Server
This manual lists all the configurations that the S-Filer Portal's Configuration CLI can change about the Server.
| Configuration key | Description | Default value |
|---|---|---|
| cfg. (Since 4.20.0) | Maximum number of asynchronous tasks that will be reserved at any given time for each task runner (there is one runner for each concurrent task that can be executed). | 100 |
| cfg. (Since 4.12.0) | Number of asynchronous tasks that can be executed concurrently. | 10 |
| cfg. (Since 4.12.0) | Frequency (in seconds) at which the server verifies if there are pending asynchronous tasks that can be executed. | 300 |
| cfg. (Since 2.1.0) | Includes in the report the action done by S-Filer's extensions | true |
| cfg. (Since 3.0.3) | This is the time in second that a logged user can spend without interacting with the system. This value is for S-Filer Server. This value is use for any Sfiler Server client, Gateway, command line interface etc... When this time is reach, the user will have to log again in the System to be able to use it. | 1800 |
| cfg. (Since 4.13.0) | Delay in days between the notification and the actual certificate expiration. Set to -1 to indicate that no notification should be sent. (Default: -1) | -1 |
| cfg. (Since 4.14.0) | If you enable this property, S-Filer Portal Server will set values in the html header's metadata for X-Frame-Options and Content-Security-Policy | true |
| cfg. (Since 3.0.3) | Specifies the issuer of the cryptographic service. | S-Filer |
| cfg. (Since 4.17.0) | Defines the validity period for MFA long-lived tokens in hours. | 168 |
| cfg. (Since 3.0.3) | Specifies the validity period for cryptographic service tokens in seconds. | 86400 |
| cfg. (Since 4.14.0) | This indicates whether HSTS headers should be added in Server responses. When it is active, browsers will only connect to pages on the same sub-domain in HTTPS. Activate this unless other pages served under the same sub-domain are unsecured (HTTP instead of HTTPS). | true |
| cfg. (Since 4.14.0) | This indicates the time during which the browsers will remember to only use HTTPs for the Server responses (in seconds). Put in a small value at first such that if there is a mistake (or another site that is using HTTP and is not working), you can disable the HSTS and after some time, clients will be able to access the site in HTTP. If after initial deployment there are no errors, you can increase this value to a very long time. | 3600 |
| cfg. (Since 4.1.4) | Server host. | |
| cfg. (Since 4.3.0) | Turn on the German language | true |
| cfg. (Since 4.0.2) | Turn on the English language | true |
| cfg. (Since 4.0.8) | Turn on the Spanish language | true |
| cfg. (Since 4.0.2) | Turn on the French language | true |
| cfg. (Since 4.14.0) | Turn on the Italian language | true |
| cfg. (Since 4.17.0) | If set to "Yes", this configuration parameter will limit the verbosity of an authentication failure in the server logs. | true |
| cfg. (Since 2.1.0) | Log Level of S-Filer Server. When a problem occurs, the log file can be used to detect the problem cause. In normal operation, a Warning or Info Level is sufficient. When investigating a problem, use the Debug level to quickly and more deeply understand the cause. Leaving the Log level to DEBUG can decrease the system performance due to Disk access. | INFO |
| cfg. (Since 3.0.3) | Sender email address of the email notification system. | |
| cfg. (Since 3.0.3) | Name appearing as sender in email notification sent to users. | S-Filer Notification System |
| cfg. (Since 3.0.3) | Period of time (in minutes) during which the system will retry to send failed emails. After this period, the email is deleted without being sent. The frequency of the retries depends on the "Email Sender" schedule. | 2880 |
| cfg. (Since 3.0.3) | Address used when a scheduled event detects a problem with the system. | |
| cfg. (Since 4.13.0) | Language used when a scheduled event detects a problem with the system. | en |
| cfg. (Since 3.0.3) | Determines whether to use or not the basic authentication with the email server. | false |
| cfg. (Since 3.0.3) | Password used to access the email server. | |
| cfg. (Since 3.0.3) | User name used to access the email server. | |
| cfg. (Since 4.18.0) | This is the client identifier used to authenticate when retrieving an authentication token. For more details on this configuration, consult the SMTP OAuth2 article in the online documentation. | |
| cfg. (Since 4.18.0) | This is the client secret used to authenticate when retrieving an authentication token. For more details on this configuration, consult the SMTP OAuth2 article in the online documentation. | |
| cfg. (Since 4.18.0) | Determines whether to use or not the OAuth2 authentication with the email server. | false |
| cfg. (Since 4.18.0) | One or more scope values indicating to which resources access must be granted. For more details on this configuration, consult the SMTP OAuth2 article in the online documentation. | |
| cfg. (Since 4.18.0) | This URL is used to retrieve the authentication token that is needed to use the email server. For more details on this configuration, consult the SMTP OAuth2 article in the online documentation. | |
| cfg. (Since 4.18.0) | User name used to retrieve the authentication token. For more details on this configuration, consult the SMTP OAuth2 article in the online documentation. | |
| cfg. (Since 3.0.3) | IP address or Hostname of the email server. | |
| cfg. (Since 4.2.5) | Port of the email server. Default: 25 (unsecure port), 465 (SSL port), 587 (STARTTLS port) | 25 |
| cfg. (Since 3.0.3) | Protocol used to send Email. | smtp |
| cfg. (Since 4.2.5) | Use a secure connection to the mail server. | false |
| cfg. (Since 4.2.5) | Connect on an unsecure port and then ask the server to negotiate a secure connection to the mail server, often referred to as STARTTLS. Some servers (e.g. GMAIL) require both SSL and STARTTLS to work. | false |
| cfg. (Since 4.14.0) | Number of milliseconds after which the S-Filer server will stop waiting for the email server if it has not responded. | 60000 |
| cfg. (Since 3.0.3) | This AND/OR value determines how "Quick Send" permissions from many groups are combined for a user. When set to AND, all groups must give the permission. When set to OR, at least one group must give the permission. | OR |
| cfg. (Since 3.0.3) | Maximum length allowed for the Community IDs. Validated by S-Filer Server. | 128 |
| cfg. (Since 3.0.3) | Maximum length allowed for the Community Description. Validated by S-Filer Server. | 128 |
| cfg. (Since 4.0.0) | This value is the number of days that a disabled user will remain in the S-Filer system. After this number of days, the user will be deleted. If this value is less than or equal to 0, the system will not delete any disabled users. | 180 |
| cfg. (Since 3.0.3) | This AND/OR value determines how "Download" permissions from many groups are combined for a user. When set to AND, all groups must give the permission. When set to OR, at least one group must give the permission. | OR |
| cfg. (Since 4.0.0) | This value is the number of days until an inactive user account expires, it is then disabled. Users will no longer expire if this value is less than or equal to 0. Note that logging in with an account resets its inactivity period. | 180 |
| cfg. (Since 3.0.3) | This AND/OR value determines how IP address restrictions from many groups are combined for a user. When set to AND, all groups must allow the IP address. When set to OR, at least one group must allow the IP address. | OR |
| cfg. (Since 3.0.3) | This AND/OR value determines how "Upload" permissions from many groups are combined for a user. When set to AND, all groups must give the permission. When set to OR, at least one group must give the permission. | OR |
| cfg. (Since 3.0.3) | Maximum length allowed for user Folder Alias. Validated by S-Filer Server. | 128 |
| cfg. (Since 3.0.3) | Maximum length allowed for user Email Address. Validated by S-Filer Server. | 128 |
| cfg. (Since 3.0.3) | Maximum length allowed for user full name. Validated by S-Filer Server. | 128 |
| cfg. (Since 3.0.3) | Maximum length allowed for Username. Validated by S-Filer Server. | 128 |
| cfg. (Since 3.0.3) | Maximum length allowed for Group Description. Validated by S-Filer Server. | 128 |
| cfg. (Since 3.0.3) | Maximum length allowed for Group IP field. Validated by S-Filer Server. | 128 |
| cfg. (Since 4.1.4) | Server port | |
| cfg. (Since 4.1.4) | HTTPS protocol can be used. | |
| cfg. (Since 3.0.3) | Path to the Audit Transfer Report source file. | report/AuditsReport.xml |
| cfg. (Since 3.0.3) | Path to the Audit Transfer Report source file in CSV format. | report/AuditsReport_csv.xml |
| cfg. (Since 3.0.3) | Path to the Community Report source file. | report/CommunitiesReport.jrxml |
| cfg. (Since 3.0.3) | Path to the Group Report source file. | report/GroupsReport.jrxml |
| cfg. (Since 4.1.2) | Path to the System Audit Report source file. | report/SystemEventAuditsReport.xml |
| cfg. (Since 4.1.2) | Path to the System Audit Report source file in CSV format. | report/SystemEventAuditsReport_csv.xml |
| cfg. (Since 3.0.3) | Path to the User Report source file. | report/UsersReport.jrxml |
| cfg. (Since 3.0.3) | Determines whether the report engine should include events from Extensions. | true |
| cfg. (Since 3.0.3) | Logo image file that will be displayed in the PDF report. | etc/images/logo.jpg |
| cfg. (Since 4.15.0) | Whether the assignGroupToCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the assignUserToCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the assignUserToGroupREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the assignUserToShareByEmailREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the assignUserToShareByIdREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the changePasswordREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the completeTotpForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the countTasksREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the createAccessTokenForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the createCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the createGroupREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the createNotificationThemeREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the createShareREST API component is exposed. | false |
| cfg. (Since 4.18.0) | Whether the createTemplateREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the createTotpForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the createUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteAccessTokenForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteAccessTokensForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteGroupREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the deleteNotificationThemeREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the deleteShareREST API component is exposed. | false |
| cfg. (Since 4.18.0) | Whether the deleteTemplateREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteTotpForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteTotpsForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the deleteUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the downloadFromFileVersionIdREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the downloadFromNodeIdREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findAccessTokenForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findAccessTokensForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findCommunitiesREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findCommunitiesForGroupREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findCommunitiesForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findDomainsREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findGroupsREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findGroupsForCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findGroupsForUserREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the findNotificationThemeContentsREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the findNotificationThemesREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the findShareUsersREST API component is exposed. | false |
| cfg. (Since 4.18.0) | Whether the findStoragesREST API component is exposed. | false |
| cfg. (Since 4.18.0) | Whether the findTemplatesREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findTotpForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findTotpsForUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findUsersREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findUsersForCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the findUsersForGroupREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getFileInfoByNodeIdREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getFileVersionByFileVersionIdREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getGroupREST API component is exposed. | false |
| cfg. (Since 4.19.0) | Whether the getLicenseStatsREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the getNotificationThemeREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the getNotificationThemeContentREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the getShareREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the getSystemCapabilitiesREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getTaskByUuidREST API component is exposed. | false |
| cfg. (Since 4.18.0) | Whether the getTemplateREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getTransferContextByUploadIdREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getTransferStatsREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the getUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the listREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the lockUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the loginREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the logoutREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the mfaTotpValidateCodeREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the mfaValidateLongLivedTokenREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the mkdirREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the moveREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the queryUsersByRemainingSpaceREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the renameREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the resetUserPasswordREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the resolveREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the takeShareOwnershipREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the testNotificationREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the transferShareOwnershipREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the ttlREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the unassignGroupFromCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the unassignUserFromCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the unassignUserFromGroupREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the unassignUserFromShareREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the unlockUserREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the updateCommunityREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the updateGroupREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the updateNotificationThemeREST API component is exposed. | false |
| cfg. (Since 4.20.0) | Whether the updateNotificationThemeContentREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the updateShareREST API component is exposed. | false |
| cfg. (Since 4.18.0) | Whether the updateTemplateREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the updateUserREST API component is exposed. | false |
| cfg. (Since 4.17.0) | Whether the updateUserRoleInShareREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the uploadAnonymousHttpFileREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the uploadMembersHttpFileREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Whether the uploadNodeHttpFileREST API component is exposed. | false |
| cfg. (Since 4.15.0) | Indicates whether the REST API exposition filter is active. | false |
| cfg. (Since 4.15.0) | Provides an override for the default description in the REST API exposition. | |
| cfg. (Since 4.15.0) | Provides an override for the default title in the REST API exposition. | |
| cfg. (Since 4.1.2) | Send an email notification when the integrity check has failed. The email notification is sent to the address specified in the Email section. | true |
| cfg. (Since 4.3.0) | Audit will be kept for X number of days | 365 |
| cfg. (Since 4.3.0) | If Yes entries will be archived to a file. If No, they will be deleted. | false |
| cfg. (Since 4.3.0) | Archives files will be prefixed with entered value. | archive |
| cfg. (Since 4.1.2) | Activate the System Event Audit. Select "YES" to log the system events. | true |
| cfg. (Since 4.3.0) | Archives files will be written in this folder. | / |
| cfg. (Since 3.0.3) | Maximum number of days that a file can be present in the server. Use a value equal to or less than 0 to specify an unlimited duration. | 730 |
| cfg. (Since 4.1.0) | This is the default value for the number of downloads allowed for "Quick Send" transfers. A value below or equal to 0 will result in an unlimited number of downloads. | 1 |
| cfg. (Since 4.17.0) | Number of days a Community must be inactive before it is automatically deleted. The inactive Community cleanup will be disabled if this value is less than or equal to 0. Note that downloading or uploading a file in a Community resets its inactivity period and that a Community with an expiration date will never be deleted due to its inactivity period. | -1 |
| cfg. (Since 4.17.0) | Notification email will be sent to the administrators of a Community that is within this number of days of being automatically deleted because of its expiration date or inactivity period. The email notification will be disabled if this value is less than or equal to 0. | 7 |
| cfg. (Since 4.1.0) | Specify the number of minutes to wait before deleting expired files. | 120 |
| cfg. (Since 3.0.3) | Maximum number of days that a pending upload will be available for resume. | 7 |
| cfg. (Since 3.0.3) | Maximum number of days that an inactive file will stay on the system. Use a value equal to or less than 0 to specify an unlimited duration. | 365 |
| cfg. (Since 4.8.3) | This option indicates whether a system administrator can exceed the absolute retention period when setting a community retention period. Usually, the absolute retention period can never be exceeded, but this allows an exception to this rule. | false |
| cfg. (Since 3.0.3) | Absolute maximum number days before sending a notice to owner. | -1 |
| cfg. (Since 3.0.3) | Maximum number days before sending a notice to owner. | -1 |
| cfg. (Since 3.0.3) | During cleanup, this value determines how much data to manage at once. | 1000 |
| cfg. (Since 4.13.0) | Whether to allow the REST API users to use the "Quick Send" feature. This feature enables sending files to a user using his email address. | true |
| cfg. (Since 4.13.0) | Whether to allow the REST API users to transfer files using HTTPS (without end-to-end encryption). Since end-to-end encryption is not supported by the REST API, all transfers will be forbidden if this feature is disabled. | true |
| cfg. (Since 4.17.0) | Whether to allow the REST API users to use the "Share file" feature. This feature enables users to create "shares" in which they can invite other users to participate using their email address. | false |
| cfg. (Since 4.12.0) | Number of days a Share must be inactive before it is automatically deleted. The inactive Share cleanup will be disabled if this value is less than or equal to 0. Note that downloading or uploading a file in a Share resets its inactivity period and that a Share with an expiration date will never be deleted due to its inactivity period. | 180 |
| cfg. (Since 4.12.0) | Notification email will be sent to the administrators of a Share that is within this number of days of being automatically deleted because of its expiration date or inactivity period. The email notification will be disabled if this value is less than or equal to 0. | 7 |
| cfg. (Since 4.13.0) | S-Filer performs many tasks on background threads including the post-processing of files after transfers. This setting dictates the maximum backlog (in seconds) for tasks. When the backlog exceeds this value, transfers will be throttled by refusing some of them until the backlog drops below this threshold. | 30 |
| cfg. (Since 2.1.0) | Session timeout of the internal Jetty server. | 30000 |
| cfg. (Since 4.9.0) | The key used to secure the HTTPS connection to the server. | |
| cfg. (Since 4.6.1) | Determines how SSL/TLS ciphers are managed. S-Filer maintains a list of strong ciphers that will evolve over time. The 'Automatic' mode allows to enable only the strong ciphers from this list. For some older clients, weaker ciphers may need to be enabled because they don't support any of the strong ones. The 'JVM Default' mode results in all ciphers present on the JVM to be enabled. For a more fine-grained control, the 'Custom' mode allows to specify all the ciphers that must be enabled in the 'Custom SSL/TLS ciphers' parameter. | AUTOMATIC |
| cfg. (Since 4.17.0) | List of SSL/TLS ciphers (separated by comma) that will be enabled if the cipher management mode is 'Custom'. WARNING: Some ciphers specified in this list may not be available depending on the key type of the SSL/TLS private key. | TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 |
| cfg. (Since 4.19.0) | Determines if the SSL/TLS SNI host check is enabled. SNI (Server Name Indication) is an extension to the SSL/TLS protocol by which a client indicates which hostname it is attempting to connect to at the start of the connection process. If the SNI host check is enabled and the hostname of the server to which the client is trying to connect to is not found in the server certificate, the server returns an invalid SNI error. | true |