Application Settings.7.3 and earlier version

The Application Setting

The API has a few application settings available, allowing some input on how the API should operate.

appSettings

SafranWebApiAuthenticationType

• This allows specifying which authentication types to use.
• This is related to the "Security" part of the API.

SafranWebAPIUsers

• This allows specifying the user to be verified in the Active Directory when using the "Kerberos Authentication."
• This is also related to the "Security" part of the API.

SafranWebAPIOwnerVerificationDuringApiCalls

• Allows for an added level of validation before updating or retrieving data from the API.
• Valid values for the setting are "true" and "false".
• If the setting is "true", most API calls require an additional parameter to be provided. The parameter is "owner" and takes a string. The API will then verify the provided Owner is the actual owner of the Project details. If that is the case, the details are provided; otherwise, the call will be rejected with code 401 - Unauthorized. The owner is a Safran User.
• If the setting is "false", no validation is performed by the API.

/v1/activities?owner=safransa&network_id=1

Tracing

• Allows for tracing and logging of the system execution. Please see the separate chapter, "Tracing", for more details.
  
  

<appSettings>
  ...
  <!-- domain\ADgroup or just ADgroup (then users current domain is assumed) -->
  <add key="SafranWebApiUsers" value="SafranWebApiUsers" />
  <!-- Use "None" for no authentication, "Basic" for basic database 'user' table authentication, or "Kerberos" for Kerberos Windows Active Directory authentication-->
  <add key="SafranWebApiAuthenticationType" value="None" />
  <!-- Use True to verify that given owner in a API call matches the owner of the network. Use False to not use this functionality -->
  <add key="SafranWebAPIOwnerVerificationDuringApiCalls" value="true"/>
</appSettings>

Very long URL support

If there is a need for a very long URL support, the following settings need to be updated. Also, notice that the web browser or the internet object accessing the Safran API solution might also have a limitation.

If you do not wish to support longer URLs, leave the "web.config" file as is without altering the below details.

system.web

Within the web.config file, there is an element "system.web" with the element "httpRuntime", which holds an attribute "maxQueryStringLenght".

maxQueryStringLength

The default value of "maxQueryStringLenght" is 2048; for longer URL support, this could be increased to 8192.

<!-- The details below is just a sample and might differ on your installation -->
<system.web>
  <compilation debug="true" targetFramework="4.5" />
  <httpRuntime targetFramework="4.5" maxQueryStringLength="8192" />
  <authentication mode="Windows"></authentication>
</system.web>

system.webServer

Within the web.config file, there is an element "system.webServer" with the element "security", "requestFiltering", and "requestLimits", which hold an attribute "maxQueryString".

maxQueryString

The default value of "maxQueryString" is 2048; for longer URL support, this could be increased to 8192.

<!-- The details below is just a sample and might differ on your installation -->
<system.webServer>
  <modules>
    ...
  </modules>
  <handlers>
    ...
  </handlers>
  <security>
    <requestFiltering>
      <requestLimits maxQueryString="8192" />
    </requestFiltering>
  </security>
</system.webServer>

Assembly Binding

Binding for Newtonsoft.Json

As the API has been updated to use a newer Newtonsoft.Json package, the "web.config" file might need a new entry.

Within the web.config file, there is an element "runtime" with the element "assemblyBinding" Add a new element "dependentAssembly" as outlined in the code below:

<dependentAssembly>
  <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
  <bindingRedirect oldVersion="0.0.0.0-13.0.0.0" newVersion="13.0.0.0" />
</dependentAssembly>