Skip to main content

Configuration reference

All properties use the prefix jeap.sse. The whole library is gated on jeap.sse.enabled; when it is false no auto-configuration, endpoint or Kafka listener is created. Defaults marked below come from jeap-sse-defaults.properties in the starter.

Core

NameDefaultDescription
jeap.sse.enabledtrueEnable or disable the whole SSE support (endpoint, heartbeat and Kafka producer/consumer)
jeap.sse.kafka.topicKafka topic the library publishes and consumes on. Convention: <system>-<applicationname>-notifyclient. Required

Web endpoint

NameDefaultDescription
jeap.sse.web.endpoint/ui-api/sse/eventsPath of the SSE (text/event-stream) endpoint clients subscribe to
jeap.sse.web.heartbeat.rateInMs5000Interval in milliseconds between HEARTBEAT events
jeap.sse.web.emitter.timeoutInMs600000Timeout in milliseconds applied to each SseEmitter

Authorization

Exactly one mode must be configured (see Authorization). Configuration is validated at startup by NotifyClientAuthorizationConfigurationValidator, which fails fast on ambiguous or empty combinations.

NameDefaultDescription
jeap.sse.web.insecure.enabledfalsePermit unauthenticated access to the endpoint. Development only; mutually exclusive with the auth properties below
jeap.sse.web.auth.roleSimple authorization: role the caller must hold (ServletSimpleAuthorization)
jeap.sse.web.auth.resourceSemantic authorization: resource the caller must be authorized for (with auth.operation)
jeap.sse.web.auth.operationSemantic authorization: operation the caller must be authorized for (with auth.resource)

Rules enforced by the validator:

  • If insecure.enabled is true, none of role, resource, operation may be set.
  • If insecure.enabled is false, at least one of role or (resource + operation) must be set.
  • resource and operation must be set together; combining them with role is rejected.

Example

jeap:
sse:
enabled: true
kafka:
topic: jme-declaration-service-notifyclient
web:
endpoint: /ui-api/sse/events
heartbeat:
rateInMs: 5000
emitter:
timeoutInMs: 600000
auth:
resource: declaration
operation: read