Configuring Decision Center with a configuration file

New in 8.10.5 Decision Center can configure itself by using properties that you define in a file. This approach is a convenient way to initialize Decision Center, configure its database, define servers and Lightweight Directory Access Protocol (LDAP) configurations, and set other configuration properties.

Note: You can override any of these properties by using an environment variable or a Java property.

The first step is to enable this feature. You can do so by defining a Java or an environment property:

com.ibm.rules.decisioncenter.setup.enable = true

Then, you must define the path to the file that contains the configuration properties:

com.ibm.rules.decisioncenter.setup.configuration-file

The following example shows the full declaration:

com.ibm.rules.decisioncenter.setup.enable = true
com.ibm.rules.decisioncenter.setup.configuration-file = ./conf/decisioncenter-configuration.properties

Configuring the database

The following properties are used to generate a database schema.

The JNDI name of the data source is jdbc/ilogDataSource by default:

com.ibm.rules.decisioncenter.setup.datasource = jdbc/ilogDataSource

The path to the extension model is used by Decision Center to build the database schema. If you don’t have a model extension, don't set this property to keep the default value. Otherwise, provide a full or relative path of your .brmx file, for example:

com.ibm.rules.decisioncenter.setup.extension-model = /ilog/rules/teamserver/model/defaultExtension.brmx

The path to the extension data is used by Decision Center to populate the extension model. If you don’t have a model extension, don't set this property to keep the default value. Otherwise, provide a full or relative path of your .brdx file, for example:

com.ibm.rules.decisioncenter.setup.extension-data = /ilog/rules/teamserver/model/defaultExtension.brdx

The persistence locale is used to persist business artifacts. If you plan to create business artifacts in US English, keep the default value en_US:

com.ibm.rules.decisioncenter.setup.locale = en_US

Configuring LDAP

In this section, you configure Decision Center to connect to an LDAP directory to manage groups and users. Authorization is fully handled by Decision Center, and you do not have to repackage or restart the server every time you need a new group to control access to your projects.

After you set up the connection, you must set up Decision Center to see your LDAP directory to get groups and users. To do so, you need to set the following property:

com.ibm.rules.decisioncenter.setup.ldap-configurations

This property defines the path to the XML file that defines the LDAP configurations, for example:

com.ibm.rules.decisioncenter.setup.ldap-configurations = ./conf/ldap-configurations.xml

The following example shows such a file:

<dc-usermanagement>
<ldapConnections>
<ldapConnection name="Local Directory">
<ldapUrl>ldap://localhost:10389</ldapUrl>
<searchConnectionDN>uid=admin,ou=system</searchConnectionDN>
<searchConnectionPassword>secret</searchConnectionPassword>
<groupSearchBase>ou=Groups,dc=example,dc=com</groupSearchBase>
<groupSearchFilter>(cn=*)</groupSearchFilter>
<groupNameAttribute>cn</groupNameAttribute>
<groupMemberAttribute>member</groupMemberAttribute>
<userIdAttribute>uid</userIdAttribute>
<userNameAttribute>sn</userNameAttribute>
<userMailAttribute>mail</userMailAttribute>
</ldapConnection>
</ldapConnections>
</dc-usermanagement>

For information, see Managing users and groups from the Business console.

When you work with an LDAP directory, Decision Center provides three modes to import groups and users. The mode is set with the following property:

com.ibm.rules.decisioncenter.ldap.sync.users-and-groups

Possible values for this property:

Value	Description
`none`	In the Business console, you can manually import groups and users in Decision Center with no restriction on how you organize the users in the groups. In this mode, the organization of groups in Decision Center does not reflect the groups in the LDAP directory.
`all`	Groups and users are automatically imported. In this mode, the organization of groups exactly reflects the groups in the LDAP directory.
`users`	Groups are imported manually, and users for these groups are automatically imported. This mode is the most flexible because it gives you more granularity for setting up the LDAP groups.

In modes all and users, Decision Center periodically imports users. The frequency can be configured in the following property:

com.ibm.rules.decisioncenter.ldap.sync.refresh.period

This property defines the refresh rate of the LDAP repository in milliseconds. When you update an LDAP directory, you must wait for the next refresh to see the changes in Decision Center. However, you can manually do the import in either the Business console or a dedicated REST API.

To manage groups and users in the Business console, a user needs to connect with the role rtsAdministrator. You have two options:

Create an rtsAdministrator group in your LDAP directory. Users in this group have rtsAdministrator access.
Create a super user in your application server and connect to the Business console to grant some LDAP users rtsAdministrator access. The advantage of this option is that you do not need to ask an IT developer to change the LDAP of your organization to add an rtsAdministrator group.

Configuring groups

You can configure the list of groups that are available in Decision Center by using the groups property. This property value uses a comma-separated list of groups, for example:

groups=rtsUser,rtsAdministrator,rtsDeployersStaging,rtsDeployersRun

Configuring the server

In this section, you configure the servers that can be used to connect to Rule Execution Server to deploy a RuleApp, or run test suites or simulations.

You must set the property:

com.ibm.rules.decisioncenter.setup.server-configurations = ./conf/server-configurations.json

This property defines the path to the JSON file that defines the server configurations, for example:

com.ibm.rules.decisioncenter.setup.server-configurations = ./conf/server-configurations.json

This JSON file must contain an array of JSON objects. Each JSON object defines a server by using the following fields:

Field	Description
`name`	The name of the server as it is displayed in the Business console interface.
`kind`	Indicate the server type: `RES`: RuleApp deployment `DECISION_RUNNER`: test suite and simulation executions
`authenticationKind`	Indicate authentication type: `BASIC_AUTH`: basic username and password authentication (default) `OAUTH`: OpenID authentication
`authenticationProvider`	If the `authenticationKind` is `OAUTH`, this property defines the name of the OIDC provider. This name must match one of the OIDC providers that are uploaded to the Business Console (see Configuring for OpenID Connect).
`url`	The URL of the server.
`loginServer`	The username for logging in to this server.
`loginPassword`	The password for logging in to this server.
`description`	A describing the server.
`groups`	The list of groups.

The following example shows the fields in a JSON file:

[
{
"name": "Test and Simulation Execution (BASIC)",
"kind": "DECISION_RUNNER",
"authenticationKind": "BASIC_AUTH",
"url": "http://localhost:8080/DecisionRunner",
"loginServer": "odmAdmin",
"loginPassword": "odmAdmin",
"description": "Use this server to run tests and simulationsfor decision services.",
"groups": ["*"]},
{"name": "Decision Service Execution (OIDC)",
"kind": "RES",
"authenticationKind": "OAUTH",
"authenticationProvider": "frlab",
"url": "http://localhost:8080/res",
"loginServer": "odmAdmin",
"loginPassword": "odmAdmin",
"description": "Use this server to deploy decision services that you want to execute.",
"groups": ["*"]
}
}

Defining Decision Center properties

p>You can also define any Decision Center property, or setting, in the configuration file. A setting is a configuration property that is saved in the Decision Center database.

Define a property

To define a property, you must prefix the property name with property. For example, to define the property decisioncenter.web.dt.rowOrderingMode, you might put in the configuration file the following line:

property.decisioncenter.web.dt.rowOrderingMode=Manual

This example defines the setting decisioncenter.web.dt.rowOrderingMode with the value Manual.

Set System (Java) properties

You can also set System (Java) properties in a similar way, by prefixing the property name with system. The following example sets the build severity level:

system.teamserver.build.severityLevel=info;

The system property teamserver.build.severity is set to the value info.

Replace user-defined values

The deployment configuration file initializes the settings in the Decision Center database if they are not already set. However, if the settings are already set, use the following property to make the automatic setup apply the settings in the configuration file:

teamserver.setup.overrideAvailableProps=true;