Configuration - CSE Settings
The CSE settings are used to configure the CSE's general behavior, security settings, and statistics collection.
General Settings
Section: [cse]
These settings are used to configure basic settings and the general behavior of the CSE.
| Setting | Description | Default |
|---|---|---|
| asyncSubscriptionNotifications | Enable or disable asynchronous notification for normal runtime subscription notifications. | true |
| checkExpirationsInterval | Interval to check for expired resources. 0 means "no checking". | 60 seconds |
| cseID | The CSE ID. A CSE-ID must start with a /. | id-in |
| defaultSerialization | Indicate the serialization format if none was given in a request and cannot be determined otherwise. Allowed values: json, cbor. |
json |
| enableRemoteCSE | Enable remote CSE registration and checking. See also command line arguments –-remote-cse and -–no-remote-cse. |
true |
| enableResourceExpiration | Enable resource expiration. If disabled resources will not be expired when the "expirationTimestamp" is reached. | true |
| enableSubscriptionVerificationRequests | Enable or disable verification requests when creating a new subscription. | true |
| flexBlockingPreference | Indicate the preference for flexBlocking response types. Allowed values: "blocking", "nonblocking". | blocking |
| idLength | This setting specifies the length of resource IDs generated by the CSE. This value can be increased or decreased as needed. A greater length increases the uniqueness of the resource ID, but also increases its size. This could be be relevant for the overall size of requests and responses. |
10 |
| maxExpirationDelta | Default and maximum expirationTime allowed for resources in seconds. | 60*60*24*365*5 = 157680000 seconds = 5 years |
| originator | Admin originator for the CSE. | CAdmin |
| poa | Set the CSE's point-of-access. This is a comma-separated list of URLs. | The configured HTTP server's address. |
| releaseVersion | The release version indicator for requests. Allowed values: see setting of supportedReleaseVersions. | 4 |
| requestExpirationDelta | Expiration time for requests sent by the CSE in seconds. | 10.0 seconds |
| resourceID | The \ |
id-in |
| resourceName | The CSE's resource name or CSE-Name. | cse-in |
| resourcesPath | Directory of the CSE's init directory that hosts resources, policies, and other settings to import. See also command line argument –-init-directory. |
${basic.config:initDirectory} |
| sendToFromInResponses | Indicate whether the optional "to" and "from" parameters shall be sent in responses. | true |
| serviceProviderID | The CSE's service provider ID. | acme.example.com |
| sortDiscoveredResources | Enable alphabetical sorting of discovery results. | true |
| supportedReleaseVersions | A comma-separated list of supported release versions. This list can contain a single or multiple values. | 2a,3,4,5 |
| type | The CSE type. Allowed values: IN, MN, ASN. | IN |
Operation - Jobs
Section: [cse.operation.jobs]
These settings are used to configure the CSE's job and thread management. Jobs are used to handle asynchronous tasks like resource expiration, resource announcements, and other tasks.
| Setting | Description | Default |
|---|---|---|
| balanceTarget | Thread Pool Management: Target balance between paused and running jobs (n paused for 1 running threads). | 3.0 |
| balanceLatency | Thread Pool Management: Number of get / create requests for a new thread before performing a balance check. A latency of 0 disables the thread pool balancing. | 1000 |
| balanceReduceFactor | Thread Pool Management: The factor to reduce the paused jobs (number of paused / balanceReduceFactor) in a balance check. Example: a factor of 2.0 reduces the number of paused threads by half in a single balance check. |
2.0 |
Operation - Requests
Section: [cse.operation.requests]
These settings are used to configure the CSE's internal request recording.
| Setting | Description | Default |
|---|---|---|
| enable | Enable request recording. | False |
| size | Maximum number of requests to be stored. Oldest requests will be deleted when this threshold is reached. Note, that a large number of requests might take a moment to be displayed in the console or UIs. | 250 |
General Security
Section: [cse.security]
These settings are used to configure the CSE's security settings.
| Setting | Description | Default |
|---|---|---|
| secret | The main secret key used for seeding hash functions and encryption. | The string "acme". Should be changed. |
| enableACPChecks | Enable access control checks. | True |
| fullAccessAdmin | Always grant the admin originator full access (bypass access checks). | True |
Statistics
Section: [cse.statistics]
These settings are used to configure the CSE's internal statistics collection and reporting.
| Setting | Description | Default |
|---|---|---|
| enable | This setting enables or disables the CSE's statistics collection and reporting. | True |
| writeInterval | This setting specifies the pause, in seconds, between writing the collected statistics to the database. | 60 seconds |
Registration Configurarions
CSE Registration
Section: [cse.registration]
These settings are used to configure the CSE's internal registration behaviour, but also set the allowed originators for AE and CSR registrations.
| Setting | Description | Default |
|---|---|---|
| allowedAEOriginators | List of AE originators that can register. This is a comma-separated list of originators. Wildcards (* and ?) are supported. | C*, S* |
| allowedCSROriginators | List of CSR originators that can register. This is a comma-separated list of originators. Wildcards ( and ?) are supported. Note: CSE-IDs must not* have a leading "/". |
empty list |
| checkLiveliness | Check the liveliness of the registrations to the registrar CSE and also from the registree CSEs. | True |
Registrar CSE Access
Section: [cse.registrar]
These settings are used to configure the address, access and general behavior to a Registrar CSE.
| Setting | Description | Default |
|---|---|---|
| address | URL of the Registrar CSE. | no default |
| root | Registrar CSE root path. Never provide a trailing /. | empty string |
| cseID | CSE-ID of the Registrar CSE. A CSE-ID must start with a /. | no default |
| resourceName | The Registrar CSE's resource name. | no default |
| INCSEcseID | The CSE-ID of the Infrastructure CSE at the top of the deployment tree. | /id-in |
| serialization | Specify the serialization type that must be used for the registration to the registrar CSE. Allowed values: json, cbor |
json |
| checkInterval | This setting specifies the pause in seconds between tries to connect to the configured registrar CSE. This value is also used to check the connectivity to the registrar CSE after a successful registration. | 30 seconds |
| excludeCSRAttributes | Comma separated list of attributes that are excluded when creating a registrar CSR. | empty list |
Registrar CSE Security
Section: [cse.registrar.security]
| Setting | Description | Default |
|---|---|---|
| httpUsername | The username used for the Registrar CSE authentication via http if basic authentication is enabled for the Registrar CSE. | empty string |
| httpPassword | The password used for the Registrar CSE authentication via http if basic authentication is enabled for the Registrar CSE. | empty string |
| httpBearerToken | The authentication token used for the Registrar CSE authentication via http if bearer token authentication is enabled for the Registrar CSE. | empty string |
| wsUsername | The username used for the Registrar CSE authentication via WebSocket if basic authentication is enabled for the Registrar CSE. | empty string |
| wsPassword | The password used for the Registrar CSE authentication via WebSocket if basic authentication is enabled for the Registrar CSE. | empty string |
| wsBearerToken | The authentication token used for the Registrar CSE authentication via WebSocket if bearer token authentication is enabled for the Registrar CSE. | empty string |
| poaCredentialsFile | The filename of the credential file for the reverse Registrar CSE authentication via http or WebSocket. This file contains a mapping between CSE-IDs and username/password credentials. These credentials are used for the authentication by the remote CSE to this CSE. The credentials will be added to the URLs of the poa attribute of the remoteCSE resource. The format is one line per CSE-ID with the format "CSE-ID:username:password". See Authentication between CSEs |
${basic.config:baseDirectory}/certs/acme_poa_credentials.txt |
Resource Announcements
Section: [cse.announcements]
These settings are used to configure the behavior of resource announcements. They control mainly internal CSE behaviour and are not directly related to the oneM2M standard.
| Setting | Description | Default |
|---|---|---|
| checkInterval | Wait n seconds between tries to announce resources to registered remote CSE. | 10 seconds |
| allowAnnouncementsToHostingCSE | Allow resource announcements to the own hosting CSE. | True |
| delayAfterRegistration | Specify a short delay in seconds before starting announcing resources after a remote CSE has registered at the hosting CSE. | 3 seconds |