Security configuration
FEJ uses Spring Security for authentication purposes. Security configuration is stored in fej-security.xml
file.
In-Memory Authentication
By default, FEJ container uses simple in-memory authentication.
<sec:authentication-manager id="authenticationManager"> <sec:authentication-provider> <sec:user-service id="userDetailsService" properties="users.properties"/> </sec:authentication-provider> </sec:authentication-manager>
Users are stored in the external properties file named users.properties
. It contains single user test
with password test
and role ROLE_ADMIN
:
$ pwd /usr/share/fixedgej-1.0.0/conf $ cat users.properties test=test,ROLE_ADMIN,enabled
LDAP authentication
FEJ also supports authentication against an LDAP server.
Before getting deep into LDAP authentication, let’s get familiar with some LDAP terms.
Term | Description |
---|---|
Dn | Distinguished name, a unique name which is used to find user in LDAP server e.g. Microsoft Active Directory. |
Ou | Organization Unit. |
Bind | LDAP Bind is an operation in which LDAP clients sends bindRequest to LDAP user including username and password and if |
Search | LDAP search is the operation which is performed to retrieve Dn of user by using some user credentials. |
Root | LDAP directory’s top element, like root of a tree. |
BaseDn | a branch in LDAP tree which can be used as base for LDAP search operation. |
When the LDAP authentication option is activated, the default single user mode is turned off.
FIX Session configuration
FIX Antenna java is used for establishing and managing FIX sessions. But FEJ introduce per-file base configuration for each FIX session. All such configuration files are placed into subdirectories of session
directory and should follow s_fix_[SESSION_ID].properties
mask (this behaviour can be changed with 'sessionConfigManager' bean into fej-server.xml
). Additional each subfolder may have SESSION_GROUP_s_fixDefault.properties
configuration file which define common option for all group of FIX sessions.
Main options for FIX session(advanced options for FIX session you can find on FIX Antenna Java configuration page):
Property name | Default value | Description |
---|---|---|
sessionType | acceptor | Session type. If type is not defined then session will be resolved as acceptor. Valid values: acceptor/initiator. |
host | The connecting host for initiator session | |
port | The connecting port for initiator session | |
senderCompID | Assigned value used to identify firm sending message | |
senderSubID | Assigned value used to identify specific message originator (desk, trader, etc.) | |
senderLocationID | Assigned value used to identify specific message originator’s location (i.e. geographic location and/or desk, trader) | |
targetCompID | Assigned value used to identify receiving firm | |
targetSubID | Assigned value used to identify specific individual or unit intended to receive message | |
targetLocationID | Assigned value used to identify specific message destination’s location (i.e. geographic location and/or desk, trader) | |
fixVersion | Version of the FIX protocol | |
appVersion | ||
backupHost | Backup host for initiator session | |
backupPort | Backup port for initiator session | |
incomingSequenceNumber | 0 | Incoming sequence number |
outgoingSequenceNumber | 0 | Outgoing sequence number |
processedIncomingSequenceNumber | 0 | Last valid incoming sequence number |
heartbeatInterval | 30 | Heartbeat interval (in seconds) |
lastSeqNumResetTimestamp | ||
fixFieldList | User defined fields for messages. If this list is not empty, Engine add it to each outgoing message. | |
outgoingLoginFixFieldList | Additional fields for outgoing Logon message | |
groups | Comma-separated list of routing groups |
Logging configuration
FEJ uses Log4j 2 as a logging framework. Its configuration is stored in log4j2.xml
file. For more information about configuration please refer Log4j 2 official documentation.