Security configuration
FEJ uses Spring Security for authentication purposes. Security configuration is stored in fej-security.xml
file.
In-Memory Authentication
By default, FEJ container uses simple in-memory authentication.
<sec:authentication-manager id="authenticationManager"> <sec:authentication-provider> <sec:user-service id="userDetailsService" properties="users.properties"/> </sec:authentication-provider> </sec:authentication-manager>
Users are stored in the external properties file named users.properties
. It contains single user test
with password test
and role ROLE_ADMIN
:
$ pwd /usr/share/fixedgej-1.0.0/conf $ cat users.properties test=test,ROLE_ADMIN,enabled
LDAP authentication
FEJ also supports authentication against an LDAP server.
Before getting deep into LDAP authentication, let’s get familiar with some LDAP terms.
Term | Description |
---|---|
Dn | Distinguished name, a unique name which is used to find user in LDAP server e.g. Microsoft Active Directory. |
Ou | Organization Unit. |
Bind | LDAP Bind is an operation in which LDAP clients sends bindRequest to LDAP user including username and password and if |
Search | LDAP search is the operation which is performed to retrieve Dn of user by using some user credentials. |
Root | LDAP directory’s top element, like root of a tree. |
BaseDn | a branch in LDAP tree which can be used as base for LDAP search operation. |
When the LDAP authentication option is activated, the default single user mode is turned off.
FIX Session configuration
FIX Antenna java is used for establishing and managing FIX sessions. But FEJ introduce per-file base configuration for each FIX session. All such configuration files are placed into subdirectories of session
directory and should follow s_fix_[SESSION_ID].properties
mask (this behaviour can be changed with 'sessionConfigManager' bean into fej-server.xml
). Additional each subfolder may have SESSION_GROUP_s_fixDefault.properties
configuration file which define common option for all group of FIX sessions.
Main options for FIX session(advanced options for FIX session you can find on FIX Antenna Java configuration page):
Property name | Default value | Description |
---|---|---|
sessionType | acceptor | Session type. If type is not defined then session will be resolved as acceptor. Valid values: acceptor/initiator. |
host | The connecting host for initiator session | |
port | The connecting port for initiator session | |
senderCompID | Assigned value used to identify firm sending message | |
senderSubID | Assigned value used to identify specific message originator (desk, trader, etc.) | |
senderLocationID | Assigned value used to identify specific message originator’s location (i.e. geographic location and/or desk, trader) | |
targetCompID | Assigned value used to identify receiving firm | |
targetSubID | Assigned value used to identify specific individual or unit intended to receive message | |
targetLocationID | Assigned value used to identify specific message destination’s location (i.e. geographic location and/or desk, trader) | |
fixVersion | Version of the FIX protocol | |
appVersion | ||
backupHost | Backup host for initiator session | |
backupPort | Backup port for initiator session | |
incomingSequenceNumber | 0 | Incoming sequence number |
outgoingSequenceNumber | 0 | Outgoing sequence number |
processedIncomingSequenceNumber | 0 | Last valid incoming sequence number |
heartbeatInterval | 30 | Heartbeat interval (in seconds) |
lastSeqNumResetTimestamp | ||
fixFieldList | User defined fields for messages. If this list is not empty, Engine add it to each outgoing message. | |
outgoingLoginFixFieldList | Additional fields for outgoing Logon message | |
groups | Comma-separated list of routing groups |
Routing Rules Configuration
FIX Edge Java provides an RoutingRule
unit as an abstraction for internal message routing element. FEJ supports pure Java and Groovy implementations for routing rules.
RoutingRule requires few components for its instantiation:
public RoutingRule(java.lang.String description, SourceCondition sourceFilter, RuleCondition contectFilter, RuleAction action)
- description - String with free test description of the rule
- source filter - check if this rule should be applied to messages from certain source. This filter was added as a separate with propose of the optimization process. Such filter can be applied on a static basis without addition effect in runtime. Source filter is
SourceCondition
implementation and can be null if you’d like to ignore it.
- context filter - dynamic filter, which can check at the same time appliance of this rule depends on message content and source attributes. Context filter is
RuleCondition
implementation and can be null if you’d like to ignore it.
- action - implementation of
RuleAction
which describes the main goal of this rule. It can be transformation, modification or just resending to the required destination.
Sample of routing rule:
import com.epam.fej.routing.RoutingContext import com.epam.fej.routing.rules.RoutingRule import com.epam.fej.routing.rules.RuleAction import com.epam.fej.routing.rules.RuleCondition import static com.epam.fej.routing.CustomRoutingRules.getDefaultRules import static com.epam.fej.routing.CustomRoutingRules.getRejectionRule RoutingContext rc = routingContext as RoutingContext; [ new RoutingRule( // rule description "some Rule", //source filter - ignore for this rule null, // context filter - apply this rule for New Order - Single (D) messages { ctx -> ctx.getMessage().getTagValueAsString(35) == "D" } as RuleCondition, // action for rule - resend message to all session within same group // and stop message processing { ctx -> rc.getDestinationsByGroup(ctx.sourceParams.groups).each { adapter -> adapter.send(ctx.message) ctx.exit() } } as RuleAction), // append system rejection rules for not processed messages getRejectionRule(rc) ]
Logging configuration
FEJ uses Log4j 2 as a logging framework. Its configuration is stored in log4j2.xml
file. For more information about configuration please refer Log4j 2 official documentation.
Administrative shell configuration
Shell configuration properties are stored in shell.properties
file.
Name | Default value | Description |
---|---|---|
crash.auth | spring | Authentication mechanism |
crash.ssh.port | 2000 | SSH server port |
crash.ssh.auth_timeout | 300000 | Authentication timeout of the SSH server (in milliseconds) |
crash.ssh.idle_timeout | 300000 | Idle timeout of the SSH server (in milliseconds) |
crash.ssh.default_encoding | UTF-8 | Character encoding |
FEJ uses Java shell called ‘CRaSH’. For more information about it configuration properties please refer to the CRaSH reference documentation.
Wrapper configuration
FEJ uses YAJSW to run the application as a Windows Service or UNIX Daemon. It configuration is stored in wrapper.onf
file. Please refer to the YAJSW reference documentation for more information about available configuration properties.