted in order to take effect </nowiki>
| user.properties:15
|-
| <nowiki>com.openexchange.user.maxClientCount</nowiki>
| <nowiki>-1</nowiki>
| <nowiki>Specify the max. allowed number of client identifiers stored/tracked per user A value equal to or less than zero means unlimited Default is -1 </nowiki>
| user.properties:20
|-
| <nowiki>com.openexchange.user.beta</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Specify whether beta features are enabled/disabled per default. The value is remembered for every user in its attributes. </nowiki>
| user.properties:4
|-
| <nowiki>com.openexchange.folder.tree</nowiki>
| <nowiki>1</nowiki>
| <nowiki>Defines the default folder tree that should be used if a user has not selected one. </nowiki>
| user.properties:7
|-
| <nowiki>com.openexchange.oauth.xing.apiSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_SECRET</nowiki>
| <nowiki>The API secret </nowiki>
| xingoauth.properties:10
|-
| <nowiki>com.openexchange.oauth.xing.consumerKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_CONSUMER_KEY</nowiki>
| <nowiki>The consumer key (for upsell) </nowiki>
| xingoauth.properties:13
|-
| <nowiki>com.openexchange.oauth.xing.consumerSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_CONSUMER_SECRET</nowiki>
| <nowiki>The consumer secret (for upsell) </nowiki>
| xingoauth.properties:16
|-
| <nowiki>com.openexchange.oauth.xing</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable </nowiki>
| xingoauth.properties:4
|-
| <nowiki>com.openexchange.oauth.xing.apiKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_YOUR_XING_PRODUCTIVE_KEY</nowiki>
| <nowiki>The API key </nowiki>
| xingoauth.properties:7
|-
| <nowiki>com.openexchange.subscribe.socialplugin.xing</nowiki>
| <nowiki>true</nowiki>
| <nowiki>Enable/disable XING subscribe service </nowiki>
| xingsubscribe.properties:4
|-
| <nowiki>com.openexchange.oauth.yahoo</nowiki>
| <nowiki>false</nowiki>
| <nowiki>Enable/disable Yahoo OAuth support </nowiki>
| yahoooauth.properties:2
|-
| <nowiki>com.openexchange.oauth.yahoo.apiKey</nowiki>
| <nowiki>REPLACE_THIS_WITH_VALUE_OBTAINED_FROM_YAHOO</nowiki>
| <nowiki></nowiki>
| yahoooauth.properties:4
|-
| <nowiki>com.openexchange.oauth.yahoo.apiSecret</nowiki>
| <nowiki>REPLACE_THIS_WITH_VALUE_OBTAINED_FROM_YAHOO</nowiki>
| <nowiki></nowiki>
| yahoooauth.properties:5
|-
| <nowiki>com.openexchange.subscribe.socialplugin.yahoo</nowiki>
| <nowiki>true</nowiki>
| <nowiki></nowiki>
| yahoosubscribe.properties:1
|-
| <nowiki>com.openexchange.subscribe.socialplugin.yahoo.autorunInterval</nowiki>
| <nowiki>1d</nowiki>
| <nowiki></nowiki>
| yahoosubscribe.properties:2
|}
[[Category:OX6]] [[Category:AppSuite]] [[Category:Administrator]] [[Category:Configuration]] [[Category:Generated]]

AppSuite:Filestorages

2017-03-20T12:56:09Z

Ioannis.chouklis: /* Configuration */

= Common preparations =
This page shows how to setup external file stores. For all of these file stores you have to install the package "open-xchange-oauth", which provides the necessary authentication mechanisms.

Moreover your setup is required to be reachable via HTTPS, since the providers expect that a call-back URL to your setup is specified. Such a call-back URL is only accepted if it contains the <source enclose="none" lang="java">"https://"</source> scheme., e.g.:
<syntaxhighlight lang="java">
"https://my.oxsetup.invalid/ajax/defer"
</syntaxhighlight>

== Keep HTTPS protocol ==
[[Appsuite:Grizzly#Cluster_setup]] shows that HTTPS communication is terminated by the Apache balancer in front of the Open-Xchange nodes. To let the Open-Xchange application know about the HTTPS protocol that is used to communicate with the Apache server:
* Either set a special header in the SSL virtual hosts configurations in Apache to forward this information. The de facto standard for this is the <source enclose="none" lang="java">"X-Forwarded-Proto"</source> header. See [[Appsuite:Grizzly#X-FORWARDED-PROTO_Header]] for how to setup that header.
* Or force the Open-Xchange application to assume it is reached via SSL through setting property <source enclose="none" lang="properties">"com.openexchange.forceHTTPS=true"</source> in file ''/opt/open-xchange/etc/server.properties''.

== Deferrer URL ==
Open-Xchange application uses the deferrer URL as call-back for some of the providers, which use OAuth v2.0 authentication (such as Google).

If your OX server is reachable only via one host name, you won't have to do anything. If it is reachable by more than one host name, create or open the file ''/opt/openexchange/etc/groupware/deferrer.properties'' and set the properties therein as such:
<syntaxhighlight lang="properties">
com.openexchange.http.deferrer.url=https://mymaindomain.invalid
</syntaxhighlight>

= Dropbox =

To setup the Dropbox file store you have to install the package "open-xchange-file-storage-dropbox".

== Registering your app ==
* Log in to your Dropbox account [https://www.dropbox.com/login here], and create your Dropbox app [https://www.dropbox.com/developers/apps/create here]
* There are two options available creating an app, Drops-in App & Dropbox API App. Please select '''Dropbox API''' app and enter the name of your app.
* Go to [https://www.dropbox.com/developers/apps App Console] and select your created app. Select settings tab to view the <source enclose="none" lang="java">APP_KEY</source> (App key) and <source enclose="none" lang="java">SECRET_KEY</source> (App secret)

== Configuration ==
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/dropboxoauth.properties'':

* Enable the OAuth connector to Dropbox OAuth
<syntaxhighlight lang="properties">
com.openexchange.oauth.dropbox=true
</syntaxhighlight>
<br>

* Set the API key and secret
<syntaxhighlight lang="properties">
com.openexchange.oauth.dropbox.apiKey=REPLACE_THIS_WITH_DROPBOX_APP_KEY
com.openexchange.oauth.dropbox.apiSecret=REPLACE_THIS_WITH_DROPBOX_APP_SECRET
</syntaxhighlight>
<br>

* Set the redirect URL. Please ensure the following conditions are met:
** The redirect URL specified in the Dropbox App needs to be the same as the one specified by this property.
** The redirect URI uses <source enclose="none" lang="java">"https://"</source> as protocol
** The redirect URI follows the pattern: <source enclose="none" lang="java">"https://" + <host-name> + "/ajax/defer"</source>
<syntaxhighlight lang="properties">
com.openexchange.oauth.dropbox.redirectUrl=
</syntaxhighlight>
E.g. <source enclose="none" lang="java">"https://myappsuite.mydomain.invalid/ajax/defer"</source>
<br>

* Set the product ID of the registered Dropbox app
<syntaxhighlight lang="properties">
com.openexchange.oauth.dropbox.productName=
</syntaxhighlight>
<br>

You can define them system-wide or via the config cascade mechanism.

{{InstallPlugin|pluginname=open-xchange-file-storage-dropbox|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}}

= Google Drive =

To setup the Google Drive file store you have to install the package "open-xchange-file-storage-googledrive".

== Registering your app ==
* Sign in to [https://console.developers.google.com/ Google Developers Console] using your Google account
* Please follow [https://developers.google.com/identity/sign-in/web/devconsole-project these] instructions to create a new project with a client ID, which is needed to call the sign-in API
* Enable the following APIs for your project
** BigQuery API
** Calendar API
** Contacts API
** Drive API
** Drive SDK
** Gmail API
** Google Cloud SQL
** Google Cloud Storage
** Google Cloud Storage JSON API

== Configuration ==
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/googleoauth.properties'':

* Enable the OAuth connector to Google OAuth
<syntaxhighlight lang="properties">
com.openexchange.oauth.google=true
</syntaxhighlight>
<br>

* Set the API key and secret, which is Client ID and Client Secret to call the sign-in API (Select your project, select API manager from upper left burger menu, select credentials in left side bar, select Client ID for Web application)
<syntaxhighlight lang="properties">
com.openexchange.oauth.google.apiKey=REPLACE_THIS_WITH_YOUR_CLIENT_ID
com.openexchange.oauth.google.apiSecret=REPLACE_THIS_WITH_YOUR_CLIENT_SECRET
</syntaxhighlight>
<br>

* Set the redirect URL. Please ensure the following conditions are met:
** The redirect URL specified in the Google App needs to be the same as the one specified by this property.
** The redirect URI uses <source enclose="none" lang="java">"https://"</source> as protocol
** The redirect URI follows the pattern: <source enclose="none" lang="java">"https://" + <host-name> + "/ajax/defer"</source>
<syntaxhighlight lang="properties">
com.openexchange.oauth.google.redirectUrl=
</syntaxhighlight>
E.g. <source enclose="none" lang="java">"https://myappsuite.mydomain.invalid/ajax/defer"</source>
<br>

* Set the product ID of the registered Google app
<syntaxhighlight lang="properties">
com.openexchange.oauth.google.productName=
</syntaxhighlight>
<br>

You can define them system-wide or via the config cascade mechanism.

{{InstallPlugin|pluginname=open-xchange-file-storage-googledrive|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}}

= Microsoft Onedrive =
To setup the Microsoft OneDrive file store you have to install the package "open-xchange-file-storage-onedrive".

== Registering your app ==
* Please follow [https://msdn.microsoft.com/en-us/library/ff751474.aspx this guide] to create/register your app

== Configuration ==
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/msliveconntectoauth.properties'':

* Enable the OAuth connector
<syntaxhighlight lang="properties">
com.openexchange.oauth.msliveconnect=true
</syntaxhighlight>
<br>

* Set the API key and secret
<syntaxhighlight lang="properties">
com.openexchange.oauth.msliveconnect.apiKey=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_KEY
com.openexchange.oauth.msliveconnect.apiSecret=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_CLIENT_SECRET
</syntaxhighlight>
<br>

* Set the redirect URL
<syntaxhighlight lang="properties">
com.openexchange.oauth.msliveconnect.redirectUrl=REPLACE_THIS_WITH_YOUR_MS_LIVE_CONNECT_REDIRECT_URL
</syntaxhighlight>
<br>

You can define them system-wide or via the config cascade mechanism.

{{InstallPlugin|pluginname=open-xchange-file-storage-onedrive|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}}

= Box.com =
To setup the Box.com file store you have to install the package "open-xchange-file-storage-boxcom".

== Registering your app ==
* Sign in to [https://developers.box.com/ box Developers]
* Select '''Create a Box Application'''
* Select '''Box Content'''
* Hit '''Configure your application'''
* Enter ''redirect_uri''' (the deferrer URL; e.g. <source enclose="none" lang="java">"https://my.oxsetup.invalid/ajax/defer"</source>)
* Enable ''Read and write all files and folders''

== Configuration ==
In addition you have to configure the following properties in file ''/opt/open-xchange/etc/boxcomoauth.properties'':

* Enable the OAuth connector
<syntaxhighlight lang="properties">
com.openexchange.oauth.boxcom=true
</syntaxhighlight>
<br>

* Set the API key and secret
<syntaxhighlight lang="properties">
com.openexchange.oauth.boxcom.apiKey=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_KEY
com.openexchange.oauth.boxcom.apiSecret=REPLACE_THIS_WITH_YOUR_BOX_CLIENT_SECRET
</syntaxhighlight>
<br>

* Set the redirect URL
<syntaxhighlight lang="properties">
com.openexchange.oauth.boxcom.redirectUrl=REPLACE_THIS_WITH_YOUR_BOX_REDIRECT_URL
</syntaxhighlight>
<br>

You can define them system-wide or via the config cascade mechanism.

{{InstallPlugin|pluginname=open-xchange-file-storage-boxcom|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}}

HTTP API MailFilter

2016-10-11T11:02:09Z

Ioannis.chouklis: /* Actions */

<center>'''Open-Xchange Mail Filter HTTP API'''</center>

= Introduction =
This document describes only the mail filter HTTP-API. So it's only a part which must be embedded into something which counts for login/logout, session handling and low-level protocol issues such as error handling. At the moment this will be the groupware server. So the modules needed for basic operations can be found there.

= Module mailfilter =
This module is used to access all mail filter related options.

First of all the main structure of a mail filter script is, that it has different rules. Each of them contains one command. This command takes a test condition which executes the actions given in that command if the test condition is true.

The test condition consists of a test command and some arguments for this command depending on the command itself. Because the available tests depend on the mail filter server, these tests must be determined at runtime. So that no test field is transferred to the server which it isn't able to handle. Examples for tests are <tt>address</tt>, <tt>allof</tt> and <tt>anyof</tt>.

Each test has a special comparison. The list of available comparisons depends on the test given and the mail filter server configuration so they have to be determined at runtime too.

Each time you want to do some action on a mail you need a so called action command. This describes what to do with a mail. To action commands the same applies as to the test commands and their comparison types, they must be determined at runtime.

All those dynamical values can be fetched via a config object at startup. This object shows the capabilities of the server to the client. This allows the client to show only the capabilities the server actually has to the user and to send only objects to the server which produce no errors on the server side.

To deal with this high flexibility of mail filters this specification can be roughly divided into 2 parts. A non-changing core and dynamical extensions. The core specification is that each rule consists of a name, an ID, a value showing if this rule is active or not and a tag which can be set on a rule to mark that rule for a special purpose. Furthermore each rule takes a test object, specifying in what case the following actions are triggered, and one or many actioncommands, specifying the actions itself. For a detailed specification see [[#Table 1|Table 1]].

The objects for the tests and the actions are dynamical, so the set presented in this specification may be changed over the time, but only compatible changes are allowed to the objects, otherwise new test or action objects have to be introduced. Due to the fact that not every sieve implementation will offer all the capabilities written in this document, the server will sent his configuration if a special request is made. This configuration will show which of the tests and which of the actions are allowed. So for example if the server signals that it is capable of handling vacation, sending a vacation object as action is safe.

Furthermore some tests use a comparison field as stated above which specifies how the fields are compared. The values of this field must also be determined at runtime. So in the configuration object there is a special part which shows the comparisons which are available. Note that not all comparisons can be used with every test. Some of them are denoted to a special test, which can be found in the [[#Table 3|Table 3]].

= The core =
As written in the introduction the main part of a mail filter are the rules. A rule object will always have the structure you can see in the table below ([[#Table 1|Table 1]]). The dynamical parts are the test, which are represented by different options, see [[#Tests|4.1. Tests]], and the actions, also represented in [[#Actions|4.2. Actions]]. Note that the test and actioncmds fields and the text and errormsg fields are mutual exclusive. So if test and actioncmds fields are filled the text and errormsg fields are not present and vice versa.

{| id="Table 1" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| Integer
|
| A unique identifier (once created must not be changed)

|-
| position
| Integer
|
| The position inside the mail filter list. Starts with 0

|-
| rulename
| String
|
| A name describing the rule, can be empty but must not contain a line break

|-
| active
| Boolean
|
| If this rule is active or not

|-
| flags
| Array
|
| A string array containing flags which are set on this rule. Each flag can only contain the following characters: 1-9 a-z A-Z. Currently 3 flags are reserved here: "spam" which marks the default spam rule, "vacation" which marks the vacation rules and "autoforward" which marks an autoforwarding rule.

|-
| test
| Object
|
| The structure of the different test objects can be found in section [[#Tests|4.1. Tests]]. The valid tests in the current setup can be found in the configuration object

|-
| actioncmds
| Array
|
| An array of action objects whose different structures can be found in section [[#Actions|4.2. Actions]]. The action commands which are valid here can be determined through the config object see Table 24

|-
| text
| String
|
| If this rule cannot be read in this string is filled containing the whole lines of this command.

|-
| errormsg
| String
|
| If this rule cannot be read in this string is filled containing a message why, or what part of the rule isn't known

|}
<center>''Table 1: Structure of a rule''</center>

= The dynamical part =
== Tests ==
In this section you will find the structures of all test commands which are specified until now. First a complete list of all test commands is given with a short description of them, afterwards a complete list of all comparison as they belong to the test section. Finally the different objects for those test commands are specified.

{| id="Table 2" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| address
| This test type applies to addresses only. So it may be used for all header fields which contain addresses. This test returns true if any combination of the header-list and values-list arguments match.

|-
| envelope
| This test applies to the envelope of a mail. This test isn't used under normal circumstances as the envelope isn't accessible in all mail setups. This test returns true if any combination of the header-list and values-list arguments match'''.'''

|-
| true
| A test for a true result (can be used if an action command should be executed every time)'''.'''

|-
| not
| Negates a given test'''.'''

|-
| size
| Deals with the size of the mail'''.'''

|-
| currentdate
| Compares a given date with the current date ('''available with 6.20''')

|-
| header
| Tests against all headers of a mail. So with this test in contrast to the address test also fields such as subject can be handled. This test returns true if any combination of the header-list and values-list arguments match.

|-
| body
| Tests against the content of a mail.

|-
| allof
| Defines an AND condition between several tests'''.'''

|-
| anyof
| Defines an OR condition between several tests'''.'''

|}
<center>''Table 2: List of all possible tests''</center>

{| id="Table 3" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Description</center>

|-
| is
| If a field is equal to a given value

|-
| contains
| If a field contains a given value at any position

|-
| matches
| Tests if the value matches the value in the specified field. Here some wild cards can be used. "*" matches zero or more characters, and "?" matches a single character. To use the characters themselves they have to be escaped via a backslash.

|-
| regex
| Tests if a given regular expression matches with the value present in the specified field.

|-
| user
| Tests if the user part of an e-mail address is the value given here. This means in [mailto:herbert+mustermann@example.com herbert+mustermann@example.com]. The user checks the part herbert.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| detail
| Tests if the detail part of an e-mail address is the value given here. In the example above this evaluates to mustermann.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| all
| Tests if the e-mail address is the value given here. This means in [mailto:herbert.mustermann@example.com herbert.mustermann@example.com], the all checks the entire e-mail address (Since 7.8.3)

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| localpart
| Tests if the local part of an e-mail address is the value given here. This means in [mailto:herbert.mustermann@example.com herbert.mustermann@example.com], the localpart checks the part herbert.mustermann (Since 7.8.3).

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| domain
| Tests if the domain part of an e-mail address is the value given here. This means in [mailto:herbert.mustermann@example.com herbert.mustermann@example.com], the domain checks the part example.com (Since 7.8.3).

'''Attention: '''This comparison can only be used in conjunction with the address test

|}
<center>''Table 3: List of all possible comparisons''</center>

{| id="Table 4" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| address
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 4: Structure of address-test''</center>

{| id="Table 5" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| envelope
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 5: Structure of envelope-test''</center>

{| id="Table 6" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| true
| A string describing the test command.

|}
<center>''Table 6: Structure of true-test''</center>

{| id="Table 7" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| not
| A string describing the test command.

|-
| test
| Object
|
| One of the test objects which result will be negated

|}
<center>''Table 7: Structure of not-test''</center>

{| id="Table 8" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| size
| A string describing the test command.

|-
| comparison
| String
|
| Only two types are valid here. A description can be found in [[#Table 9|Table 9]].

|-
| size
| Number
|
| A number specifying the size for this comparison, in bytes.

|}
<center>''Table 8: Structure of size-test''</center>

{| id="Table 9" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| over
| Used in the size test to check for a value greater than the given one

|-
| under
| Used in the size test to check for a value less than the given one

|}
<center>''Table 9: Types of comparison for size''</center>

{| id="currentdate" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| currentdate
| A string describing the test command.

|-
| comparison
| String
|
| Only three types are valid here. A description can be found in [[#Table 11|Table 11]].

|-
| datepart
| String
|
| A string containing the string "date", "weekday" or "time" ('''available with 7.6.1''') as we only allow fix date, time and weekday comparisions for now.

|-
| datevalue
| Array
|
| A value array containing the corresponding value to the datepart. For "date" and "time" this will be an array of "Date" (unix timestamp). For "weekday", it will be an array of integers ranging from 0 to 6, reflecting the equivalent weekday, starting from Sunday through Saturday, i.e. 0 - Sunday, ..., 6 - Saturday. The test will be true if any of the values matches

|}
<center>''Table 10: Structure of currentdate-test''</center>

{| id="Table 11" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| is
| Used in the date test to check for a value equal to the given one

|-
| ge
| Used in the date test to check for a value greater or equal to the given one

|-
| le
| Used in the date test to check for a value less or equal to the given one

|}
<center>''Table 11: Types of comparison for currentdate''</center>

{| id="Table 12" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| header
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]])

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the values for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 12: Structure of header-test''</center>

{| id="Table 13" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| body
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| extensionskey
| String
|
| The extension key can be one of the value found in [[#Table 12|Table 12]]

|-
| extensionsvalue
| String
|
| A value for the given key. If the key has no value (see [[#Table 12|Table 12]] for this information) the value given here is ignored

|-
| values
| Array
|
| A string array containing the values for the body. The test will be true if any of the strings matches

|}
<center>''Table 13: Structure of body-test''</center>

{| id="Table 14" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| content
| An extension used in conjunction with the body test to define the content which should be considered. This extension will need a parameter specifying the mime-type of the part of the message which will be searched.

|-
| text
| An extension used in conjunction with the body test to define that only the text of the body should be considered in this test. This extension takes no parameter

|}
<center>''Table 14: List of possible extensions''</center>

{| id="Table 15" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| allof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 15: Structure of allof-test''</center>

{| id="Table 16" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| anyof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 16: Structure of anyof-test''</center>

== Actions ==
In this section you will find the structures of all action commands which are specified until now. First a complete list of all action commands is given with a short description of them, later on the different objects for those commands are specified.

{| id="Table 17" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| keep
| Keeps a mail non changed

|-
| discard
| Discards a mail without any processing

|-
| redirect
| Redirects a mail to a given e-mail address

|-
| move
| Moves a mail into a given subfolder. The syntax for the subfolder given here. Must be the correct syntax of the underlying IMAP-server. So it is up to the GUI to detect things such as altnamespace or unixhierarchysep.

|-
| reject
| Rejects the mail with a given text

|-
| stop
| Stops any further progressing of a mail

|-
| vacation
| Creates a vacation mail

|-
| addflags
| Adds flags to a mail

|-
| notify
| adds a notification

|-
| pgp
| encrypts a mail via pgp

|}
<center>''Table 17: List of possible action commands''</center>

{| id="Table 18" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| keep
| A string defining the object itself

|}
<center>''Table 18: Structure of keep-command''</center>

{| id="Table 19" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| discard
| A string defining the object itself

|}
<center>''Table 19: Structure of discard-command''</center>

{| id="Table 20" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| redirect
| A string defining the object itself

|-
| to
| String
|
| A string containing where the mail should be redirected to

|-
| keep
| boolean
|
| A boolean flag indicating whether a copy of the e-mail will be kept in the local INBOX (Since 7.8.3)

|}
<center>''Table 20: Structure of redirect-command''</center>

{| id="Table 21" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| move
| A string defining the object itself

|-
| into
| String
|
| This string takes the object id of the destination mail folder as specified in the HTTP API of the groupware

|}
<center>''Table 21: Structure of move-command''</center>

{| id="Table 22" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| reject
| A string defining the object itself

|-
| text
| String
|
| A string containing the reason why the mail is rejected

|}
<center>''Table 22: Structure of reject-command''</center>

{| id="Table 23" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| stop
| A string defining the object itself

|}
<center>''Table 23: Structure of stop-command''</center>

{| id="Table 24" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| vacation
| A string defining the object itself

|-
| days
| Integer
|
| The days for which a vacation text is returned

|-
| addresses
| Array
|
| The addresses for which this vacation is responsible. That means for which addresses out of the aliases array of the user defining this filter, vacations will be sent.

|-
| from
| String or Array
|
| Support for the ':from' tag. Specifies the value of the from header for the auto-reply mail, e.g. Foo Bear <foo.bear@ox.io> (Since 7.8.1). The array of strings should be a simple JSONArray with length 2; the first element should include the personal part of the e-mail address and the second element the actual e-mail address. If only the e-mail address is available, that should be the only element of the array.

|-
| subject
| String
|
| The new subject for the returned message (can be left empty, when only adding RE:)

|-
| text
| String
|
| The vacation text itself

|}
<center>''Table 24: Structure of vacation-command''</center>

{| id="Table 25" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| addflags
| A string defining the object itself

|-
| flags
| Array
|
| An array containing the flags which should be added to that mail. A flag can be either a system flag or a user flag. System flags begin with a backslash (\) and can be one of the following:
* \seen
* \answered
* \flagged
* \deleted
* \draft
* \recent
System flags are case-insensitive.

User flags begin with a dollar sign ($) and can contain any ASCII characters between 0x21 (!) and 0x7E (~), inclusive, except for the characters 0x22, 0x25, 0x28, 0x29, 0x2A, 0x5C, 0x5D and 0x7B, which correspond to
"%()*\]{
Mail color flags as used by OX are implemented by user flags of the form $cl_''n'', where ''n'' is a number between 1 and 10, includive.

See RFC 3501 for further details on IMAP flags and their meanings.
|}
<center>''Table 25: Structure of addflags-command''</center>

{| id="Table 26" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| notify
| A string defining the object itself

|-
| message
| String
|
| the content of the notification message

|-
| method
| String
|
| the method of the notification message, e.g. <pre>"mailto:012345678@sms.gateway"</pre>

|}
<center>''Table 26: Structure of notify-command''</center>

{| id="Table 27" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| pgp
| A string defining the object itself

|-
| keys
| Array
|
| The public keys as string which should be used for encryption

|}
<center>''Table 27: Structure of pgp-command''</center>

= Requests =
== Get the configuration of the mail filter backend ==
<tt>GET /ajax/mailfilter?action=config</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An object describing the configuration like described in [[#Table 28|Table 28]].

{| id="Table 28" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| tests
| Array
|
| An array containing test-objects like described in [[#Table 29|Table 29]]

|-
| actioncommands
| Array
|
| An array containing the valid action commands as strings. A list of all possible values can be found in [[#Table 17|Table 17]].

|}
<center>''Table 28: Config object''</center>

{| id="Table 29" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| test
| String
|
| A name for the test. A list of all possible tests can be found in [[#Table 2|Table 2]]. The corresponding objects can be used in the test field in [[#Table 1|Table 1]].

|-
| comparison
| Array
|
| A string array containing the valid comparison types for this test. Possible values are given in [[#Table 3|Table 3]]. Values given in this array can be used in the comparison field in

|}
<center>''Table 29: Test object''</center>

== Get all mail filter rules ==
<tt>GET /ajax/mailfilter?action=list</tt>

Parameters:

* <tt>flag</tt> If given, only rules with this flag are returned
* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An array of rule objects like described in [[#Table 1|Table 1]].

== Create a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=new</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]]. If the field <tt>position</tt> is included in [[#Table 1|Table 1]] it's taken as the position of the rule in the array on the server side. Note that this value shouldn't be greater than the size of all rules

Response body: An integer for the id of the new created rule.

== Delete a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=delete</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An object with the field <tt>id</tt>.

== Reorder mail filter rules ==
PUT <tt>/ajax/mailfilter?action=reorder</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An array of unique ids which represents how the rule with the corresponding unique ids are ordered

== Update a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=update</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]] with the <tt>id</tt> set (which identifies the rule to change). Only modified fields are present.

== Delete the whole script ==
PUT <tt>/ajax/mailfilter?action=deletescript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to kick a whole script if it contains errors in the grammar.

== Get the whole script ==
PUT <tt>/ajax/mailfilter?action=getscript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: A text of the complete sieve script

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to get the plaintext of a complete script.

HTTP API MailFilter

2016-10-11T09:36:19Z

Ioannis.chouklis:

<center>'''Open-Xchange Mail Filter HTTP API'''</center>

= Introduction =
This document describes only the mail filter HTTP-API. So it's only a part which must be embedded into something which counts for login/logout, session handling and low-level protocol issues such as error handling. At the moment this will be the groupware server. So the modules needed for basic operations can be found there.

= Module mailfilter =
This module is used to access all mail filter related options.

First of all the main structure of a mail filter script is, that it has different rules. Each of them contains one command. This command takes a test condition which executes the actions given in that command if the test condition is true.

The test condition consists of a test command and some arguments for this command depending on the command itself. Because the available tests depend on the mail filter server, these tests must be determined at runtime. So that no test field is transferred to the server which it isn't able to handle. Examples for tests are <tt>address</tt>, <tt>allof</tt> and <tt>anyof</tt>.

Each test has a special comparison. The list of available comparisons depends on the test given and the mail filter server configuration so they have to be determined at runtime too.

Each time you want to do some action on a mail you need a so called action command. This describes what to do with a mail. To action commands the same applies as to the test commands and their comparison types, they must be determined at runtime.

All those dynamical values can be fetched via a config object at startup. This object shows the capabilities of the server to the client. This allows the client to show only the capabilities the server actually has to the user and to send only objects to the server which produce no errors on the server side.

To deal with this high flexibility of mail filters this specification can be roughly divided into 2 parts. A non-changing core and dynamical extensions. The core specification is that each rule consists of a name, an ID, a value showing if this rule is active or not and a tag which can be set on a rule to mark that rule for a special purpose. Furthermore each rule takes a test object, specifying in what case the following actions are triggered, and one or many actioncommands, specifying the actions itself. For a detailed specification see [[#Table 1|Table 1]].

The objects for the tests and the actions are dynamical, so the set presented in this specification may be changed over the time, but only compatible changes are allowed to the objects, otherwise new test or action objects have to be introduced. Due to the fact that not every sieve implementation will offer all the capabilities written in this document, the server will sent his configuration if a special request is made. This configuration will show which of the tests and which of the actions are allowed. So for example if the server signals that it is capable of handling vacation, sending a vacation object as action is safe.

Furthermore some tests use a comparison field as stated above which specifies how the fields are compared. The values of this field must also be determined at runtime. So in the configuration object there is a special part which shows the comparisons which are available. Note that not all comparisons can be used with every test. Some of them are denoted to a special test, which can be found in the [[#Table 3|Table 3]].

= The core =
As written in the introduction the main part of a mail filter are the rules. A rule object will always have the structure you can see in the table below ([[#Table 1|Table 1]]). The dynamical parts are the test, which are represented by different options, see [[#Tests|4.1. Tests]], and the actions, also represented in [[#Actions|4.2. Actions]]. Note that the test and actioncmds fields and the text and errormsg fields are mutual exclusive. So if test and actioncmds fields are filled the text and errormsg fields are not present and vice versa.

{| id="Table 1" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| Integer
|
| A unique identifier (once created must not be changed)

|-
| position
| Integer
|
| The position inside the mail filter list. Starts with 0

|-
| rulename
| String
|
| A name describing the rule, can be empty but must not contain a line break

|-
| active
| Boolean
|
| If this rule is active or not

|-
| flags
| Array
|
| A string array containing flags which are set on this rule. Each flag can only contain the following characters: 1-9 a-z A-Z. Currently 3 flags are reserved here: "spam" which marks the default spam rule, "vacation" which marks the vacation rules and "autoforward" which marks an autoforwarding rule.

|-
| test
| Object
|
| The structure of the different test objects can be found in section [[#Tests|4.1. Tests]]. The valid tests in the current setup can be found in the configuration object

|-
| actioncmds
| Array
|
| An array of action objects whose different structures can be found in section [[#Actions|4.2. Actions]]. The action commands which are valid here can be determined through the config object see Table 24

|-
| text
| String
|
| If this rule cannot be read in this string is filled containing the whole lines of this command.

|-
| errormsg
| String
|
| If this rule cannot be read in this string is filled containing a message why, or what part of the rule isn't known

|}
<center>''Table 1: Structure of a rule''</center>

= The dynamical part =
== Tests ==
In this section you will find the structures of all test commands which are specified until now. First a complete list of all test commands is given with a short description of them, afterwards a complete list of all comparison as they belong to the test section. Finally the different objects for those test commands are specified.

{| id="Table 2" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| address
| This test type applies to addresses only. So it may be used for all header fields which contain addresses. This test returns true if any combination of the header-list and values-list arguments match.

|-
| envelope
| This test applies to the envelope of a mail. This test isn't used under normal circumstances as the envelope isn't accessible in all mail setups. This test returns true if any combination of the header-list and values-list arguments match'''.'''

|-
| true
| A test for a true result (can be used if an action command should be executed every time)'''.'''

|-
| not
| Negates a given test'''.'''

|-
| size
| Deals with the size of the mail'''.'''

|-
| currentdate
| Compares a given date with the current date ('''available with 6.20''')

|-
| header
| Tests against all headers of a mail. So with this test in contrast to the address test also fields such as subject can be handled. This test returns true if any combination of the header-list and values-list arguments match.

|-
| body
| Tests against the content of a mail.

|-
| allof
| Defines an AND condition between several tests'''.'''

|-
| anyof
| Defines an OR condition between several tests'''.'''

|}
<center>''Table 2: List of all possible tests''</center>

{| id="Table 3" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Description</center>

|-
| is
| If a field is equal to a given value

|-
| contains
| If a field contains a given value at any position

|-
| matches
| Tests if the value matches the value in the specified field. Here some wild cards can be used. "*" matches zero or more characters, and "?" matches a single character. To use the characters themselves they have to be escaped via a backslash.

|-
| regex
| Tests if a given regular expression matches with the value present in the specified field.

|-
| user
| Tests if the user part of an e-mail address is the value given here. This means in [mailto:herbert+mustermann@example.com herbert+mustermann@example.com]. The user checks the part herbert.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| detail
| Tests if the detail part of an e-mail address is the value given here. In the example above this evaluates to mustermann.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| all
| Tests if the e-mail address is the value given here. This means in [mailto:herbert.mustermann@example.com herbert.mustermann@example.com], the all checks the entire e-mail address (Since 7.8.3)

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| localpart
| Tests if the local part of an e-mail address is the value given here. This means in [mailto:herbert.mustermann@example.com herbert.mustermann@example.com], the localpart checks the part herbert.mustermann (Since 7.8.3).

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| domain
| Tests if the domain part of an e-mail address is the value given here. This means in [mailto:herbert.mustermann@example.com herbert.mustermann@example.com], the domain checks the part example.com (Since 7.8.3).

'''Attention: '''This comparison can only be used in conjunction with the address test

|}
<center>''Table 3: List of all possible comparisons''</center>

{| id="Table 4" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| address
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 4: Structure of address-test''</center>

{| id="Table 5" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| envelope
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 5: Structure of envelope-test''</center>

{| id="Table 6" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| true
| A string describing the test command.

|}
<center>''Table 6: Structure of true-test''</center>

{| id="Table 7" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| not
| A string describing the test command.

|-
| test
| Object
|
| One of the test objects which result will be negated

|}
<center>''Table 7: Structure of not-test''</center>

{| id="Table 8" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| size
| A string describing the test command.

|-
| comparison
| String
|
| Only two types are valid here. A description can be found in [[#Table 9|Table 9]].

|-
| size
| Number
|
| A number specifying the size for this comparison, in bytes.

|}
<center>''Table 8: Structure of size-test''</center>

{| id="Table 9" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| over
| Used in the size test to check for a value greater than the given one

|-
| under
| Used in the size test to check for a value less than the given one

|}
<center>''Table 9: Types of comparison for size''</center>

{| id="currentdate" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| currentdate
| A string describing the test command.

|-
| comparison
| String
|
| Only three types are valid here. A description can be found in [[#Table 11|Table 11]].

|-
| datepart
| String
|
| A string containing the string "date", "weekday" or "time" ('''available with 7.6.1''') as we only allow fix date, time and weekday comparisions for now.

|-
| datevalue
| Array
|
| A value array containing the corresponding value to the datepart. For "date" and "time" this will be an array of "Date" (unix timestamp). For "weekday", it will be an array of integers ranging from 0 to 6, reflecting the equivalent weekday, starting from Sunday through Saturday, i.e. 0 - Sunday, ..., 6 - Saturday. The test will be true if any of the values matches

|}
<center>''Table 10: Structure of currentdate-test''</center>

{| id="Table 11" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| is
| Used in the date test to check for a value equal to the given one

|-
| ge
| Used in the date test to check for a value greater or equal to the given one

|-
| le
| Used in the date test to check for a value less or equal to the given one

|}
<center>''Table 11: Types of comparison for currentdate''</center>

{| id="Table 12" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| header
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]])

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the values for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 12: Structure of header-test''</center>

{| id="Table 13" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| body
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| extensionskey
| String
|
| The extension key can be one of the value found in [[#Table 12|Table 12]]

|-
| extensionsvalue
| String
|
| A value for the given key. If the key has no value (see [[#Table 12|Table 12]] for this information) the value given here is ignored

|-
| values
| Array
|
| A string array containing the values for the body. The test will be true if any of the strings matches

|}
<center>''Table 13: Structure of body-test''</center>

{| id="Table 14" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| content
| An extension used in conjunction with the body test to define the content which should be considered. This extension will need a parameter specifying the mime-type of the part of the message which will be searched.

|-
| text
| An extension used in conjunction with the body test to define that only the text of the body should be considered in this test. This extension takes no parameter

|}
<center>''Table 14: List of possible extensions''</center>

{| id="Table 15" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| allof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 15: Structure of allof-test''</center>

{| id="Table 16" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| anyof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 16: Structure of anyof-test''</center>

== Actions ==
In this section you will find the structures of all action commands which are specified until now. First a complete list of all action commands is given with a short description of them, later on the different objects for those commands are specified.

{| id="Table 17" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| keep
| Keeps a mail non changed

|-
| discard
| Discards a mail without any processing

|-
| redirect
| Redirects a mail to a given e-mail address

|-
| move
| Moves a mail into a given subfolder. The syntax for the subfolder given here. Must be the correct syntax of the underlying IMAP-server. So it is up to the GUI to detect things such as altnamespace or unixhierarchysep.

|-
| reject
| Rejects the mail with a given text

|-
| stop
| Stops any further progressing of a mail

|-
| vacation
| Creates a vacation mail

|-
| addflags
| Adds flags to a mail

|-
| notify
| adds a notification

|-
| pgp
| encrypts a mail via pgp

|}
<center>''Table 17: List of possible action commands''</center>

{| id="Table 18" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| keep
| A string defining the object itself

|}
<center>''Table 18: Structure of keep-command''</center>

{| id="Table 19" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| discard
| A string defining the object itself

|}
<center>''Table 19: Structure of discard-command''</center>

{| id="Table 20" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| redirect
| A string defining the object itself

|-
| to
| String
|
| A string containing where the mail should be redirected to

|}
<center>''Table 20: Structure of redirect-command''</center>

{| id="Table 21" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| move
| A string defining the object itself

|-
| into
| String
|
| This string takes the object id of the destination mail folder as specified in the HTTP API of the groupware

|}
<center>''Table 21: Structure of move-command''</center>

{| id="Table 22" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| reject
| A string defining the object itself

|-
| text
| String
|
| A string containing the reason why the mail is rejected

|}
<center>''Table 22: Structure of reject-command''</center>

{| id="Table 23" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| stop
| A string defining the object itself

|}
<center>''Table 23: Structure of stop-command''</center>

{| id="Table 24" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| vacation
| A string defining the object itself

|-
| days
| Integer
|
| The days for which a vacation text is returned

|-
| addresses
| Array
|
| The addresses for which this vacation is responsible. That means for which addresses out of the aliases array of the user defining this filter, vacations will be sent.

|-
| from
| String or Array
|
| Support for the ':from' tag. Specifies the value of the from header for the auto-reply mail, e.g. Foo Bear <foo.bear@ox.io> (Since 7.8.1). The array of strings should be a simple JSONArray with length 2; the first element should include the personal part of the e-mail address and the second element the actual e-mail address. If only the e-mail address is available, that should be the only element of the array.

|-
| subject
| String
|
| The new subject for the returned message (can be left empty, when only adding RE:)

|-
| text
| String
|
| The vacation text itself

|}
<center>''Table 24: Structure of vacation-command''</center>

{| id="Table 25" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| addflags
| A string defining the object itself

|-
| flags
| Array
|
| An array containing the flags which should be added to that mail. A flag can be either a system flag or a user flag. System flags begin with a backslash (\) and can be one of the following:
* \seen
* \answered
* \flagged
* \deleted
* \draft
* \recent
System flags are case-insensitive.

User flags begin with a dollar sign ($) and can contain any ASCII characters between 0x21 (!) and 0x7E (~), inclusive, except for the characters 0x22, 0x25, 0x28, 0x29, 0x2A, 0x5C, 0x5D and 0x7B, which correspond to
"%()*\]{
Mail color flags as used by OX are implemented by user flags of the form $cl_''n'', where ''n'' is a number between 1 and 10, includive.

See RFC 3501 for further details on IMAP flags and their meanings.
|}
<center>''Table 25: Structure of addflags-command''</center>

{| id="Table 26" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| notify
| A string defining the object itself

|-
| message
| String
|
| the content of the notification message

|-
| method
| String
|
| the method of the notification message, e.g. <pre>"mailto:012345678@sms.gateway"</pre>

|}
<center>''Table 26: Structure of notify-command''</center>

{| id="Table 27" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| pgp
| A string defining the object itself

|-
| keys
| Array
|
| The public keys as string which should be used for encryption

|}
<center>''Table 27: Structure of pgp-command''</center>

= Requests =
== Get the configuration of the mail filter backend ==
<tt>GET /ajax/mailfilter?action=config</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An object describing the configuration like described in [[#Table 28|Table 28]].

{| id="Table 28" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| tests
| Array
|
| An array containing test-objects like described in [[#Table 29|Table 29]]

|-
| actioncommands
| Array
|
| An array containing the valid action commands as strings. A list of all possible values can be found in [[#Table 17|Table 17]].

|}
<center>''Table 28: Config object''</center>

{| id="Table 29" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| test
| String
|
| A name for the test. A list of all possible tests can be found in [[#Table 2|Table 2]]. The corresponding objects can be used in the test field in [[#Table 1|Table 1]].

|-
| comparison
| Array
|
| A string array containing the valid comparison types for this test. Possible values are given in [[#Table 3|Table 3]]. Values given in this array can be used in the comparison field in

|}
<center>''Table 29: Test object''</center>

== Get all mail filter rules ==
<tt>GET /ajax/mailfilter?action=list</tt>

Parameters:

* <tt>flag</tt> If given, only rules with this flag are returned
* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An array of rule objects like described in [[#Table 1|Table 1]].

== Create a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=new</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]]. If the field <tt>position</tt> is included in [[#Table 1|Table 1]] it's taken as the position of the rule in the array on the server side. Note that this value shouldn't be greater than the size of all rules

Response body: An integer for the id of the new created rule.

== Delete a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=delete</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An object with the field <tt>id</tt>.

== Reorder mail filter rules ==
PUT <tt>/ajax/mailfilter?action=reorder</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An array of unique ids which represents how the rule with the corresponding unique ids are ordered

== Update a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=update</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]] with the <tt>id</tt> set (which identifies the rule to change). Only modified fields are present.

== Delete the whole script ==
PUT <tt>/ajax/mailfilter?action=deletescript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to kick a whole script if it contains errors in the grammar.

== Get the whole script ==
PUT <tt>/ajax/mailfilter?action=getscript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: A text of the complete sieve script

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to get the plaintext of a complete script.

HTTP API MailFilter

2016-01-11T11:37:09Z

Ioannis.chouklis: /* Actions */

<center>'''Open-Xchange Mail Filter HTTP API'''</center>

= Introduction =
This document describes only the mail filter HTTP-API. So it's only a part which must be embedded into something which counts for login/logout, session handling and low-level protocol issues such as error handling. At the moment this will be the groupware server. So the modules needed for basic operations can be found there.

= Module mailfilter =
This module is used to access all mail filter related options.

First of all the main structure of a mail filter script is, that it has different rules. Each of them contains one command. This command takes a test condition which executes the actions given in that command if the test condition is true.

The test condition consists of a test command and some arguments for this command depending on the command itself. Because the available tests depend on the mail filter server, these tests must be determined at runtime. So that no test field is transferred to the server which it isn't able to handle. Examples for tests are <tt>address</tt>, <tt>allof</tt> and <tt>anyof</tt>.

Each test has a special comparison. The list of available comparisons depends on the test given and the mail filter server configuration so they have to be determined at runtime too.

Each time you want to do some action on a mail you need a so called action command. This describes what to do with a mail. To action commands the same applies as to the test commands and their comparison types, they must be determined at runtime.

All those dynamical values can be fetched via a config object at startup. This object shows the capabilities of the server to the client. This allows the client to show only the capabilities the server actually has to the user and to send only objects to the server which produce no errors on the server side.

To deal with this high flexibility of mail filters this specification can be roughly divided into 2 parts. A non-changing core and dynamical extensions. The core specification is that each rule consists of a name, an ID, a value showing if this rule is active or not and a tag which can be set on a rule to mark that rule for a special purpose. Furthermore each rule takes a test object, specifying in what case the following actions are triggered, and one or many actioncommands, specifying the actions itself. For a detailed specification see [[#Table 1|Table 1]].

The objects for the tests and the actions are dynamical, so the set presented in this specification may be changed over the time, but only compatible changes are allowed to the objects, otherwise new test or action objects have to be introduced. Due to the fact that not every sieve implementation will offer all the capabilities written in this document, the server will sent his configuration if a special request is made. This configuration will show which of the tests and which of the actions are allowed. So for example if the server signals that it is capable of handling vacation, sending a vacation object as action is safe.

Furthermore some tests use a comparison field as stated above which specifies how the fields are compared. The values of this field must also be determined at runtime. So in the configuration object there is a special part which shows the comparisons which are available. Note that not all comparisons can be used with every test. Some of them are denoted to a special test, which can be found in the [[#Table 3|Table 3]].

= The core =
As written in the introduction the main part of a mail filter are the rules. A rule object will always have the structure you can see in the table below ([[#Table 1|Table 1]]). The dynamical parts are the test, which are represented by different options, see [[#Tests|4.1. Tests]], and the actions, also represented in [[#Actions|4.2. Actions]]. Note that the test and actioncmds fields and the text and errormsg fields are mutual exclusive. So if test and actioncmds fields are filled the text and errormsg fields are not present and vice versa.

{| id="Table 1" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| Integer
|
| A unique identifier (once created must not be changed)

|-
| position
| Integer
|
| The position inside the mail filter list. Starts with 0

|-
| rulename
| String
|
| A name describing the rule, can be empty but must not contain a line break

|-
| active
| Boolean
|
| If this rule is active or not

|-
| flags
| Array
|
| A string array containing flags which are set on this rule. Each flag can only contain the following characters: 1-9 a-z A-Z. Currently 3 flags are reserved here: "spam" which marks the default spam rule, "vacation" which marks the vacation rules and "autoforward" which marks an autoforwarding rule.

|-
| test
| Object
|
| The structure of the different test objects can be found in section [[#Tests|4.1. Tests]]. The valid tests in the current setup can be found in the configuration object

|-
| actioncmds
| Array
|
| An array of action objects whose different structures can be found in section [[#Actions|4.2. Actions]]. The action commands which are valid here can be determined through the config object see Table 24

|-
| text
| String
|
| If this rule cannot be read in this string is filled containing the whole lines of this command.

|-
| errormsg
| String
|
| If this rule cannot be read in this string is filled containing a message why, or what part of the rule isn't known

|}
<center>''Table 1: Structure of a rule''</center>

= The dynamical part =
== Tests ==
In this section you will find the structures of all test commands which are specified until now. First a complete list of all test commands is given with a short description of them, afterwards a complete list of all comparison as they belong to the test section. Finally the different objects for those test commands are specified.

{| id="Table 2" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| address
| This test type applies to addresses only. So it may be used for all header fields which contain addresses. This test returns true if any combination of the header-list and values-list arguments match.

|-
| envelope
| This test applies to the envelope of a mail. This test isn't used under normal circumstances as the envelope isn't accessible in all mail setups. This test returns true if any combination of the header-list and values-list arguments match'''.'''

|-
| true
| A test for a true result (can be used if an action command should be executed every time)'''.'''

|-
| not
| Negates a given test'''.'''

|-
| size
| Deals with the size of the mail'''.'''

|-
| currentdate
| Compares a given date with the current date ('''available with 6.20''')

|-
| header
| Tests against all headers of a mail. So with this test in contrast to the address test also fields such as subject can be handled. This test returns true if any combination of the header-list and values-list arguments match.

|-
| body
| Tests against the content of a mail.

|-
| allof
| Defines an AND condition between several tests'''.'''

|-
| anyof
| Defines an OR condition between several tests'''.'''

|}
<center>''Table 2: List of all possible tests''</center>

{| id="Table 3" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Description</center>

|-
| is
| If a field is equal to a given value

|-
| contains
| If a field contains a given value at any position

|-
| matches
| Tests if the value matches the value in the specified field. Here some wild cards can be used. "*" matches zero or more characters, and "?" matches a single character. To use the characters themselves they have to be escaped via a backslash.

|-
| regex
| Tests if a given regular expression matches with the value present in the specified field.

|-
| user
| Tests if the user part of an e-mail address is the value given here. This means in [mailto:herbert+mustermann@example.com herbert+mustermann@example.com]. The user checks the part herbert.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| detail
| Tests if the detail part of an e-mail address is the value given here. In the example above this evaluates to mustermann.

'''Attention: '''This comparison can only be used in conjunction with the address test

|}
<center>''Table 3: List of all possible comparisons''</center>

{| id="Table 4" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| address
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 4: Structure of address-test''</center>

{| id="Table 5" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| envelope
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 5: Structure of envelope-test''</center>

{| id="Table 6" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| true
| A string describing the test command.

|}
<center>''Table 6: Structure of true-test''</center>

{| id="Table 7" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| not
| A string describing the test command.

|-
| test
| Object
|
| One of the test objects which result will be negated

|}
<center>''Table 7: Structure of not-test''</center>

{| id="Table 8" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| size
| A string describing the test command.

|-
| comparison
| String
|
| Only two types are valid here. A description can be found in [[#Table 9|Table 9]].

|-
| size
| Number
|
| A number specifying the size for this comparison, in bytes.

|}
<center>''Table 8: Structure of size-test''</center>

{| id="Table 9" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| over
| Used in the size test to check for a value greater than the given one

|-
| under
| Used in the size test to check for a value less than the given one

|}
<center>''Table 9: Types of comparison for size''</center>

{| id="currentdate" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| currentdate
| A string describing the test command.

|-
| comparison
| String
|
| Only three types are valid here. A description can be found in [[#Table 11|Table 11]].

|-
| datepart
| String
|
| A string containing the string "date", "weekday" or "time" ('''available with 7.6.1''') as we only allow fix date, time and weekday comparisions for now.

|-
| datevalue
| Array
|
| A value array containing the corresponding value to the datepart. For "date" and "time" this will be an array of "Date" (unix timestamp). For "weekday", it will be an array of integers ranging from 0 to 6, reflecting the equivalent weekday, starting from Sunday through Saturday, i.e. 0 - Sunday, ..., 6 - Saturday. The test will be true if any of the values matches

|}
<center>''Table 10: Structure of currentdate-test''</center>

{| id="Table 11" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| is
| Used in the date test to check for a value equal to the given one

|-
| ge
| Used in the date test to check for a value greater or equal to the given one

|-
| le
| Used in the date test to check for a value less or equal to the given one

|}
<center>''Table 11: Types of comparison for currentdate''</center>

{| id="Table 12" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| header
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]])

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the values for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 12: Structure of header-test''</center>

{| id="Table 13" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| body
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| extensionskey
| String
|
| The extension key can be one of the value found in [[#Table 12|Table 12]]

|-
| extensionsvalue
| String
|
| A value for the given key. If the key has no value (see [[#Table 12|Table 12]] for this information) the value given here is ignored

|-
| values
| Array
|
| A string array containing the values for the body. The test will be true if any of the strings matches

|}
<center>''Table 13: Structure of body-test''</center>

{| id="Table 14" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| content
| An extension used in conjunction with the body test to define the content which should be considered. This extension will need a parameter specifying the mime-type of the part of the message which will be searched.

|-
| text
| An extension used in conjunction with the body test to define that only the text of the body should be considered in this test. This extension takes no parameter

|}
<center>''Table 14: List of possible extensions''</center>

{| id="Table 15" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| allof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 15: Structure of allof-test''</center>

{| id="Table 16" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| anyof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 16: Structure of anyof-test''</center>

== Actions ==
In this section you will find the structures of all action commands which are specified until now. First a complete list of all action commands is given with a short description of them, later on the different objects for those commands are specified.

{| id="Table 17" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| keep
| Keeps a mail non changed

|-
| discard
| Discards a mail without any processing

|-
| redirect
| Redirects a mail to a given e-mail address

|-
| move
| Moves a mail into a given subfolder. The syntax for the subfolder given here. Must be the correct syntax of the underlying IMAP-server. So it is up to the GUI to detect things such as altnamespace or unixhierarchysep.

|-
| reject
| Rejects the mail with a given text

|-
| stop
| Stops any further progressing of a mail

|-
| vacation
| Creates a vacation mail

|-
| addflags
| Adds flags to a mail

|-
| notify
| adds a notification

|-
| pgp
| encrypts a mail via pgp

|}
<center>''Table 17: List of possible action commands''</center>

{| id="Table 18" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| keep
| A string defining the object itself

|}
<center>''Table 18: Structure of keep-command''</center>

{| id="Table 19" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| discard
| A string defining the object itself

|}
<center>''Table 19: Structure of discard-command''</center>

{| id="Table 20" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| redirect
| A string defining the object itself

|-
| to
| String
|
| A string containing where the mail should be redirected to

|}
<center>''Table 20: Structure of redirect-command''</center>

{| id="Table 21" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| move
| A string defining the object itself

|-
| into
| String
|
| This string takes the object id of the destination mail folder as specified in the HTTP API of the groupware

|}
<center>''Table 21: Structure of move-command''</center>

{| id="Table 22" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| reject
| A string defining the object itself

|-
| text
| String
|
| A string containing the reason why the mail is rejected

|}
<center>''Table 22: Structure of reject-command''</center>

{| id="Table 23" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| stop
| A string defining the object itself

|}
<center>''Table 23: Structure of stop-command''</center>

{| id="Table 24" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| vacation
| A string defining the object itself

|-
| days
| Integer
|
| The days for which a vacation text is returned

|-
| addresses
| Array
|
| The addresses for which this vacation is responsible. That means for which addresses out of the aliases array of the user defining this filter, vacations will be sent.

|-
| from
| String or Array
|
| Support for the ':from' tag. Specifies the value of the from header for the auto-reply mail, e.g. Foo Bear <foo.bear@ox.io> (Since 7.8.1). The array of strings should be a simple JSONArray with length 2; the first element should include the personal part of the e-mail address and the second element the actual e-mail address. If only the e-mail address is available, that should be the only element of the array.

|-
| subject
| String
|
| The new subject for the returned message (can be left empty, when only adding RE:)

|-
| text
| String
|
| The vacation text itself

|}
<center>''Table 24: Structure of vacation-command''</center>

{| id="Table 25" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| addflags
| A string defining the object itself

|-
| flags
| Array
|
| An array containing the flags which should be added to that mail. A flag can be either a system flag or a user flag. System flags begin with a backslash (\) and can be one of the following:
* \seen
* \answered
* \flagged
* \deleted
* \draft
* \recent
System flags are case-insensitive.

User flags begin with a dollar sign ($) and can contain any ASCII characters between 0x21 (!) and 0x7E (~), inclusive, except for the characters 0x22, 0x25, 0x28, 0x29, 0x2A, 0x5C, 0x5D and 0x7B, which correspond to
"%()*\]{
Mail color flags as used by OX are implemented by user flags of the form $cl_''n'', where ''n'' is a number between 1 and 10, includive.

See RFC 3501 for further details on IMAP flags and their meanings.
|}
<center>''Table 25: Structure of addflags-command''</center>

{| id="Table 26" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| notify
| A string defining the object itself

|-
| message
| String
|
| the content of the notification message

|-
| method
| String
|
| the method of the notification message, e.g. <pre>"mailto:012345678@sms.gateway"</pre>

|}
<center>''Table 26: Structure of notify-command''</center>

{| id="Table 27" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| pgp
| A string defining the object itself

|-
| keys
| Array
|
| The public keys as string which should be used for encryption

|}
<center>''Table 27: Structure of pgp-command''</center>

= Requests =
== Get the configuration of the mail filter backend ==
<tt>GET /ajax/mailfilter?action=config</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An object describing the configuration like described in [[#Table 28|Table 28]].

{| id="Table 28" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| tests
| Array
|
| An array containing test-objects like described in [[#Table 29|Table 29]]

|-
| actioncommands
| Array
|
| An array containing the valid action commands as strings. A list of all possible values can be found in [[#Table 17|Table 17]].

|}
<center>''Table 28: Config object''</center>

{| id="Table 29" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| test
| String
|
| A name for the test. A list of all possible tests can be found in [[#Table 2|Table 2]]. The corresponding objects can be used in the test field in [[#Table 1|Table 1]].

|-
| comparison
| Array
|
| A string array containing the valid comparison types for this test. Possible values are given in [[#Table 3|Table 3]]. Values given in this array can be used in the comparison field in

|}
<center>''Table 29: Test object''</center>

== Get all mail filter rules ==
<tt>GET /ajax/mailfilter?action=list</tt>

Parameters:

* <tt>flag</tt> If given, only rules with this flag are returned
* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An array of rule objects like described in [[#Table 1|Table 1]].

== Create a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=new</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]]. If the field <tt>position</tt> is included in [[#Table 1|Table 1]] it's taken as the position of the rule in the array on the server side. Note that this value shouldn't be greater than the size of all rules

Response body: An integer for the id of the new created rule.

== Delete a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=delete</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An object with the field <tt>id</tt>.

== Reorder mail filter rules ==
PUT <tt>/ajax/mailfilter?action=reorder</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An array of unique ids which represents how the rule with the corresponding unique ids are ordered

== Update a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=update</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]] with the <tt>id</tt> set (which identifies the rule to change). Only modified fields are present.

== Delete the whole script ==
PUT <tt>/ajax/mailfilter?action=deletescript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to kick a whole script if it contains errors in the grammar.

== Get the whole script ==
PUT <tt>/ajax/mailfilter?action=getscript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: A text of the complete sieve script

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to get the plaintext of a complete script.

HTTP API MailFilter

2015-10-14T11:43:10Z

Ioannis.chouklis:

<center>'''Open-Xchange Mail Filter HTTP API'''</center>

= Introduction =
This document describes only the mail filter HTTP-API. So it's only a part which must be embedded into something which counts for login/logout, session handling and low-level protocol issues such as error handling. At the moment this will be the groupware server. So the modules needed for basic operations can be found there.

= Module mailfilter =
This module is used to access all mail filter related options.

First of all the main structure of a mail filter script is, that it has different rules. Each of them contains one command. This command takes a test condition which executes the actions given in that command if the test condition is true.

The test condition consists of a test command and some arguments for this command depending on the command itself. Because the available tests depend on the mail filter server, these tests must be determined at runtime. So that no test field is transferred to the server which it isn't able to handle. Examples for tests are <tt>address</tt>, <tt>allof</tt> and <tt>anyof</tt>.

Each test has a special comparison. The list of available comparisons depends on the test given and the mail filter server configuration so they have to be determined at runtime too.

Each time you want to do some action on a mail you need a so called action command. This describes what to do with a mail. To action commands the same applies as to the test commands and their comparison types, they must be determined at runtime.

All those dynamical values can be fetched via a config object at startup. This object shows the capabilities of the server to the client. This allows the client to show only the capabilities the server actually has to the user and to send only objects to the server which produce no errors on the server side.

To deal with this high flexibility of mail filters this specification can be roughly divided into 2 parts. A non-changing core and dynamical extensions. The core specification is that each rule consists of a name, an ID, a value showing if this rule is active or not and a tag which can be set on a rule to mark that rule for a special purpose. Furthermore each rule takes a test object, specifying in what case the following actions are triggered, and one or many actioncommands, specifying the actions itself. For a detailed specification see [[#Table 1|Table 1]].

The objects for the tests and the actions are dynamical, so the set presented in this specification may be changed over the time, but only compatible changes are allowed to the objects, otherwise new test or action objects have to be introduced. Due to the fact that not every sieve implementation will offer all the capabilities written in this document, the server will sent his configuration if a special request is made. This configuration will show which of the tests and which of the actions are allowed. So for example if the server signals that it is capable of handling vacation, sending a vacation object as action is safe.

Furthermore some tests use a comparison field as stated above which specifies how the fields are compared. The values of this field must also be determined at runtime. So in the configuration object there is a special part which shows the comparisons which are available. Note that not all comparisons can be used with every test. Some of them are denoted to a special test, which can be found in the [[#Table 3|Table 3]].

= The core =
As written in the introduction the main part of a mail filter are the rules. A rule object will always have the structure you can see in the table below ([[#Table 1|Table 1]]). The dynamical parts are the test, which are represented by different options, see [[#Tests|4.1. Tests]], and the actions, also represented in [[#Actions|4.2. Actions]]. Note that the test and actioncmds fields and the text and errormsg fields are mutual exclusive. So if test and actioncmds fields are filled the text and errormsg fields are not present and vice versa.

{| id="Table 1" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| Integer
|
| A unique identifier (once created must not be changed)

|-
| position
| Integer
|
| The position inside the mail filter list. Starts with 0

|-
| rulename
| String
|
| A name describing the rule, can be empty but must not contain a line break

|-
| active
| Boolean
|
| If this rule is active or not

|-
| flags
| Array
|
| A string array containing flags which are set on this rule. Each flag can only contain the following characters: 1-9 a-z A-Z. Currently 3 flags are reserved here: "spam" which marks the default spam rule, "vacation" which marks the vacation rules and "autoforward" which marks an autoforwarding rule.

|-
| test
| Object
|
| The structure of the different test objects can be found in section [[#Tests|4.1. Tests]]. The valid tests in the current setup can be found in the configuration object

|-
| actioncmds
| Array
|
| An array of action objects whose different structures can be found in section [[#Actions|4.2. Actions]]. The action commands which are valid here can be determined through the config object see Table 24

|-
| text
| String
|
| If this rule cannot be read in this string is filled containing the whole lines of this command.

|-
| errormsg
| String
|
| If this rule cannot be read in this string is filled containing a message why, or what part of the rule isn't known

|}
<center>''Table 1: Structure of a rule''</center>

= The dynamical part =
== Tests ==
In this section you will find the structures of all test commands which are specified until now. First a complete list of all test commands is given with a short description of them, afterwards a complete list of all comparison as they belong to the test section. Finally the different objects for those test commands are specified.

{| id="Table 2" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| address
| This test type applies to addresses only. So it may be used for all header fields which contain addresses. This test returns true if any combination of the header-list and values-list arguments match.

|-
| envelope
| This test applies to the envelope of a mail. This test isn't used under normal circumstances as the envelope isn't accessible in all mail setups. This test returns true if any combination of the header-list and values-list arguments match'''.'''

|-
| true
| A test for a true result (can be used if an action command should be executed every time)'''.'''

|-
| not
| Negates a given test'''.'''

|-
| size
| Deals with the size of the mail'''.'''

|-
| currentdate
| Compares a given date with the current date ('''available with 6.20''')

|-
| header
| Tests against all headers of a mail. So with this test in contrast to the address test also fields such as subject can be handled. This test returns true if any combination of the header-list and values-list arguments match.

|-
| body
| Tests against the content of a mail.

|-
| allof
| Defines an AND condition between several tests'''.'''

|-
| anyof
| Defines an OR condition between several tests'''.'''

|}
<center>''Table 2: List of all possible tests''</center>

{| id="Table 3" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Description</center>

|-
| is
| If a field is equal to a given value

|-
| contains
| If a field contains a given value at any position

|-
| matches
| Tests if the value matches the value in the specified field. Here some wild cards can be used. "*" matches zero or more characters, and "?" matches a single character. To use the characters themselves they have to be escaped via a backslash.

|-
| regex
| Tests if a given regular expression matches with the value present in the specified field.

|-
| user
| Tests if the user part of an e-mail address is the value given here. This means in [mailto:herbert+mustermann@example.com herbert+mustermann@example.com]. The user checks the part herbert.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| detail
| Tests if the detail part of an e-mail address is the value given here. In the example above this evaluates to mustermann.

'''Attention: '''This comparison can only be used in conjunction with the address test

|}
<center>''Table 3: List of all possible comparisons''</center>

{| id="Table 4" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| address
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 4: Structure of address-test''</center>

{| id="Table 5" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| envelope
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 5: Structure of envelope-test''</center>

{| id="Table 6" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| true
| A string describing the test command.

|}
<center>''Table 6: Structure of true-test''</center>

{| id="Table 7" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| not
| A string describing the test command.

|-
| test
| Object
|
| One of the test objects which result will be negated

|}
<center>''Table 7: Structure of not-test''</center>

{| id="Table 8" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| size
| A string describing the test command.

|-
| comparison
| String
|
| Only two types are valid here. A description can be found in [[#Table 9|Table 9]].

|-
| size
| Number
|
| A number specifying the size for this comparison, in bytes.

|}
<center>''Table 8: Structure of size-test''</center>

{| id="Table 9" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| over
| Used in the size test to check for a value greater than the given one

|-
| under
| Used in the size test to check for a value less than the given one

|}
<center>''Table 9: Types of comparison for size''</center>

{| id="currentdate" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| currentdate
| A string describing the test command.

|-
| comparison
| String
|
| Only three types are valid here. A description can be found in [[#Table 11|Table 11]].

|-
| datepart
| String
|
| A string containing the string "date", "weekday" or "time" ('''available with 7.6.1''') as we only allow fix date, time and weekday comparisions for now.

|-
| datevalue
| Array
|
| A value array containing the corresponding value to the datepart. For "date" and "time" this will be an array of "Date" (unix timestamp). For "weekday", it will be an array of integers ranging from 0 to 6, reflecting the equivalent weekday, starting from Sunday through Saturday, i.e. 0 - Sunday, ..., 6 - Saturday. The test will be true if any of the values matches

|}
<center>''Table 10: Structure of currentdate-test''</center>

{| id="Table 11" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| is
| Used in the date test to check for a value equal to the given one

|-
| ge
| Used in the date test to check for a value greater or equal to the given one

|-
| le
| Used in the date test to check for a value less or equal to the given one

|}
<center>''Table 11: Types of comparison for currentdate''</center>

{| id="Table 12" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| header
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]])

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the values for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 12: Structure of header-test''</center>

{| id="Table 13" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| body
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| extensionskey
| String
|
| The extension key can be one of the value found in [[#Table 12|Table 12]]

|-
| extensionsvalue
| String
|
| A value for the given key. If the key has no value (see [[#Table 12|Table 12]] for this information) the value given here is ignored

|-
| values
| Array
|
| A string array containing the values for the body. The test will be true if any of the strings matches

|}
<center>''Table 13: Structure of body-test''</center>

{| id="Table 14" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| content
| An extension used in conjunction with the body test to define the content which should be considered. This extension will need a parameter specifying the mime-type of the part of the message which will be searched.

|-
| text
| An extension used in conjunction with the body test to define that only the text of the body should be considered in this test. This extension takes no parameter

|}
<center>''Table 14: List of possible extensions''</center>

{| id="Table 15" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| allof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 15: Structure of allof-test''</center>

{| id="Table 16" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| anyof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 16: Structure of anyof-test''</center>

== Actions ==
In this section you will find the structures of all action commands which are specified until now. First a complete list of all action commands is given with a short description of them, later on the different objects for those commands are specified.

{| id="Table 17" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| keep
| Keeps a mail non changed

|-
| discard
| Discards a mail without any processing

|-
| redirect
| Redirects a mail to a given e-mail address

|-
| move
| Moves a mail into a given subfolder. The syntax for the subfolder given here. Must be the correct syntax of the underlying IMAP-server. So it is up to the GUI to detect things such as altnamespace or unixhierarchysep.

|-
| reject
| Rejects the mail with a given text

|-
| stop
| Stops any further progressing of a mail

|-
| vacation
| Creates a vacation mail

|-
| addflags
| Adds flags to a mail

|-
| notify
| adds a notification

|-
| pgp
| encrypts a mail via pgp

|}
<center>''Table 17: List of possible action commands''</center>

{| id="Table 18" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| keep
| A string defining the object itself

|}
<center>''Table 18: Structure of keep-command''</center>

{| id="Table 19" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| discard
| A string defining the object itself

|}
<center>''Table 19: Structure of discard-command''</center>

{| id="Table 20" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| redirect
| A string defining the object itself

|-
| to
| String
|
| A string containing where the mail should be redirected to

|}
<center>''Table 20: Structure of redirect-command''</center>

{| id="Table 21" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| move
| A string defining the object itself

|-
| into
| String
|
| This string takes the object id of the destination mail folder as specified in the HTTP API of the groupware

|}
<center>''Table 21: Structure of move-command''</center>

{| id="Table 22" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| reject
| A string defining the object itself

|-
| text
| String
|
| A string containing the reason why the mail is rejected

|}
<center>''Table 22: Structure of reject-command''</center>

{| id="Table 23" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| stop
| A string defining the object itself

|}
<center>''Table 23: Structure of stop-command''</center>

{| id="Table 24" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| vacation
| A string defining the object itself

|-
| days
| Integer
|
| The days for which a vacation text is returned

|-
| addresses
| Array
|
| The addresses for which this vacation is responsible. That means for which addresses out of the aliases array of the user defining this filter, vacations will be sent.

|-
| from
| String
|
| Support for the ':from' tag. Specifies the value of the from header for the auto-reply mail, e.g. Foo Bear <foo.bear@ox.io> (Since 7.8.1)

|-
| subject
| String
|
| The new subject for the returned message (can be left empty, when only adding RE:)

|-
| text
| String
|
| The vacation text itself

|}
<center>''Table 24: Structure of vacation-command''</center>

{| id="Table 25" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| addflags
| A string defining the object itself

|-
| flags
| Array
|
| An array containing the flags which should be added to that mail. A flag can be either a system flag or a user flag. System flags begin with a backslash (\) and can be one of the following:
* \seen
* \answered
* \flagged
* \deleted
* \draft
* \recent
System flags are case-insensitive.

User flags begin with a dollar sign ($) and can contain any ASCII characters between 0x21 (!) and 0x7E (~), inclusive, except for the characters 0x22, 0x25, 0x28, 0x29, 0x2A, 0x5C, 0x5D and 0x7B, which correspond to
"%()*\]{
Mail color flags as used by OX are implemented by user flags of the form $cl_''n'', where ''n'' is a number between 1 and 10, includive.

See RFC 3501 for further details on IMAP flags and their meanings.
|}
<center>''Table 25: Structure of addflags-command''</center>

{| id="Table 26" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| notify
| A string defining the object itself

|-
| message
| String
|
| the content of the notification message

|-
| method
| String
|
| the method of the notification message, e.g. <pre>"mailto:012345678@sms.gateway"</pre>

|}
<center>''Table 26: Structure of notify-command''</center>

{| id="Table 27" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| pgp
| A string defining the object itself

|-
| keys
| Array
|
| The public keys as string which should be used for encryption

|}
<center>''Table 27: Structure of pgp-command''</center>

= Requests =
== Get the configuration of the mail filter backend ==
<tt>GET /ajax/mailfilter?action=config</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An object describing the configuration like described in [[#Table 28|Table 28]].

{| id="Table 28" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| tests
| Array
|
| An array containing test-objects like described in [[#Table 29|Table 29]]

|-
| actioncommands
| Array
|
| An array containing the valid action commands as strings. A list of all possible values can be found in [[#Table 17|Table 17]].

|}
<center>''Table 28: Config object''</center>

{| id="Table 29" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| test
| String
|
| A name for the test. A list of all possible tests can be found in [[#Table 2|Table 2]]. The corresponding objects can be used in the test field in [[#Table 1|Table 1]].

|-
| comparison
| Array
|
| A string array containing the valid comparison types for this test. Possible values are given in [[#Table 3|Table 3]]. Values given in this array can be used in the comparison field in

|}
<center>''Table 29: Test object''</center>

== Get all mail filter rules ==
<tt>GET /ajax/mailfilter?action=list</tt>

Parameters:

* <tt>flag</tt> If given, only rules with this flag are returned
* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An array of rule objects like described in [[#Table 1|Table 1]].

== Create a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=new</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]]. If the field <tt>position</tt> is included in [[#Table 1|Table 1]] it's taken as the position of the rule in the array on the server side. Note that this value shouldn't be greater than the size of all rules

Response body: An integer for the id of the new created rule.

== Delete a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=delete</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An object with the field <tt>id</tt>.

== Reorder mail filter rules ==
PUT <tt>/ajax/mailfilter?action=reorder</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An array of unique ids which represents how the rule with the corresponding unique ids are ordered

== Update a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=update</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]] with the <tt>id</tt> set (which identifies the rule to change). Only modified fields are present.

== Delete the whole script ==
PUT <tt>/ajax/mailfilter?action=deletescript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to kick a whole script if it contains errors in the grammar.

== Get the whole script ==
PUT <tt>/ajax/mailfilter?action=getscript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: A text of the complete sieve script

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to get the plaintext of a complete script.

HTTP API MailFilter

2015-10-14T11:42:44Z

Ioannis.chouklis:

<center>'''Open-Xchange Mail Filter HTTP API'''</center>

= Introduction =
This document describes only the mail filter HTTP-API. So it's only a part which must be embedded into something which counts for login/logout, session handling and low-level protocol issues such as error handling. At the moment this will be the groupware server. So the modules needed for basic operations can be found there.

= Module mailfilter =
This module is used to access all mail filter related options.

First of all the main structure of a mail filter script is, that it has different rules. Each of them contains one command. This command takes a test condition which executes the actions given in that command if the test condition is true.

The test condition consists of a test command and some arguments for this command depending on the command itself. Because the available tests depend on the mail filter server, these tests must be determined at runtime. So that no test field is transferred to the server which it isn't able to handle. Examples for tests are <tt>address</tt>, <tt>allof</tt> and <tt>anyof</tt>.

Each test has a special comparison. The list of available comparisons depends on the test given and the mail filter server configuration so they have to be determined at runtime too.

Each time you want to do some action on a mail you need a so called action command. This describes what to do with a mail. To action commands the same applies as to the test commands and their comparison types, they must be determined at runtime.

All those dynamical values can be fetched via a config object at startup. This object shows the capabilities of the server to the client. This allows the client to show only the capabilities the server actually has to the user and to send only objects to the server which produce no errors on the server side.

To deal with this high flexibility of mail filters this specification can be roughly divided into 2 parts. A non-changing core and dynamical extensions. The core specification is that each rule consists of a name, an ID, a value showing if this rule is active or not and a tag which can be set on a rule to mark that rule for a special purpose. Furthermore each rule takes a test object, specifying in what case the following actions are triggered, and one or many actioncommands, specifying the actions itself. For a detailed specification see [[#Table 1|Table 1]].

The objects for the tests and the actions are dynamical, so the set presented in this specification may be changed over the time, but only compatible changes are allowed to the objects, otherwise new test or action objects have to be introduced. Due to the fact that not every sieve implementation will offer all the capabilities written in this document, the server will sent his configuration if a special request is made. This configuration will show which of the tests and which of the actions are allowed. So for example if the server signals that it is capable of handling vacation, sending a vacation object as action is safe.

Furthermore some tests use a comparison field as stated above which specifies how the fields are compared. The values of this field must also be determined at runtime. So in the configuration object there is a special part which shows the comparisons which are available. Note that not all comparisons can be used with every test. Some of them are denoted to a special test, which can be found in the [[#Table 3|Table 3]].

= The core =
As written in the introduction the main part of a mail filter are the rules. A rule object will always have the structure you can see in the table below ([[#Table 1|Table 1]]). The dynamical parts are the test, which are represented by different options, see [[#Tests|4.1. Tests]], and the actions, also represented in [[#Actions|4.2. Actions]]. Note that the test and actioncmds fields and the text and errormsg fields are mutual exclusive. So if test and actioncmds fields are filled the text and errormsg fields are not present and vice versa.

{| id="Table 1" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| Integer
|
| A unique identifier (once created must not be changed)

|-
| position
| Integer
|
| The position inside the mail filter list. Starts with 0

|-
| rulename
| String
|
| A name describing the rule, can be empty but must not contain a line break

|-
| active
| Boolean
|
| If this rule is active or not

|-
| flags
| Array
|
| A string array containing flags which are set on this rule. Each flag can only contain the following characters: 1-9 a-z A-Z. Currently 3 flags are reserved here: "spam" which marks the default spam rule, "vacation" which marks the vacation rules and "autoforward" which marks an autoforwarding rule.

|-
| test
| Object
|
| The structure of the different test objects can be found in section [[#Tests|4.1. Tests]]. The valid tests in the current setup can be found in the configuration object

|-
| actioncmds
| Array
|
| An array of action objects whose different structures can be found in section [[#Actions|4.2. Actions]]. The action commands which are valid here can be determined through the config object see Table 24

|-
| text
| String
|
| If this rule cannot be read in this string is filled containing the whole lines of this command.

|-
| errormsg
| String
|
| If this rule cannot be read in this string is filled containing a message why, or what part of the rule isn't known

|}
<center>''Table 1: Structure of a rule''</center>

= The dynamical part =
== Tests ==
In this section you will find the structures of all test commands which are specified until now. First a complete list of all test commands is given with a short description of them, afterwards a complete list of all comparison as they belong to the test section. Finally the different objects for those test commands are specified.

{| id="Table 2" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| address
| This test type applies to addresses only. So it may be used for all header fields which contain addresses. This test returns true if any combination of the header-list and values-list arguments match.

|-
| envelope
| This test applies to the envelope of a mail. This test isn't used under normal circumstances as the envelope isn't accessible in all mail setups. This test returns true if any combination of the header-list and values-list arguments match'''.'''

|-
| true
| A test for a true result (can be used if an action command should be executed every time)'''.'''

|-
| not
| Negates a given test'''.'''

|-
| size
| Deals with the size of the mail'''.'''

|-
| currentdate
| Compares a given date with the current date ('''available with 6.20''')

|-
| header
| Tests against all headers of a mail. So with this test in contrast to the address test also fields such as subject can be handled. This test returns true if any combination of the header-list and values-list arguments match.

|-
| body
| Tests against the content of a mail.

|-
| allof
| Defines an AND condition between several tests'''.'''

|-
| anyof
| Defines an OR condition between several tests'''.'''

|}
<center>''Table 2: List of all possible tests''</center>

{| id="Table 3" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Description</center>

|-
| is
| If a field is equal to a given value

|-
| contains
| If a field contains a given value at any position

|-
| matches
| Tests if the value matches the value in the specified field. Here some wild cards can be used. "*" matches zero or more characters, and "?" matches a single character. To use the characters themselves they have to be escaped via a backslash.

|-
| regex
| Tests if a given regular expression matches with the value present in the specified field.

|-
| user
| Tests if the user part of an e-mail address is the value given here. This means in [mailto:herbert+mustermann@example.com herbert+mustermann@example.com]. The user checks the part herbert.

'''Attention: '''This comparison can only be used in conjunction with the address test

|-
| detail
| Tests if the detail part of an e-mail address is the value given here. In the example above this evaluates to mustermann.

'''Attention: '''This comparison can only be used in conjunction with the address test

|}
<center>''Table 3: List of all possible comparisons''</center>

{| id="Table 4" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| address
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 4: Structure of address-test''</center>

{| id="Table 5" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| envelope
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the value for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 5: Structure of envelope-test''</center>

{| id="Table 6" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| true
| A string describing the test command.

|}
<center>''Table 6: Structure of true-test''</center>

{| id="Table 7" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| not
| A string describing the test command.

|-
| test
| Object
|
| One of the test objects which result will be negated

|}
<center>''Table 7: Structure of not-test''</center>

{| id="Table 8" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| size
| A string describing the test command.

|-
| comparison
| String
|
| Only two types are valid here. A description can be found in [[#Table 9|Table 9]].

|-
| size
| Number
|
| A number specifying the size for this comparison, in bytes.

|}
<center>''Table 8: Structure of size-test''</center>

{| id="Table 9" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| over
| Used in the size test to check for a value greater than the given one

|-
| under
| Used in the size test to check for a value less than the given one

|}
<center>''Table 9: Types of comparison for size''</center>

{| id="currentdate" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| currentdate
| A string describing the test command.

|-
| comparison
| String
|
| Only three types are valid here. A description can be found in [[#Table 11|Table 11]].

|-
| datepart
| String
|
| A string containing the string "date", "weekday" or "time" ('''available with 7.6.1''') as we only allow fix date, time and weekday comparisions for now.

|-
| datevalue
| Array
|
| A value array containing the corresponding value to the datepart. For "date" and "time" this will be an array of "Date" (unix timestamp). For "weekday", it will be an array of integers ranging from 0 to 6, reflecting the equivalent weekday, starting from Sunday through Saturday, i.e. 0 - Sunday, ..., 6 - Saturday. The test will be true if any of the values matches

|}
<center>''Table 10: Structure of currentdate-test''</center>

{| id="Table 11" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| is
| Used in the date test to check for a value equal to the given one

|-
| ge
| Used in the date test to check for a value greater or equal to the given one

|-
| le
| Used in the date test to check for a value less or equal to the given one

|}
<center>''Table 11: Types of comparison for currentdate''</center>

{| id="Table 12" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| header
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]])

|-
| headers
| Array
|
| A string array containing the header fields

|-
| values
| Array
|
| A string array containing the values for the header fields. The test will be true if any of the strings matches

|}
<center>''Table 12: Structure of header-test''</center>

{| id="Table 13" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| body
| A string describing the test command.

|-
| comparison
| String
|
| Available types can be found in the config object. (see [[#Table 26|Table 26]]).

|-
| extensionskey
| String
|
| The extension key can be one of the value found in [[#Table 12|Table 12]]

|-
| extensionsvalue
| String
|
| A value for the given key. If the key has no value (see [[#Table 12|Table 12]] for this information) the value given here is ignored

|-
| values
| Array
|
| A string array containing the values for the body. The test will be true if any of the strings matches

|}
<center>''Table 13: Structure of body-test''</center>

{| id="Table 14" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| content
| An extension used in conjunction with the body test to define the content which should be considered. This extension will need a parameter specifying the mime-type of the part of the message which will be searched.

|-
| text
| An extension used in conjunction with the body test to define that only the text of the body should be considered in this test. This extension takes no parameter

|}
<center>''Table 14: List of possible extensions''</center>

{| id="Table 15" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| allof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 15: Structure of allof-test''</center>

{| id="Table 16" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| anyof
| A string describing the test command.

|-
| tests
| Array
|
| A array of tests

|}
<center>''Table 16: Structure of anyof-test''</center>

== Actions ==
In this section you will find the structures of all action commands which are specified until now. First a complete list of all action commands is given with a short description of them, later on the different objects for those commands are specified.

{| id="Table 17" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Description</center>

|-
| keep
| Keeps a mail non changed

|-
| discard
| Discards a mail without any processing

|-
| redirect
| Redirects a mail to a given e-mail address

|-
| move
| Moves a mail into a given subfolder. The syntax for the subfolder given here. Must be the correct syntax of the underlying IMAP-server. So it is up to the GUI to detect things such as altnamespace or unixhierarchysep.

|-
| reject
| Rejects the mail with a given text

|-
| stop
| Stops any further progressing of a mail

|-
| vacation
| Creates a vacation mail

|-
| addflags
| Adds flags to a mail

|-
| notify
| adds a notification

|-
| pgp
| encrypts a mail via pgp

|}
<center>''Table 17: List of possible action commands''</center>

{| id="Table 18" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| keep
| A string defining the object itself

|}
<center>''Table 18: Structure of keep-command''</center>

{| id="Table 19" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| discard
| A string defining the object itself

|}
<center>''Table 19: Structure of discard-command''</center>

{| id="Table 20" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| redirect
| A string defining the object itself

|-
| to
| String
|
| A string containing where the mail should be redirected to

|}
<center>''Table 20: Structure of redirect-command''</center>

{| id="Table 21" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| move
| A string defining the object itself

|-
| into
| String
|
| This string takes the object id of the destination mail folder as specified in the HTTP API of the groupware

|}
<center>''Table 21: Structure of move-command''</center>

{| id="Table 22" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| reject
| A string defining the object itself

|-
| text
| String
|
| A string containing the reason why the mail is rejected

|}
<center>''Table 22: Structure of reject-command''</center>

{| id="Table 23" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| stop
| A string defining the object itself

|}
<center>''Table 23: Structure of stop-command''</center>

{| id="Table 24" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| vacation
| A string defining the object itself

|-
| days
| Integer
|
| The days for which a vacation text is returned

|-
| addresses
| Array
|
| The addresses for which this vacation is responsible. That means for which addresses out of the aliases array of the user defining this filter, vacations will be sent.

|-
| from
| String
|
| Support for the ':from' tag. Specifies the value of the from header for the auto-reply mail, e.g. Foo Bear <foo.bear@ox.io>

|-
| subject
| String
|
| The new subject for the returned message (can be left empty, when only adding RE:)

|-
| text
| String
|
| The vacation text itself

|}
<center>''Table 24: Structure of vacation-command''</center>

{| id="Table 25" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| addflags
| A string defining the object itself

|-
| flags
| Array
|
| An array containing the flags which should be added to that mail. A flag can be either a system flag or a user flag. System flags begin with a backslash (\) and can be one of the following:
* \seen
* \answered
* \flagged
* \deleted
* \draft
* \recent
System flags are case-insensitive.

User flags begin with a dollar sign ($) and can contain any ASCII characters between 0x21 (!) and 0x7E (~), inclusive, except for the characters 0x22, 0x25, 0x28, 0x29, 0x2A, 0x5C, 0x5D and 0x7B, which correspond to
"%()*\]{
Mail color flags as used by OX are implemented by user flags of the form $cl_''n'', where ''n'' is a number between 1 and 10, includive.

See RFC 3501 for further details on IMAP flags and their meanings.
|}
<center>''Table 25: Structure of addflags-command''</center>

{| id="Table 26" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| notify
| A string defining the object itself

|-
| message
| String
|
| the content of the notification message

|-
| method
| String
|
| the method of the notification message, e.g. <pre>"mailto:012345678@sms.gateway"</pre>

|}
<center>''Table 26: Structure of notify-command''</center>

{| id="Table 27" cellspacing="0" border="1" class="prettytable" width="100%"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| id
| String
| pgp
| A string defining the object itself

|-
| keys
| Array
|
| The public keys as string which should be used for encryption

|}
<center>''Table 27: Structure of pgp-command''</center>

= Requests =
== Get the configuration of the mail filter backend ==
<tt>GET /ajax/mailfilter?action=config</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An object describing the configuration like described in [[#Table 28|Table 28]].

{| id="Table 28" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| tests
| Array
|
| An array containing test-objects like described in [[#Table 29|Table 29]]

|-
| actioncommands
| Array
|
| An array containing the valid action commands as strings. A list of all possible values can be found in [[#Table 17|Table 17]].

|}
<center>''Table 28: Config object''</center>

{| id="Table 29" cellspacing="0" border="1" class="prettytable"
! <center>Name</center>
! <center>Type</center>
! <center>Value</center>
! <center>Description</center>

|-
| test
| String
|
| A name for the test. A list of all possible tests can be found in [[#Table 2|Table 2]]. The corresponding objects can be used in the test field in [[#Table 1|Table 1]].

|-
| comparison
| Array
|
| A string array containing the valid comparison types for this test. Possible values are given in [[#Table 3|Table 3]]. Values given in this array can be used in the comparison field in

|}
<center>''Table 29: Test object''</center>

== Get all mail filter rules ==
<tt>GET /ajax/mailfilter?action=list</tt>

Parameters:

* <tt>flag</tt> If given, only rules with this flag are returned
* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: An array of rule objects like described in [[#Table 1|Table 1]].

== Create a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=new</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]]. If the field <tt>position</tt> is included in [[#Table 1|Table 1]] it's taken as the position of the rule in the array on the server side. Note that this value shouldn't be greater than the size of all rules

Response body: An integer for the id of the new created rule.

== Delete a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=delete</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An object with the field <tt>id</tt>.

== Reorder mail filter rules ==
PUT <tt>/ajax/mailfilter?action=reorder</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: An array of unique ids which represents how the rule with the corresponding unique ids are ordered

== Update a mail filter rule ==
PUT <tt>/ajax/mailfilter?action=update</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Request body: Rule object as described in [[#Table 1|Table 1]] with the <tt>id</tt> set (which identifies the rule to change). Only modified fields are present.

== Delete the whole script ==
PUT <tt>/ajax/mailfilter?action=deletescript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to kick a whole script if it contains errors in the grammar.

== Get the whole script ==
PUT <tt>/ajax/mailfilter?action=getscript</tt>

Parameters:

* <tt>username</tt> This parameter must contain the user name for admin mode. So the normal credentials are taken for authentication but the mail filter of the user with this username is being changed

Response body: A text of the complete sieve script

Note that this call is only used as workaround for parsing errors in the backend, so that the user is able to get the plaintext of a complete script.

AppSuite:OX Logging

2015-09-10T07:18:31Z

Ioannis.chouklis: /* MDC properties explanation */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2015-09-10T07:17:13Z

Ioannis.chouklis: /* MDC properties explanation */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address (depends on the configuration described [http://oxpedia.org/wiki/index.php?title=AppSuite:Grizzly#X-FORWARDED-FOR_Header here])
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address.
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2015-09-08T09:36:04Z

Ioannis.chouklis: /* MDC properties explanation */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId=1618
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=1.2.3.4
</pre>
The client's IP address
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=10.0.0.1
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address.
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=35387551837281237793.koxg4l7scaj0qgxpmh1d
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0001337
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=oxdude
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=oxdude
</pre>
The user name
<pre>
com.openexchange.database.schema=oxdatabase_7
</pre>
The database schema

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2015-09-08T09:33:17Z

Ioannis.chouklis:

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

== MDC properties explanation ==

<pre>
__threadId
</pre>
The thread identifier
<pre>
com.openexchange.ajax.action=autologin
</pre>
The AJAX action
<pre>
com.openexchange.ajax.module=login
</pre>
The AJAX module for the AJAX action
<pre>
com.openexchange.grizzly.queryString=action=autologin&client=open-xchange-appsuite&rampup=true&rampupFor=open-xchange-appsuite&version=7.6.2-22
</pre>
The complete query string that is contained in the request URL after the path
<pre>
com.openexchange.grizzly.method"
</pre>
The HTTP method
<pre>
com.openexchange.grizzly.remoteAddress=217.7.151.106
</pre>
The client's IP address
<pre>
com.openexchange.grizzly.remotePort=65127
</pre>
The client's port
<pre>
com.openexchange.grizzly.requestURI=/ajax/login
</pre>
The request URI without any parameters
<pre>
com.openexchange.grizzly.serverName=80.12.215.80
</pre>
The host name of the server to which the request was sent. It is the value of the part before ":" in the 'Host' header value, if any, or the resolved server name, or the server IP address.
<pre>
com.openexchange.grizzly.servletPath=/ajax/login
</pre>
The part of this request's URL that calls the servlet. This path starts with a "/" character and includes either the servlet name or a path to the servlet, but does not include any extra path information or a query string.
<pre>
com.openexchange.grizzly.session=6769740252278062781.dvme11oxm01noi
</pre>
The sticky session identifier from Apache to the OX backend
<pre>
com.openexchange.grizzly.threadName=OXWorker-0000113
</pre>
The middleware's thread name
<pre>
com.openexchange.grizzly.userAgent=Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:40.0) Gecko/20100101 Firefox/40.0
</pre>
The content of the 'User-Agent' header.
<pre>
com.openexchange.request.trackingId=983767a5c98646a988247b0ef83d6bb3
</pre>
The tracking identifier of the request
<pre>
com.openexchange.session.authId=342dfecaf0f5425f9b70b13115835e9a
</pre>
The authentication identifier of the session
<pre>
com.openexchange.session.clientId=open-xchange-appsuite
</pre>
The client identifier
<pre>
com.openexchange.session.contextId=27
</pre>
The context identifier
<pre>
com.openexchange.session.loginName=MELOFR-200-+l2ELXpWB9MaJyc/U5oqeW4ilJh29dz4UroPL4Gcngs=
</pre>
The login name
<pre>
com.openexchange.session.sessionId=faf5223338ea4371aacbbb9745a934a1
</pre>
The session identifier
<pre>
com.openexchange.session.userId=2
</pre>
The user identifier
<pre>
com.openexchange.session.userName=
</pre>
The user name
<pre>
com.openexchange.database.schema
</pre>
The database schema

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2015-09-01T14:10:56Z

Ioannis.chouklis: /* Examples of a few category log entries */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

<pre>2015-09-01T16:07:07,803+0200 WARN [OXTimer-0000007] com.openexchange.push.impl.balancing.reschedulerpolicy.PermanentListenerRescheduler.reschedule(PermanentListenerRescheduler.java:332)
Failed to distribute permanent listeners among cluster nodes
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-6</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2015-09-01T14:09:45Z

Ioannis.chouklis: /* Examples of a few category log entries */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>2015-09-01T16:06:39,489+0200 WARN [Start Level: Equinox Container: c0c886a6-b250-0015-13ab-e76fa445f503] com.openexchange.database.internal.ReplicationMonitor.checkFallback(ReplicationMonitor.java:126)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-1</pre>

<pre>2015-09-01T16:06:40,017+0200 ERROR [Thread-12] com.openexchange.database.migration.internal.DBMigrationExecutor.run(DBMigrationExecutor.java:152)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-4</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.

AppSuite:OX Logging

2015-09-01T14:08:52Z

Ioannis.chouklis: /* Examples of a few category log entries */

[[Category: Server]]
[[Category: AppSuite]]
[[Category: OX6]]
[[Category: Admin]]
[[Category: Developer]]
{{VersionFrom|7.4.2}}
<div class="title">Server-side Logging</div>

With OX App Suite 7.4.2 the groupware server introduces [http://logback.qos.ch LOGBack] as logging implementation. Formerly [http://logging.apache.org/log4j/1.2 log4j 1.2] or java.util.logging have been used for logging. As of now the package 'open-xchange-log4j' has become obsolete and LOGBack is entirely contained in 'open-xchange-core'. No additional packages are needed even for syslog-based logging or sophisticated logging configurations anymore. Log4j and java.util.logging have been completely replaced by LOGBack.

__TOC__

= For Operators =
== Configuration ==
LOGBacks configuration is defined in /opt/open-xchange/etc/logback.xml. We ship the file pre-configured for new installations and set some useful defaults. Without any changes, the groupware writes log files to /var/log/open-xchange. See chapter [[#Backward Compatibility]] for detailed information on product upgrades from older versions. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details on configuring LOGBack.

== Backward Compatibility ==
=== Configuration Migration ===
In most cases no further work should be necessary after upgrading to OX App Suite 7.4.2. Based on your existing logging configuration (/opt/open-xchange/etc/file-logging.properties or /opt/open-xchange/etc/log4j.xml) we automatically migrate custom configured logger levels via package post installation scripts to the new logback configuration.

We also configure file-based logging or syslog-based logging in accordance with the default configuration of the formerly used logging implementation. That means depending whether open-xchange-log4j was installed or not, the package post installation scripts modify the default logback configuration to send logs to a remote syslog daemon. You don't have to change anything if
* you use plain file logging and did not modify the 'handler'-section in file-logging.properties.
* you use syslog-based logging via log4j and did not change the configured 'SERVER_LOG' appender.

''Please note:'' If you customized handlers or appenders you have to port your changes manually to /opt/open-xchange/etc/logback.xml. See [http://logback.qos.ch/manual/index.html LOGBack manual] for details.

=== Log File Format ===
We keep the former default layout for log events on product upgrades. So nothing should break if you wrote your own log file parser.

''Please note:'' We also ship a pre-configured new log file layout. You are strongly encouraged to use this one for file-based logging, as it provides more information and is better structured than the old one.
To enable it, change the appender reference of appender ASYNC to FILE instead of FILE_COMPAT in /opt/open-xchange/etc/logback.xml.

Before:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE_COMPAT" />
</appender>
</pre>

After:
<pre>
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
...
<appender-ref ref="FILE" />
</appender>
</pre>

== New Features ==
=== Config-based Asynchronous Logging ===
Publishing log events to files, syslogd or the like is performed asynchronously. Therefore the root loggers appender is set to 'ASYNC', which is configured as follows:

<pre>
<configuration>
...
<appender name="ASYNC" class="ch.qos.logback.classic.AsyncAppender">
<queueSize>2048</queueSize>
<discardingThreshold>0</discardingThreshold>
<includeCallerData>true</includeCallerData>
<appender-ref ref="FILE" />
</appender>
...
</configuration>
</pre>

The most important property is "appender-ref". It denotes the name of the appender, that finally writes log events out in some way. A detailed description of the other parameters can be found here: [http://logback.qos.ch/manual/appenders.html#AsyncAppender].

If you introduce your own log appender, only change the above mentioned 'appender-ref' property. Don't remove or deactivate the configuration for asynchronous logging! It might decrease the applications performance significantly.

=== Suppression Of Stacktraces ===
It is possible to suppress Java stacktraces in log messages for configured categories. Those categories are part of OX App Suites internal error and exception handling. Suppression can be configured in server.properties by adjusting the value for 'com.openexchange.log.suppressedCategories'. See below excerpt of /opt/open-xchange/etc/server.properties:

<pre>
...
# Specify the OXException categories (comma separated) to be suppressed when logging.
# The Exception itself will still be logged as configured, but the StackTraces are omitted.
# Valid categories are ERROR, TRY_AGAIN, USER_INPUT, PERMISSION_DENIED, CONFIGURATION, CONNECTIVITY, SERVICE_DOWN, TRUNCATED, CONFLICT, CAPACITY, WARNING
# Default is USER_INPUT.
com.openexchange.log.suppressedCategories=USER_INPUT
...
</pre>

=== Tracing Of Sessions, Users and Contexts ===
It is possible to enable extended logging for defined scopes like sessions, users or contexts at a whole. This means that every log event which belongs to a configured scope will be logged despite of it's level, if it's logger belongs to a configured whitelist. The whitelist is configured in logback.xml:

<pre>
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
</pre>

The whitelists purpose is to avoid flooding your log files with unwanted tracing events from e.g. 3rd party libraries. The "value"-attribute can be adjusted. It may contain a comma-separated list of loggers. It's hierarchical. That means 'com.openexchange' also allows all child-loggers.

Example:
Imagine logback is configured to log on level 'INFO' and additionally the logger 'com.openexchange.example.SomeLogger' is only allowed to log warnings and errors. The whitelist is configured as shown above.

<pre>
<configuration>
...
<property scope="context" name="com.openexchange.logging.filter.loggerWhitelist" value="com.openexchange" />
...
<root level="INFO">
<appender-ref ref="ASYNC" />
</root>
<logger name="com.openexchange.example.SomeLogger" level="WARN"/>
...
</configuration>
</pre>

If tracing is activated for user '5' in context '1', events belonging to this user are written out, even if they deceed the configured thresholds. I.e. you can find log entries with level 'DEBUG' from logger 'com.openexchange.example.SomeLogger' that belong to the traced user.

<pre>
2013-12-09 15:29:31,641 DEBUG [OXWorker-0000001] com.openexchange.example.SomeLogger
Some very useful debug message.
com.openexchange.session.sessionId=711c651fa4c94dc0894c733c92bc77d4
com.openexchange.session.contextId=1
com.openexchange.session.userId=5
com.openexchange.session.userName=oxuser
...
</pre>

The decision whether to log such an event is based on the whitelist and the context information that every log event carries along. These information is structured as key-value-pairs and always printed below the log events message. Afterwards it's easy to find the tracing events in the log file. You just have to search for 'com.openexchange.session.contextId=1' and 'com.openexchange.session.userId=5'. If you trace a specific session, according events can be found with looking for 'com.openexchange.session.sessionId=session_id_to_trace'.

=== New Log Event Layout ===
We ship a new default layout for log events that
* contains a more precise timestamp
* carries the name of the current thread
* is easier to parse

Example:
<pre>
2013-12-11 12:41:35,660 INFO [LoginPerformer-0000003] com.openexchange.caching.internal.JCSCache
Cache 'UserPermissionBits' is operating in distributed mode
com.openexchange.ajax.action=login
com.openexchange.ajax.requestNumber=5
...
</pre>

''Please note:'' The new layout applys only for fresh installations. On upgrades you have to enable it manually. See [[#Log File Format]] for details.

=== Remote logging to logstash ===
{{VersionFrom|7.6.2}}
In 7.6.2 we introduced a new feature that allows the OX server to log directly to a logstash[http://logstash.net/|] server.

To enable that feature you will need (besides the logstash server) to add/enable the OX logstash appender in the logback.xml file:
<pre>
<property scope="context" name="com.openexchange.logback.extensions.logstash.enabled" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.alwaysPersistEvents" value="true" />
<property scope="context" name="com.openexchange.logback.extensions.logstash.loadFactor" value="0.67" />
<appender name="LOGSTASH" class="com.openexchange.logback.extensions.logstash.LogstashSocketAppender">
<remoteHost>localhost</remoteHost>
<port>31337</port>
<reconnectionDelay>10000</reconnectionDelay>
<eventDelayLimit>30000</eventDelayLimit>
<encoder class="com.openexchange.logback.extensions.logstash.LogstashEncoder"/>
<queueSize>2048</queueSize>
</appender>
</pre>

The three properties defined at the beginning of the XML snippet have the following use:

* com.openexchange.logback.extensions.logstash.enabled - This flag is used to enable the JMX metrics for the event queue size in the appender
* com.openexchange.logback.extensions.logstash.alwaysPersistEvents - If set to true, then log events that are in queue and can not be send to the logstash server (for what ever reason) are persisted to open-xchange-console.log as JSON formated logstash events.
* com.openexchange.logback.extensions.logstash.loadFactor - The load factor of the queue before flushing it.

The logstash appender has to then be referenced to the root logger:
<pre>
<root level="INFO">
<appender-ref ref="LOGSTASH" />
</root>
</pre>

Of course the logstash server should also be appropriately configured. You can add the following lines in your input configuration:
# For LogX
tcp {
port => 31337
type => "LogX"
codec => line {
charset => "UTF-8"
format => "string"
}
}

And the following filter to your filter configuration (note that you will have to adjust your timezone):
if [type] == "LogX" {
json {
source => "message"
}
date {
match => ["timestamp", "ISO8601"]
timezone => "Europe/Berlin"
remove_field => ["timestamp"]
}
}

== logconf CLT ==
The above mentioned features can be managed via the logconf command line tool (/opt/open-xchange/sbin/logconf). It creates log filters for sessions, context and (user/context) tuples, suppresses stacktraces for defined exception categories and dynamically changes log levels of specified loggers. It is also possible to create a filter for a user or a context or a session and set the level of the desired loggers independently.

=== Syntax ===
<code>
logconf [-a | -d] [-c <contextid> [-u <userid>] | -s <sessionid>] [-l <logger_name_1>=<logger_level_x> ...] [-U <JMX-User> -P <JMX-Password> [-p <JMX-Port>]]
</code>

<code>
logconf -oec <category_1>,...
</code>

<code>
logconf [-cf] | [-lf] | [-ll [<logger_1> ...] | [dynamic]] | [-le] | [-h]
</code>

=== Parameters ===

{| border="1"
|-
| -h,--help
| Prints usage of the command line tool
|-
| -a,--add
| Flag to add the filter
|-
| -d,--delete
| Flag to delete the filter
|-
| -c,--context <contextid>
| The context id for which to create the log filter
|-
| -cf,--clear-filters
| Clear all logging filters
|-
| -u,--user <userid>
| The user id for which to create the log filter
|-
| -s,--session <sessionid>
| The session id for which to create the log filter
|-
| -l,--level <logger_1>=<loglevel_x> ... <logger_n>=<loglevel_y>
| Define the log level for the specified loggers
|-
| -le, --list-exception-category
| Get a list with all supressed exception categories
|-
| -lf, --list-filters
| Get a list with all logging filters of the system
|-
| -ll, --list-loggers
| Get a list with all loggers of the system.

Can optionally have a list with loggers as arguments, i.e. -ll <logger1> <logger2>
OR the keyword 'dynamic' that instructs the command line tool to fetch all dynamically modified loggers. Any other keyword is then ignored, and a full list will be retrieved.
|-
| -oec, --override-exception-categories <category name>,...
| Override the exception categories to be suppressed, comma separated
|}
Follow switches are valid if JMX authentication is enabled
{| border="1"
|-
| -U, --JMX-User <username>
| JMX username
|-
| -P, --JMX-Password <password>
| JMX password
|-
| -p, --JMX-Port <port>
| JMX port
|-
|}

The flags -a and -d are mutually exclusive.
Valid log levels: {OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}
Valid categories: {ERROR, USER_INPUT, CONFIGURATION, PERMISSION_DENIED, TRY_AGAIN, CONNECTIVITY, SERVICE_DOWN,
TRUNCATED, CONFLICT, CAPACITY, WARNING}

=== Categories vs. Log Levels ===

The OX server defines different categories to the OX exceptions that are thrown during the operation. Those categories should not be confused with the logging levels <code>{OFF, ERROR, WARN, INFO, DEBUG, TRACE, ALL}</code> of the logback framework which are described [http://logback.qos.ch/manual/architecture.html#effectiveLevel here].

The following list briefly describes each OX exception category.

* '''<code>CAPACITY</code>''': The category for a 3rd party system when reporting capacity restrictions, e.g. quota
* '''<code>CONFIGURATION</code>''': The category for a configuration issue (e.g. missing required property)
* '''<code>CONFLICT</code>''': The category for conflicting data
* '''<code>CONNECTIVITY</code>''': The category for a connectivity issue, e.g. broken/lost TCP connection
* '''<code>ERROR</code>''': The category for an error
* '''<code>PERMISSION_DENIED</code>''': The category for a permission-denied issue
* '''<code>SERVICE_DOWN</code>''': The category for a missing service or system, e.g. database
* '''<code>TRUNCATED</code>''': The category for truncated data
* '''<code>TRY_AGAIN</code>''': The category for a try-again issue
* '''<code>USER_INPUT</code>''': The category for an invalid user input
* '''<code>WARNING</code>''': The category for a warning displayed to the user

==== Examples of a few category log entries ====
Stack-traces are omitted for clarity's sake.

'''<code>USER_INPUT</code>'''

<pre>2015-09-01T15:35:33,582+0200 ERROR [OXWorker-0000006] com.openexchange.exception.OXException: MSG-1013 Categories=USER_INPUT Message='Message could not be sent to the following recipients: [invalid@non-existing.tld] (550 - 550 5.1.1 <invalid@non-existing.tld>: Recipient address rejected: User unknown in virtual mailbox table)' exceptionID=-1316379722-11
</pre>

'''<code>TRY_AGAIN</code>'''

<pre>2015-09-01T15:58:59,009+0200 ERROR [RMI TCP Connection(4)-127.0.0.1] com.openexchange.consistency.Consistency.erroroutput(Consistency.java:551)
com.openexchange.exception.OXException: SRV-0001 Categories=TRY_AGAIN Message='The required service com.openexchange.database.DatabaseService is temporary not available. Please try again later.' exceptionID=251360648-2
</pre>

'''<code>SERVICE_DOWN</code>'''

<pre>�2015-09-01T16:06:39,489+0200� WARN [Start Level: Equinox Container: c0c886a6-b250-0015-13ab-e76fa445f503]� com.openexchange.database.internal.ReplicationMonitor.checkFallback(ReplicationMonitor.java:126)
com.openexchange.exception.OXException: DBP-0001 Categories=SERVICE_DOWN Message='Cannot get connection to config DB.' exceptionID=-1771518749-1</pre>

=== Command output ===

INFO/ERROR/WARNING: [msg1, msg2, ... msgn]

Operation [operation name] with parameters: {...} succeeded.

=== Examples ===
Create a user/context filter for user 1618, context 314 and loggers c.o.mail and c.o.appsuite with levels TRACE and DEBUG respectively

<code># logconf -u 1618 -c 314 -a -l com.openexchange.appsuite=DEBUG com.openexchange.mail=TRACE</code>

<code>
INFO: [Created new filter for user with ID "1618", in context with ID "314" and policy "ACCEPT", Added logger "com.openexchange.mail" with level "TRACE", Added logger "com.openexchange.appsuite" with level "DEBUG"]
</code>

Remove a logger from a user/context filter with user 1618 and context 314

<code># logconf -u 1618 -c 314 -d -l com.openexchange.appsuite</code>

<code>
INFO: [Removed logger "com.openexchange.appsuite" from user filter for user with ID "1618", context with ID "314" and policy "ACCEPT"]
</code>

Change the log level for the com.openexchange.appsuite logger

<code># logconf -l com.openexchange.appsuite=DEBUG com.openexchange.usm=DEBUG</code>

<code>
INFO: [Setting log level for "com.openexchange.appsuite" to "DEBUG", Setting log level for "com.openexchange.usm" to "DEBUG"]
</code>

Suppress category CONFIGURATION and CONNECTIVITY

<code># logconf -oec CONFIGURATION CONNECTIVITY</code>

<code>
INFO: [Setting suppressed Exception Categories to CONFIGURATION,CONNECTIVITY]
</code>

= For Developers =
== Instantiate Loggers ==
<pre>
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Clazz {

private static final Logger LOG = LoggerFactory.getLogger(Clazz.class);

...

}
</pre>

Using Apache Commons Logging as logging facade is depracted as of OX App Suite 7.4.2. Formerly we used own wrapper classes to enable extended logging features. With the current logging implementation this is not necessary anymore. Obtaining loggers via

<pre>
com.openexchange.log.Log.loggerFor(Clazz.class); or
com.openexchange.log.LogFactory.getLog(Clazz.class); or
com.openexchange.log.Log.valueOf(LogFactory.getLog(Clazz.class));
</pre>

still works for backward compatibility, but should not be used for new classes. Existing classes should be ported to SLF4J, when touched during refactorings, bugfixes etc.

Of course it is also required to fix the corresponding bundles <tt>META-INF/MANIFEST.MF</tt> file.

'''Remove'''

com.openexchange.log
org.apache.commons.logging

'''Add'''

org.slf4j

== Logging Statements ==
With SLF4J you should avoid code like this:
<pre>
if (LOG.isDebugEnabled()) {
LOG.debug("Some debug message for user " + userId + " in context " + contextId + ".");
}
</pre>

Instead relinquish the if-statement completely and make use of SLF4Js printf()-like syntax for log statements:
<pre>
LOG.debug("Some debug message for user {} in context {}.", userId, contextId);
</pre>

Please read [http://www.slf4j.org/faq.html#logging_performance What is the fastest way of (not) logging?] for details.